Know your wireless encryption options

You wouldn't design a network with Internet access without a firewall, so why would you have an unencrypted wireless network? Understanding wireless encryption is essential to deploying a secure wireless network.

The security of a wireless transmission is analogous to a written message. There are a variety of ways to send a written message and each provides an increased level of security and protects the integrity of the message. You could send a postcard, but the message is then open for all to see. You can enclose the message inside of an envelope and that will protect it from casual compromise. If you really want to ensure that only the intended recipient can view the message though, you would need to scramble or encode it somehow and make sure the recipient knew the method for decoding it.

The same thing is true with wireless data transmission. Raw wireless data, with no encryption, is just flying through the air for any nearby wireless devices to potentially intercept.

Encrypting your wireless network using WEP (Wired Equivalent Privacy) affords minimal security because the encryption is easily cracked. If you really want your wireless data to be protected, you need to use more secure encryption schemes such as WPA. To help you understand the options, here is a brief outline of some of the wireless encryption and security technologies available:

WEP (Wired Equivalent Privacy): WEP was the encryption scheme hastily thrown together as a pseudo-standard by vendors who were in a hurry to start producing wireless equipment before the protocol standards were finalized. As a result, it was later found to have holes that are easily exploitable by even a novice attacker.

WPA ...

To read more you must become a member of SearchNetworking.com

As an existing member of the TechTarget network please activate your SearchNetworking.com account 

By joining SearchNetworking.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Application-specific network intrusion detection systems emerge Anomaly-based intrusion protection configuration and installation Preventing hacker attacks with network behavior analysis IPS Rogue access points: Preventing, detecting and handling best practices The TPM chip: An unexploited resource for network security Shifting defenses and dynamic perimeters challenge network security Compliance in a virtualized world: Server virtualization and NAC security Securing the new network architecture: Security for distributed, dynamic networks How to configure Windows Server 2008 advanced firewall MMC snap-in USB storage devices: Two ways to stop the threat to network security WLAN Security Where can I find a wire driver that unblocks recognized passwords? Will using a VPN protect me against fake wireless hotspots? Fluke gets WLAN design, management, security cred with AirMagnet Is WPA2 secure enough for a commercial business wireless network? Health center cut cost securing wireless network edge with Aerohive Wi-Fi RTLS for WLAN management, location-based security, asset tracking Wireless LAN performance management and security standards beefed up How can I hide my WLAN's SSID in an Aruba AP-61? Wireless LAN security: SonicWall joins crowded WLAN market Stolen laptop recovery using remote access and wireless network SSIDs WLAN Standards 802.11n wireless APs bring IP video to sprawling Illinois high school 802.11n ratification will drive down wireless LAN prices How does Wi-Fi ad-hoc mode react when 802.11n and legacy peers are present? Wireless vs. Wi-Fi: What is the difference between Wi-Fi and WLAN? 802.11n ratification planned for Sept., draft products to interoperate Wireless LAN performance management and security standards beefed up 802.11n wireless LAN access point market: Who's really in second place? Will 802.11x wireless products be compatible with 802.11n? Beamforming, RF management key to 802.11n wireless LAN success School deploys 802.11n WLAN to support student laptop program

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 802.11a  (SearchNetworking.com) DECT  (SearchNetworking.com) foreign agent  (SearchNetworking.com) High-Speed Circuit-Switched Data  (SearchNetworking.com) home address  (SearchNetworking.com) home agent  (SearchNetworking.com) Link Quality Source Routing  (SearchNetworking.com) Multichannel Multipoint Distribution Service  (SearchNetworking.com) USSD  (SearchNetworking.com) Wi-Fi Multimedia (WMM)  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

(Wi-Fi Protected Access): WPA was created to improve on or replace the flawed WEP encryption. WPA provides much stronger encryption than WEP and addresses a number of WEP weaknesses.

TKIP (Temporal Key Integrity Protocol): TKIP is the underlying technology which allows WPA to be backwards compatible with WEP and existing wireless hardware. TKIP works in conjunction with WEP and institutes a longer key, 128-bits, as well as changing the key on a per-packet basis to make it exponentially more secure than WEP alone.

EAP (Extensible Authentication Protocol): With EAP support, WPA encryption provides more functionality related to controlling access to the wireless network based on PKI (Public Key Infrastructure) keys rather than filtering only based on MAC addresses which can be captured and spoofed.

While WPA, and the improvements it brings over WEP, is exponentially more secure than WEP, any encryption is better than no encryption at all. If WEP is the only protection you have available on your wireless equipment, it will still deter casual compromise of your wireless data and send most novice attackers searching for an unprotected wireless network to exploit.

About the author:
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security, providing a broad range of information security tips, advice, reviews and information.

This tip originally appeared on SearchWindowsSecurity.com.

Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.