Home > Ask the Networking Experts > Questions & Answers > How secure is WLAN?
Ask The Networking Expert: Questions & Answers
EMAIL THIS

How secure is WLAN?

Lisa Phifer EXPERT RESPONSE FROM: Lisa Phifer

Pose a Question
Other Networking Categories
Meet all Networking Experts
Become an Expert for this site
>
QUESTION POSED ON: 25 February 2003
How soon (if ever) will we enjoy 'secure' WLAN? And how secure is that?

>
Security, like beauty, is in the eye of the beholder. Whether a LAN can be considered a "secure WLAN" depends upon the organization using the LAN, the value of the data being transferred, and the consequences of unauthorized use. For example, today's WLANs are secure enough for hotspot operators - they use SSL captive portals to make sure users log in (and pay for) hotspot access, but most do not care about data encryption because the need for privacy is up to the hotspot visitor. On the other hand, hospitals must use WLANs in conjunction with higher-layer encryption (IPsec VPN, Secure Shell, SSL) in order to satisfy HIIPA mandates that require privacy of patient data. Some highly sensitive defense and military networks will not use standard 802.11 WLANs at all today.

Wi-Fi Protected Access (WPA) improvements to 802.11 security were announced last fall and are starting to emerge in products. As of 2/24/03, the Wi-Fi Alliance has not yet announced successful certification of WPA-compliant products, but you can expect this in the next couple of months. With WPA, the most significant vulnerabilities in the original 802.11 standard and WEP have been corrected. Does that mean WPA is perfect? Of course not. Security standards for any technology are always improving. WPA makes much better use of the encryption engine found in today's WLAN products, but experts readily admit it isn't the solution they would want if they were starting with a clean slate. For an even better combination of robust security and efficiency, look to products that implement IEEE 802.11i advanced security measures next year.

Even when 802.11i is completed, it will only address link-layer security - that is, controlling access to the WLAN itself and preventing eavesdropping and modification of frames over the air. True network security requires much more ? you'll still need firewalls to separate the WLAN from wired networks, authentication servers to verify wireless client identity, intrusion detection systems to spot potential attacks, etc. My point is that airlink security, whether based on WEP, WPA, or 802.11i, will never be enough for a "secure network."


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Expert networking advice and tips for IT professionals
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2000 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts