Augment WEP with WiFi-tolerant VPN

Augment WEP with WiFi-tolerant VPN

What is your opinion of the level of security protection offered by these vendors who are marketing wireless devices for the home or campus environment that follow the 802.11b standard? Also, what are your thoughts on the existing WEP capabilities? How easy is it to intercept traffic and interpret the info by someone just getting within 100 meters of a wireless network?

    Requires Free Membership to View

    Login

    By submitting your registration information to SearchNetworking.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchNetworking.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

My opinion is that WEP is not (nor was it meant to be) a complete security solution for WiFi. It needs to be augmented by a WiFi-tolerant VPN solution. The best way to secure it today is to first put an IPSEC VPN gateway behind the WAP. Next, you configure the gateway to only accept inbound/outbound IPSEC traffic (use IKE for JFK for key negotiation). Finally you install a VPN client/s on the machine/s that want access to your network. What this guarantees is that a VPN tunnel will have to be established before a user can access your network over the wireless access point and that an IPSEC tunnel will always be present for the duration of the session.

This was first published in December 2001