School

Lesson 3: How to implement secure access

In Lesson 3 of Wireless Security Lunchtime Learning, you'll learn the pros and cons of the various wireless access protocols so that you can choose the best method to control, authenticate and authorize access to your WLAN.

   Webcast: Who goes there?: Securing wireless access
   Tip: Controlling WLAN access on a tight budget
   Tip: Choosing the right flavor of 802.1X
   Tip: Combining 802.1X and VLANs for WLAN authorization
   Tip: Defeating evil twin attacks
   Quiz
   About the Instructor

MAIN MENU
Wireless Security Lunchtime Learning Home

Lesson 1: How to counter wireless threats and vulnerabilities

Lesson 2: How to build a secure wireless infrastructure

Lesson 3: How to implement secure access

Lesson 4: How to use wireless IDS/IPS

  

Webcast: Who goes there?: Securing wireless access
Length: 25 minutes
Wireless encryption is essential, but addresses only part of the security problem. Security measures are also needed to permit or deny WLAN access, authenticate stations and users, and determine the destinations and applications that each is authorized to reach. This webcast describes readily-available alternatives, from MAC ACLs and captive portals to Preshared Secret Keys and 802.1X Port Access Control.

VIEW THIS WEBCAST

  

Tip: Controlling WLAN access on a tight budget
802.1X/EAP can provide robust, granular WLAN access control and authentication, but can your organization afford the "WPA-Enterprise" approach? This tip recommends alternatives for companies that are concerned about securing WLAN access, yet faced with limited IT staff and budget. Whether the answer is outsource, open source or make the best of "WPA-Personal," this tip will help you understand associated costs and consequences.

READ THIS TIP

  

Tip: Choosing the right flavor of 802.1X
802.1X Port Access Control provides an extensible framework for authenticating and authorizing WLAN usage. But 802.1X is merely an envelope that carries some type of Extensible Authentication Protocol (EAP). More than 50 EAP Types have already been defined; how do you know which one(s) to use? This tabular tip provides a direct comparison of the most popular EAP Types used with 802.1X today, the authentication methods supported by each, known vulnerabilities associated with them and suitable usage environments.

READ THIS TIP

  

Tip: Combining 802.1X and VLANs for WLAN authorization
Many WLAN owners know that 802.1X/EAP makes it possible to authenticate individual wireless users. But did you know that 802.1X can also be used to funnel wireless traffic onto VLANs, enforcing user or group-based permissions? This tip explains how to use RADIUS attributes returned by 802.1X to supply VLAN tags, establishing that critical link between authentication and authorization.

READ THIS TIP

  

Tip: Defeating Evil Twin attacks
Evil Twin attacks -- also known as AP phishing, honeypot APs or hotspotters -- pose a clear and present danger to wireless users in public and private WLANs. This tip describes several steps that your company can take to defend employees against this poorly-understood attack. Learn why SSL or SSH may not be enough to protect your users, and how 802.1X mutual authentication can help defeat these phony APs.

READ THIS TIP

  

Quiz
Put your new knowledge of wireless access to the test.

TAKE THE QUIZ

  About the Instructor

Lisa Phifer owns Core Competence Inc., a consulting firm specializing in network security and management technology. Lisa has been involved in the design, implementation and evaluation of data communications, internetworking, security and network management products for over 20 years. At Core Competence, she has advised large and small companies regarding security needs, product assessment and the use of emerging technologies and best practices. Before joining Core Competence, Lisa was a Member of Technical Staff at Bell Communications Research where she won a president's award for her work on ATM Network Management.

Lisa teaches about wireless LANs, mobile security and virtual private networking at many industry conferences and on-line webinars. Lisa's WLAN Advisor and Wireless-To-Go columns are published by SearchNetworking.com and SearchMobileComputing.com where she is a site expert on wireless LANs. She also has written extensively about network infrastructure and security technologies for numerous publications including Wi-Fi Planet, ISP-Planet, Business Communications Review, Information Security and SearchSecurity.com.

  

This was first published in April 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: