How can you secure a wireless network connection but also make it easy for authorized users to have access?
One of 802.11 Wired Equivalent Privacy's many short-comings is it relied on manually-configured static keys, often entered in hexadecimal. Many users had no idea how to configure WEP, and vendors did little to hide WEP details under user-friendly GUIs. WLAN administrators found manual WEP key configuration tedious, error-prone, and ultimately doomed to failure because keys had to be updated on hundreds of devices when just one is lost or stolen.
Wi-Fi Protected Access (WPA) has improved this situation to some degree. WPA-Personal PreShared Keys (PSKs) can be configured as simple text "passphrases" -- this is more intuitive than entering hex keys. WPA-Enterprise uses 802.1X to automatically generate fresh encryption keys for every wireless session, removing manual key entry entirely. Unfortunately, configuring the "back end" of 802.1X is even more complex and obtuse. How do users know if they should choose SmartCard or Protected EAP? Should they check Validate Server Certificate? If so, which Certificate Authority(s) should they trust?
Fortunately, there are ways to make WLAN security configuration easier:
Many "wizards" are now available to automate matching WEP key or WPA-PSK entry when setting up a home or small office WLAN. For example, see Atheros JumpStart, Broadcom SecureEZsetup, McAfee Wireless Home Network Security.
Those who prefer to WPA-Enterprise but can't be bothered with 802.1X configuration should check out Witopia SecureMyWiFi, Linksys Wireless Guard, or McAfee Wireless Security for Small Business. (Another great solution, LucidLink, is unfortunately no longer available.)
Hotspot users can look for programs like the T-Mobile Connnection Manager which automatically configures your card in hotspots that provide WPA security as an option.
Individuals and small businesses that want VPN protection without the hassle of installing their own VPN may be interested in services like Witopia Personal VPN, HotspotVPN, JiWire Spotlock, and Boingo Personal VPN.
Solutions like Sesame Networks Courtesy Wi-Fi Access can be used to easily issue temporary credentials to visitors without opening your business WLAN to unauthenticated use.
Dig Deeper on WLAN Security
Is there a difference between a wireless access point vs. a router? Yes -- while the two wireless devices are related, they meet different needs in a...
Learn the differences between site-to-site VPNs vs. remote-access VPNs and find out about the protocols, benefits and the data security methods used ...
Need to send an email, check your flight's status or get ready for a presentation? You can do it all on your smartwatch, thanks to a slew of Apple ...