Creating value from wireless security
Mike Hong, product marketing manager at Foundry Networks, explains how to get the best value from selling wireless security beyond 802.11i
For resellers advising their customers on security for wireless networks, it is important to be aware of the threats that exist and what current technology can do to protect against them. In 2004 the IEEE standards association ratified IEEE 802.11i – a set of standards designed to provide the strongest possible encryptions and authentication for wireless networks. Resellers should be looking to recommend this.
Despite these improvements in security, there are still serious threats such as rogue access points, which provide easy network access to unauthorised users. Or, they can appear as ‘spoofed’ authorised access points ‘fishing’ for careless users.
To remedy this, rogue access points not only have to be detected but located and removed. Their location can be calculated by measuring signal strength on multiple receivers and plotting these on a map, enabling security personnel to locate rogue access points quickly and accurately, so they can be verified as a threat and eliminated before causing harm to the network and users.
Because wireless networks can penetrate through walls, floors and ceilings and provide access in areas where they may not be intended or desired, location-based wireless security is becoming increasingly important and its functions are continuously developed and extended. One valuable application that has been extended is location-based wireless access control. By knowing the location of a wireless device, network access policies can be created to allow or deny access based on the location. This provides physical security to wireless access in the same way as wired access. Also, when used in combination with 802.11i security, location-based wireless access control provides a seamless, transparent and low-maintenance form of two-factor authentication, making wireless security stronger than with just 802.11i alone.
Wireless-location tracking, which can be done by connecting low-cost wireless transmitter or RFID tags, is also important to identify and monitor the real-time location of high-value assets. The first RFID applications focused on the tracking of goods and products, but RFID can also be used to quickly and accurately locate important people such as an emergency caller on a wireless VoIP phone or young children who have separated from their parents at a shopping centre.
Another important extension of wireless-location is real-time wireless coverage maps. This is critical for effectively managing a wireless telecoms network in a dynamic environment. Radio waves are sensitive to changes in surroundings; crowded rooms, new construction and electrical appliances can all reduce or even eliminate wireless coverage in areas that had sufficient coverage before. When troubleshooting wireless network issues, knowing the coverage conditions is critical to applying the proper corrective action. Plus, recording and analysing trends in the coverage maps over time can provide valuable information on where additional access points are needed or existing ones should be reconfigured.