Ask the Expert

Will WPA2-PSK keep wireless networks safe from war drivers?

We plan to secure our small business wireless network using WPA2-PSK. Does this keep us safe from war drivers? Are there other things we need to do?

    Requires Free Membership to View

This depends on what you mean by safe. Being in the security business I tend to be skeptical of any one single protection. I prefer defense in depth. Think of your bank as an example: strong, layered security: guards, cameras, locks, safes, etc. Deploying many layers of security makes it much harder for an attacker to overcome the combined security mechanisms. This is the concept of defense-in-depth. It is about building security in layers. If one layer is breached, you have multiple layers beneath it to continue protecting the assets of your organization. Defense-in-depth is about finding a balance between the protection cost and the value of the informational asset.

Here are a few basic ideas to get you thinking. Make sure the access point is physically secure so that no one can physically touch the device. Consider limiting what MAC addresses can connect to the AP. A frequent provisioning for guest access is to place the guest AP in the DMZ. Whether or not employees should be placed in the DMZ depends on the needs and philosophies of the corporation. Proper security and need for rapid communication usually requires users to attach APs as trusted. Perform a site survey to determine that AP is properly placed. Also don't forget to consider that you AP may not be the only one. Their might also be rogue AP's that others have connected to the network. I hope this gives you some ideas to get started.

This was first published in February 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: