Network Security Term Paper
- Length: 6 pages
- Sources: 10
- Subject: Education - Computers
- Type: Term Paper
- Paper: #48535819
Excerpt from Term Paper :
Best Practice Wireless Network Security
Best Practices for Network Security
Wireless network is a technology that relies on radio waves instead of wires in connecting computer devices to the internet. There is a transmitter, with the name wireless access point or gateway, wired into an internet connection, which provides a "hotspot" transmitting the connectivity over radio waves. Hotspot has the capability to identify information, that include an item known as an SSID (service set identifier), that enable computer devices to locate them. For computer and other devices that have been equipped with wireless card as well as have permission to access the wireless frequency can then have the opportunity to connect to the network. There are some computer and other devices that may be able to automatically identify open wireless networks within a particular area, and for some you may be required to locate and enter the information manually like the SSID.
Network security has always been a challenge, in particular with the rising number of staff who has different access permissions. Wireless networks have provided an easier platform of sending information across network, and there are existing tools which help in protecting the need of your network. Currently, wireless networks have increasingly become more common as well as more sophisticated and they have largely taken on a growing role in the way most of the businesses operate. However, security of this wireless networks has been the main challenge to the users. The more this technology has become widely embraced; it has also open-up to different kind of threats.
Taking the move to build a secure and reliable wireless network is considered to be one of the most effective business infrastructure projects a company may be involved in. Since there is widespread adoption of mobile devices, especially laptops, having a flexible network in your company may be an open door as a new way of making your staff becomes more effective. The mobile devices as new tools need a more sophisticated network, with the ability to handle a dramatically greater set of demands, (James F. 2001). There are set of wireless best practices that help you lay the foundation for a new system that is capable of taking full advantage of the available technology and meets the need of your company.
Most of the organizations as well as users have realized that wireless devices and communications tend to be flexible, convenient, and easy to use. Those who use wireless local area network (WLAN) devices enjoy the flexibility of moving their devices such laptop computers from one place to the other when they are in the offices and still maintains connectivity with the network, (Ross, D., 2005). Users gets the opportunity of sharing data and applications with network systems and any other users that are compatible devices, without necessarily using printer cables and any other peripheral device connections. Those who use handheld devices like cell phones and personal digital assistants (PDAs) are able to synchronize data between personal computers and PDAs and find it possible to use network services like web browsing, internet access, and wireless email. Moreover, wireless operation and communication assist many organizations to cut their wiring costs.
As the service of wireless network has become more popular the risk to users has also increased. When wireless network was first introduced there were relatively few dangers. Those who hack the network had not yet had the space that that they could use to latch on this new technology and the technology itself was not commonly found in our offices, (Gast. Matthew S., 2002). Today, we are experiencing great number of security risks that are associated with this existing wireless protocols as well as encryption methods, in addition to the carelessness and ignorance that still exists among the users and the corporate IT level. Methods of hacking have increasingly become more innovative and sophisticated with wireless, also taking advantage of the existing easy-to-use Windows to find their hacking very easy.
It is unfortunate to find that some organizations have not yet realized the need to address the issue of wireless security concerns because they have not installed wireless access points. According to In-Stat MDR and META Group, 95% of the entire corporate laptop computers planned to be purchased in 2005 had been equipped with wireless. Organization that seems to be having non-wireless might encounter a wireless laptop or a wireless device plugged into their corporate network with intention of extracting information. Information can be extracted by the hacker while around the premises using a wireless device or they can break in through any wireless card-equipped laptop and be able to access the wired network. A person who is around the geographical network range of an open and unencrypted wireless network can capture and record the traffic, find a way to access unauthorized internal network resources and the internet, take advantage and use the information and resources in carrying out illegal or disruptive acts, (Nichols, R.K.,2002). These kinds of security breaches have remained to be important concerns to enterprises and even home networks.
Some robust security tools in wireless network have been developed to always prevent any data from reaching unwanted devices, and there are some best practices that guarantee a secure information loop. WPA2 encryption has stood as the most powerful security protocol for modern wireless devices, after overtaking WEP safeguard which was a bit simpler, (Matt Lytle (2010). Using a password that can be easily set by your network administrator, the network becomes protected to ensure that your system is secure.
As majority has adopted wireless network security measures, network security threats have also taken new dimension of vulnerability to malicious hackers and causal intruders. To deal with the rising wireless threat, there are fundamental areas must be considered.
Enterprise Wireless LAN
Deployments of enterprise wireless LAN have been on the rise nowadays. It has evolved from guest access in conference rooms, to some hot zone areas of connectivity to the entire coverage of the organization. However, most of such deployments seem to be still insecure, allowing malicious hackers to find their way into the network and access confidential information of your company. Some of the ways of securing wireless LAN include:
Changing the Manufacturer's Default SSID to Secure SSID
Usually access points come with already a standard network name like default, tsunami, among others broadcasting to clients to advertise the presence of the access point. It should be immediately changed after installation. Names to be used in renaming the access point SSID should not be directly related to your company such as name of the company, phone number or any other readily available company's information that can be easily guessed or found in the internet.
Segment user populations with VLANs
Sometimes several different types of users may require having an access to the wire LAN network. For example marketing and sales team may need to access sales performance data. Accounting and finance staff may need to access account receivable, payable, and other financial systems. Order administrators may want to access order entry and shipping systems. By having an access point that supports virtual LANS (VLANS) give an opportunity to every authorized wireless LAN user to only gain entry to the network resources that they need to access, (William Arbaugh, 2001). For example, accessing wireless network by personnel in shipping and manufacturing may be by use of the SSID operations which provides email and ERP systems as the only access.
Strong Encryption and Authentication
Since default settings for several access points are not accompanied by any form of security being enabled, malicious hackers or unauthorized personnel find it easy to access wireless LANs. To prevent this from happening, turn a method of over-the-air security on and also the recommended secure over-the-air encryption and authentication method to be used may be a VPN. IEEE 802.11i (also known as WPA2) or IEEE 802, (NSA, 2013).
Educating your employees about wireless LAN Security Policy
Employees are always ready to take part in ensuring that a secure enterprise network is achieved especially if they are to be educated on the existing policies as well as the potential threats of non-compliance. This is because some employees may not even be aware that deploying a wireless LAN access point out-of-the-box may expose the corporate network security to danger, (Ross, D., 2007). Therefore it is important that your company provides multiple opportunities for education immediately wireless is made available to employees.
Deployment of Automatic Wireless Intrusion Prevention System (WIPS)
WIPS is effective in preventing wireless security risks since it provides a trusted 3rd party security system. Operating similarly to an intrusion prevention system for wireline systems, detecting threats and prevent them automatically. With the help of WIPS solutions every wireless transmissions over-the-air are detected, then classified and using the rules which has been set by administrator, dangerous devices are quarantined automatically, (WAP Forum., 2000). Every category of attack is detected by use of deterministic techniques that involves combination of device and event auto-classification, association analysis…