The inadequacy of the Wired Equivalent Privacy protocol has delayed widespread adoption of wireless LANs in many corporations. While most network administrators and end users understand the productivity benefits of cutting the Ethernet cord, most worry about the risk of doing so.

WLANs expose a network and hence, from a security perspective, must be treated like access networks rather than core enterprise networks. When corporate users connect through a LAN switch or hub, there is an assumption that they already are trusted users. IT might or might not use a protocol such as 802.1X or RADIUS for additional authentication.

To help address this gap in WLANs, the IEEE 802.11 Working Group instituted Task Group i to produce a security upgrade for the 802.11 standard. 802.11i is building the standard around 802.1X port-based authentication for user and device authentication. The 802.11i standard, which isn't expected to be complete until later this year, includes two main developments: Wi-Fi Protected Access (WPA) and Robust Security Network (RSN).

[ Read more ]

Comment:

For all your wireless security information needs, visit the Wireless outside articles section of HNS.

Related items

• Review: Deploying License-Free Wireless Wide-Area Networks (14 May 2003)
• Article: Positive Identification in a Wireless World (6 May 2003)
• Article: Warchalking and Other Wireless Worries (3 April 2003)
• Article: How to Make Wireless Networks Secure (26 March 2003)
• Article: Interview with Cyrus Peikari, CEO of AirScanner Mobile Security (24 February 2003)
• Review: Maximum Wireless Security (17 February 2003)
• Article: Detecting Wireless LAN MAC Address Spoofing (22 January 2003)
• Article: Avoid Wireless LAN Security Pitfalls (17 January 2003)
• Article: Interview with Jay Chaudhry, CEO of AirDefense (7 January 2003)
• Review: Wireless Security and Privacy: Best Practices and Design Techniques (17 December 2002)