WLAN security

What about security for WLAN? Today wirelesscertified interoperable version of WPA. WPA2 besides
networks are at least secure as wired. You only havePSK 802.1X/EAP authentication, use advanced
to use right tools and configurations.encryption mechanism.
Physical security is most important part of security. IfThis new mechanism is Counter-Mode/CBC-MAC
you do not have physical access to network, you canProtocol (CCMP) called Advanced Encryption
not use it. If you can not plug cable you do not haveStandard (AEP).
network. This is situation in wired word.WPA and WPA2 have 2 certification modes.
The biggest security problem, in any type wireless
network, is lack of physical security.1. Enterprise
802.11 standards use Authentication as replacement2. Personal
for physical security. Problem is that application usesYou have 4 different versions of Wi-Fi CERTIFIED
WEP as encryption.devices:
WEP - Wired Equivalent Privacy has never deserved1) WPA-Personal
its name. It does not take more than 2 minutes, with2) WPA2-Personal
cracking tools, to break WEP.3) WPA-Enterprise
First WEP versions have used 64-bit shared key. 404) WPA2-Enterprise
bits are for a shared secret and 24 bits are for IVPersonal Mode is designed for home and office
(initialization vector). IV is used that receiver could(SOHO) environment. You do not need authentication
decrypt the frame.server (Radius or IAS).
Next improvement of first WEP key was 128-bitIt uses manually entered PSK (pre-shared key or
shared WEP key. With that WEP version 104 bits arepass-phrase). Security level of your wireless network
used for shared key and 24 for initialization vector.is based on this PSK.
IEEE proposed in 2004 new version of WEP - WEP2.So, use mix of letters, numbers and non-alphanumerical
It uses the same RC4 algorithm with 128-bit initializationcharacters.
vector. WEP2 has not improved significantly security. ItPersonal mode uses methods of encryption as
only increases time for cracking.Enterprise-per-user, per-session, per-packet encryption
Next step in wireless security is WPA - Wi-Fiwith TKIP (WEP) or AES (WEP2).
Protected Access.Enterprise Mode operates in managed mode with
What is WPA encryption? Wi-Fi Alliance launched inauthentication servers (Radius or IAS). With this mode
October 2003 Wi-Fi Protected Access - WPA, theyou can meet rigorous requirements of enterprise
next generation in WLAN security. Wi-Fi Protectedsecurity.
Access does not require a hardware upgrade in 802.11Most of access points and wireless routers have
equipment.option of MAC filtering. With MAC filtering, you can
Only software and firmware upgrade is needed and itrestrict access to stations that you have entered in
makes minimal degradation in network performance.MAC filtering list.
WPA was designed as an answer for all WEPThe main key to wireless security is to put as many
weaknesses. It uses Temporal Key Integrity Protocolobstacles as you could. If you simultaneously use
(TKIP) with Message Integrity Check (MIC). It also hasWEP, WPA, MAC filtering, and if you use IPsec tunnel
mutual pre-shared key (PSK) authentication schemeand SSH then your wireless network is secure like it's
using 802.11X/EAP.wired.
WI-Fi Alliance launched WPA2 in September 2004. It is