How to Secure Wireless Network

How to Secure Wireless Network M82rEsw

Wireless Networking (Wi-Fi) has made it so easy for anyone to use Internet on your computer, mobile phones, tablets and other wireless devices anywhere in the house without the clutter of cables, it also introduces a number of critical security risks and challenges.

Because wireless signals typically broadcast outside a building’s physical infrastructure, they bypass traditional wired security perimeter safeguards such as firewalls and Intrusion Protection Systems.

In some cases, cyber criminals have gained unrestricted access to an organization’s internal network by installing hidden, unauthorized wireless access points on the network.

Wireless networks have made it exponentially easier for cyber criminals to penetrate organizations without physically stepping foot inside a building. As a result, it is critical that strong security safeguards be implemented to mitigate these risks.

The following are recommendations for wireless network security:

  • Create a unique password on your router. Once you have logged into your router, the first thing you should do to secure your network is to change the default password* of the router to something more secure.

  • Ensure that each wireless device that connects to the network is permitted. Organizations should deny access to all other wireless devices, including Bluetooth devices.

  • Deploy a Wireless Intrusion Detection System (WIDS) to identify unauthorized wireless devices, detect attacks, and detect successful compromises. Most major wireless vendors sell all-in-one wireless access, firewall, and WIDS solutions for small businesses for under $1,000.

  • At a minimum, ensure that all traffic that flows across the wireless network is protected by Advanced Encryption Standard (AES) encryption and Wi-Fi Protected Access 2 (WPA2) protection.

  • At a minimum, ensure that wireless networks use secure authentication protocols such as Extensible Authentication Protocol-Transport Layer Security (EAP/TLS).

  • Disable peer-to-peer wireless network capabilities on wireless clients.


WPA2 still has vulnerabilities; primary among those is unauthorized access to the enterprise wireless network, where there is an invasion of attack vector of certain Wi-Fi Protected Setup (WPS) access points. This can take the invader several hours of concerted effort with state-of-the-art computer technology, but the threat of system compromise should not be discounted. It is recommended the WPS be disabled for each attack vector access point in WPA2 to discourage such threats.



Did you find this tutorial helpful? Don’t forget to share your views with us.
 
A GeekPolice Network Tutorial