Q

Will WPA2-PSK keep wireless networks safe from war drivers?

Will WPA2-PSK keep wireless networks safe from war drivers? Find out from network security expert Michael Gregg.

This Content Component encountered an error

We plan to secure our small business wireless network using WPA2-PSK. Does this keep us safe from war drivers? Are there other things we need to do?

This depends on what you mean by safe. Being in the security business I tend to be skeptical of any one single protection. I prefer defense in depth. Think of your bank as an example: strong, layered security: guards, cameras, locks, safes, etc. Deploying many layers of security makes it much harder for an attacker to overcome the combined security mechanisms. This is the concept of defense-in-depth. It is about building security in layers. If one layer is breached, you have multiple layers beneath it to continue protecting the assets of your organization. Defense-in-depth is about finding a balance between the protection cost and the value of the informational asset.

Here are a few basic ideas to get you thinking. Make sure the access point is physically secure so that no one can physically touch the device. Consider limiting what MAC addresses can connect to the AP. A frequent provisioning for guest access is to place the guest AP in the DMZ. Whether or not employees should be placed in the DMZ depends on the needs and philosophies of the corporation. Proper security and need for rapid communication usually requires users to attach APs as trusted. Perform a site survey to determine that AP is properly placed. Also don't forget to consider that you AP may not be the only one. Their might also be rogue AP's that others have connected to the network. I hope this gives you some ideas to get started.

This was first published in February 2008

Dig deeper on WLAN Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close