Exploring WLAN Security With Senforce's Allan Thompson

The rapid proliferation of wireless LANs in corporate America is having a dramatic impact on how enterprise networks are designed, deployed and maintained. With the rise in WLAN deployment, there has been a commensurate level of interest in how to secure these critical network elements. The Networking Pipeline had an opportunity to review some of these issues with Allan Thompson, President and CEO of Senforce Technologies, Inc.

Networking Pipeline: How seriously are enterprise users taking WLAN security?

Thompson: Most users want to be good corporate citizens, and don't set out at the start of the work day to compromise security or put corporate data and assets at risk. The challenge is that out-of-the-box WLAN technology presents the user with the opportunity to be more productive (with increased connectivity options), but potentially exposes corporate data and assets to a variety of security threats both old and new. The smart enterprise realizes that, for productivity and convenience reasons alone, WLAN technology is inevitable in the enterprise. Users will introduce the technology if the IT function doesn't. It is the combination of the impatient enterprise user and the unresponsive IT function that really introduce WLAN security risks into the enterprise. It doesn't need to be that way, but it generally is the case.

Networking Pipeline: Is there a significant difference in security levels between corporate WLANs and public WiFi deployments (like T-Mobile's hotspot)?

Thompson: For the corporate WLAN, the question is best answered by considering where the WLAN infrastructure is placed in relation to the overall enterprise. If the wireless connections are to occur behind the enterprise perimeter, then there are absolutely differences in the security required in a corporate WLAN versus a public hotspot WLAN's security configuration. WLAN access points behind the firewall MUST utilize encryption technology beyond Wired Equivalent Privacy (WEP), which has multiple and readily available published exploits that introduce multiple threats, including vulnerabilities from WLAN "sniffing" and Windows network share vulnerabilities to name a few. Available non-proprietary corporate solutions include use of Wi-Fi Protected Access (WPA) or IEEE 802.11i security protocols in access points to prevent both unauthorized connections to WLAN infrastructure and unauthorized sniffing of WLAN traffic.In contrast, the primary security consideration in a hotspot is ensuring authentication for revenue generation purposes. It is not about keeping WLAN traffic secure. So, most public hotspots (the ones operated for profit) use web page redirection to authenticate the user to the hotspot to collect revenue. This authentication does nothing to protect WLAN traffic, as these access points typically run "naked" (that is, with no encryption protocols in use) to accommodate connectivity by users who own pre-WPA/IEEE 802.11i-compatible WLAN adapters. This introduces hotspot users to WLAN "sniffing" and Windows network share vulnerabilities. If these are your enterprise users, do you want them connected to a "naked" infrastructure with your corporate data sitting on their notebook computer?

Networking Pipeline: Do the security teams at both enterprise and carrier organizations have firm grasp of the security issues?

Thompson: They're both getting there. The carrier organizations are farther along than their enterprise counterparts because they have greater control over the infrastructure. It is much more difficult for a hacker to introduce rogue infrastructure at a carrier than in the enterprise. Adding an access point to the enterprise network is a relatively simple proposition, hence the problem of rogue access points. This really doesn't occur in the carrier infrastructure. The best weapon the enterprise can employ in the security battle is education, both the IT function and the users-the carriers don't have that battle to fight, so this puts them ahead at the moment.

Networking Pipeline: For enterprises, are there some key principles in managing WLAN security that are distinctly different from those associated with managing other enterprise IT assets?

Thompson: There are a few. The overriding principle is that WLANs can both exacerbate existing security problems such as weak passwords, and unencrypted traffic, and introduce new security problems that result from no longer needing a physical connection in order to attack or compromise the network. With more and more corporate data residing on endpoint computers (workstations and notebooks) instead of servers, the WLAN security paradigm requires hardening of the endpoints, instead of the traditional practice of a hardened perimeter and server infrastructure. This is the greatest new threat WLAN introduces to the enterprise, and enterprise IT/security professionals must address it.0