Securing your wireless network: Preventing wireless security threats

This mini learning guide helps enterprise information security managers and executives develop a better understanding of wireless network security and learn why investing time and resources in securing your wireless network can help thwart security threats, such as war driving and password cracking.

Without adequate safeguards in place, enterprise wireless networks can expose a corporate network to several wireless security threats and potential attacks, and increasing an organization's IT risk posture. For those reasons, it is essential for every enterprise to have a thorough understanding on the importance of securing wireless networks in order to mitigate wireless security risk.

This mini learning guide helps enterprise information security managers and executives develop a better understanding of wireless network security and why investing time and resources in securing your wireless network can help thwart threats, such as war driving and password cracking. Readers will also learn several other related wireless security best practices, such as how to develop a wireless security policy and how to achieve compliance with the Payment Card Industry Data Security Standards (PCI DSS) wireless security guidelines.

Video: Setting up a secure wireless network

Securing your wireless network requires careful consideration. Services have to be readily available for the entire workforce, and network bandwidth needs to be sufficient for users' needs. Inbound and outbound security policies must be created to handle unauthenticated guest user access, and security teams have to invest in the appropriate technology, like WLAN switches, firewalls and intrusion detection systems.

In this four-part video series, learn the basics of building a solid infrastructure and the phases of a secure wireless network setup. Learn the policies, technologies and standards that are absolutely essential in providing usability, availability and security to the enterprise network.

Wireless network security best practices

It's official: Wireless networks have become the norm in corporations around the globe. But the question is: What security measures need to be put in place to prevent malware from infiltrating and exploiting those wireless networks?

In these four Wireless Lunchtime Learning Security School lessons, Lisa Phifer lays out all you'll need to know to create and maintain a secure wireless network.

Securing your wireless network by developing a better understanding Wi-Fi threats

Interested in taking your enterprise wireless, or securing the wireless network you already have? Look no further. In this first of a four-part Wireless Lunchtime Learning video series, Lisa Phifer explains wireless network security and Wi-Fi threats, including some common attacks, such as a man-in-the-middle attacks, that can cripple wireless LANs. Then she explains how to create a wireless security policy that can thwart these threats.

Creating secure WLANs

Creating a secure wireless network begins by building the wireless LAN infrastructure. But today's products implement a variety of Wi-Fi security standards, so how do you know which to choose: WEP or WPA or WPA2?

For more information on wireless network security:

Discover the difference between overlay and embedded WIPSes so that you can choose the one that best fits your network and security needs. 

Learn more about PCI DSS requirements for protecting transaction data on enterprise Wi-Fi networks

Learn about the dangers of using radio frequency identification (RFID) tags.

In the second video of the Wireless Lunchtime Learning series, Lisa Phifer of Core Competence Inc. explains how to create a secure WLAN for your enterprise, including WLAN implementation best practices, WEP security versus WPA security, and 802.1x enterprise security.

Securring wireless access

In this third part of the Wireless Lunchtime Learning Security School, learn how to create secure Wi-Fi access, including secure wireless access point configuration, information on Wi-Fi captive portals, the pros and cons of a preshared key, as well as EAP and PEAP authentication.

Securely implementing wireless IPS

Wireless intrusion prevention systems have become standard operating procedure in corporate networks, including those without formal Wi-Fi deployment. From enforcing "no wireless" policies to blocking unauthorized sessions, these systems help companies see what's happening in their WLANs and provide tools to take corrective action.

This fourth video of the Wireless Lunchtime Learning Security School describes the role of WIPS in WLAN security, the features commonly provided by WIPS, and how WIPS differ from (and complement) their wired network counterparts.

How to reduce wireless driver security vulnerabilities

So, you have your up-to-date antivirus software with personal firewalls and antispam, antispyware and privacy control features. However, not having the latest device drivers installed can represent a significant flaw in an enterprise wireless security strategy.

In this expert response, information security threats expert, Ed Skoudis, explores how to ensure complete wireless security and how to reduce wireless driver security threats and vulnerabilities.

Wireless network guidelines for PCI DSS compliance

In July 2009, the PCI Security Standards Council released its PCI DSS Wireless Guidelines (.pdf), which provides details on how organizations that use Wi-Fi networks can ensure they comply with the PCI DSS requirements. While the PCI DSS specification provided the base details, many organizations found they needed more specifics on how WLANs affect PCI DSS compliance.

In this tip, contributor Ben Rothke examines the key points of the PCI DSS wireless network guidelines and offers additional advice for organizations with existing Wi-Fi networks.

This was last published in February 2010

Dig Deeper on Wireless network security