Users want their WLANs. And no wonder, given the convenience and mobility, not to mention the coolness factor. But unless you're in an industry like retail, education or health care, which have gone wireless in a big way, your users may be having a hard time swaying you. Before they resort to building bizarre, elaborate contraptions to hide their access points, consider this: It is possible to build a secure wireless LAN. Not easy, but possible.

When we looked at this subject in June 2002, we said the industry was close to overcoming the security problem. We were partly right. Although plenty of you have implemented secure enterprise WLANs, trade-offs abound. The IEEE's new security standards aren't fully baked, and even when they arrive later this year, they won't be trivial to implement. If you go with existing security standards, such as VPNs, you may not be able to deliver seamless mobility. You can choose a security overlay that provides significant flexibility (no VPN required, greater mobility), but then you'll have another element to manage.

By Dave Molta at NWC.

[ Read more ]

Related items

• Article: Increasing Security Awareness: Visualizing WEP Insecurity (3 March 2004)
• Article: Interview with Jon Edney, author of "Real 802.11 Security" (18 December 2003)
• Review: Wireless Hacks (12 December 2003)
• Review: Real 802.11 Security: Wi-Fi Protected Access and 802.11i (3 November 2003)
• Review: 802.11 Security (3 October 2003)
• Article: Wireless Security: Preventing Your Data From Vanishing Into Thin Air (16 September 2003)
• Review: Installing, Troubleshooting, and Repairing Wireless Networks (5 September 2003)
• Review: Building Secure Wireless Networks with 802.11 (28 August 2003)
• Review: How Secure is Your Wireless Network? Safeguarding Your Wi-Fi LAN (22 August 2003)
• Article: Lack of Security at Wireless Conferences (6 August 2003)
• Review: WiFi Security (9 July 2003)
• Review: Wireless Security End to End (4 June 2003)
• Review: The Complete Wireless Internet and Mobile Business Programming Training Course (28 May 2003)
• Review: Deploying License-Free Wireless Wide-Area Networks (14 May 2003)
• Article: Positive Identification in a Wireless World (6 May 2003)
• Article: Warchalking and Other Wireless Worries (3 April 2003)
• Article: How to Make Wireless Networks Secure (26 March 2003)
• Article: Interview with Cyrus Peikari, CEO of AirScanner Mobile Security (24 February 2003)
• Review: Maximum Wireless Security (17 February 2003)
• Article: Detecting Wireless LAN MAC Address Spoofing (22 January 2003)
• Article: Avoid Wireless LAN Security Pitfalls (17 January 2003)
• Article: Interview with Jay Chaudhry, CEO of AirDefense (7 January 2003)
• Review: Wireless Security and Privacy: Best Practices and Design Techniques (17 December 2002)