Wi-Fi Protected Access (WPA) improvements to 802.11 security were announced last fall and are starting to emerge...
in products. As of 2/24/03, the Wi-Fi Alliance has not yet announced successful certification of WPA-compliant products, but you can expect this in the next couple of months. With WPA, the most significant vulnerabilities in the original 802.11 standard and WEP have been corrected. Does that mean WPA is perfect? Of course not. Security standards for any technology are always improving. WPA makes much better use of the encryption engine found in today's WLAN products, but experts readily admit it isn't the solution they would want if they were starting with a clean slate. For an even better combination of robust security and efficiency, look to products that implement IEEE 802.11i advanced security measures next year.
Even when 802.11i is completed, it will only address link-layer security - that is, controlling access to the WLAN itself and preventing eavesdropping and modification of frames over the air. True network security requires much more ? you'll still need firewalls to separate the WLAN from wired networks, authentication servers to verify wireless client identity, intrusion detection systems to spot potential attacks, etc. My point is that airlink security, whether based on WEP, WPA, or 802.11i, will never be enough for a "secure network."
Related Q&A from Lisa Phifer
The enterprise mobility management market for wearable devices is in its infancy, but IT can still use existing EMM tools to manage wearables.continue reading
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert Lisa A. Phifer explains why you shouldn't stop using 802.1X authentication methods for enterprise WLAN access control.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.