Wi-Fi Protected Access (WPA) improvements to 802.11 security were announced last fall and are starting to emerge in products. As of 2/24/03, the Wi-Fi Alliance has not yet announced successful certification of WPA-compliant products, but you can expect this in the next couple of months. With WPA, the most significant vulnerabilities in the original 802.11 standard and WEP have been corrected. Does that mean WPA is perfect? Of course...
not. Security standards for any technology are always improving. WPA makes much better use of the encryption engine found in today's WLAN products, but experts readily admit it isn't the solution they would want if they were starting with a clean slate. For an even better combination of robust security and efficiency, look to products that implement IEEE 802.11i advanced security measures next year.
Even when 802.11i is completed, it will only address link-layer security - that is, controlling access to the WLAN itself and preventing eavesdropping and modification of frames over the air. True network security requires much more ? you'll still need firewalls to separate the WLAN from wired networks, authentication servers to verify wireless client identity, intrusion detection systems to spot potential attacks, etc. My point is that airlink security, whether based on WEP, WPA, or 802.11i, will never be enough for a "secure network."
Dig Deeper on Wireless LAN Implementation
Related Q&A from Lisa Phifer, Wireless Networking Expert
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert, Lisa Phifer explains that it may not be worth enhancing Wi-Fi ad hoc mode since Wi-Fi Direct is a better alternative for enabling ...continue reading
Wireless expert Lisa Phifer responds to a question regarding a Mi-Fi and Android smartphone mobile hotspot comparison. She provides an in depth ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.