The Network Security. Org

How to Improve on Wireless Security

First, there was WAP, then WEP, then WPA and now WPA2. But despite how you sound, if you are looking to secure an enterprise WLAN, many industry experts say WPA2 is your best bet.

''WPA2 provides an enterprise-class security solution for user authentication and encryption,'' says Michael Disabato, senior analyst at the Burton Group.

Understanding wireless security requires a bit of a trip down memory lane to see how the protocols have evolved over the years.

Wireless Application Protocol (WAP) was the first such protocol. Introduced in 1997, it was designed, among other things, to secure emails and text-based Web pages over cellular networks.

Wired Equivalent Privacy (WEP) is another protocol. With the rise of wi-fi networks, came the need for a new security standard. Described in the IEEE's 802.11b spec, WEP uses a 40-bit encryption key and was expected to provide the same level of security as hard-wired LANs. It didn't.

Wi-fi Protected Access (WPA) was the next attempt at improving security. It includes a more advanced encryption method -- Temporal Key Integrity Protocol (TKIP) -- and requires strong user authentication, including the 802.1x standard.

WPA2, also called 802.11i, is a security standard approved by the IEEE in June of 2004. It incorporates WPA, but also uses the Advanced Encryption Standard (AES), which has, so far, proven to be unbreakable and meets federal security requirements (FIPS 140-2). It also includes key caching, making it faster for a user to reestablish a dropped connection. How to Improve on Wireless Security

More News

• NetWitness releases free version of security software
  



• Three Reasons Why Users Won’t Buy Into Security
  



• Automated security testing & its limitations
  



• How to Use Network Behavior Analysis Tools
  



• The insider security threat in IT and financial services
  



• Top 10 Network Security Threats
  



• Big leap in malicious Web sites
  



• Network security makes a quantum leap
  



• Microsoft Preps 11 Security Bulletins for Patch Tuesday
  



• Practical Defense in Depth
  



• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say