Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

 
NetNews
N E W S / A N A L Y S I S  


WLAN Security: Five Simple Truths

  December 1, 2002
  By Dave Molta


If you see someone driving with what looks like a Pringles potato chip can pointing out of the passenger window, don't be alarmed. It's probably just a local war-driver looking for unsecured wireless access points. The second WorldWide Wardrive wrapped up on Nov. 2. The last such event, which took place a few months ago, documented nearly 10,000 APs. Of these, more than 70 percent were running with no encryption. If you find this shocking, let me remind you of five simple truths:

1. People are not necessarily stupid for not "at least" running WEP. This protocol has been broken since day one. It was never designed with consumers in mind, and in the enterprise, it has never come close to meeting the need for a scalable encryption system once you expand beyond three access points and a dozen users.

2. Lack of security isn't a valid reason for delaying a WLAN. I've spoken to many IT managers who refuse to implement WLANs because WLANs are insecure. So is the Internet, but you don't see companies shutting down their connections. Create a VLAN and connect your WLAN in front of your firewall.

3. You may wait forever for a bulletproof WLAN security standard. Well-placed sources tell me that IEEE officials don't want to release 802.11i security standards until 2004.

4. 802.1x is no WLAN security silver bullet. Many IT managers view this standard as the solution to their WLAN security problems. However, implementing 802.1x can be complex, requiring compatible client software and a RADIUS server that integrates with your existing authentication environment.

5. Security polices are as much about politics as technology. This is nothing new. But now here come the IT police, armed with their WLAN auditing tools, trying to stamp out all those rogue access points. Even if they succeed, they fail by denying users access to a valuable technology.


Best of the Web

Data deduplication: Declawing the clones

Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.

Quick Read

Compression, Encryption, Deduplication, and Replication: Strange Bedfellows

One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.

Quick Read

WAN Optimization Whitelists and Blacklists

Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.

Quick Read

WAN Optimization as a Managed Service: It's Not About the Cost

This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.

Quick Read

  Sponsored Links

Premium Content

Next Generation Data Center, Delivered, November 17th
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll