|< Day Day Up >|
Chapter 10. Wireless Tools
Until recently, network administrators mostly only had to worry about securing physical, fixed information technology assets. This includes servers, routers, and firewalls: the things that make up our wire-line networks. However, with the advent of inexpensive wireless network equipment, there is a whole new spectrum (no pun intended) of security problems to contend with.
This new technology has helped to lower the cost of deploying networks, brought access to places it wasn't before, and made the term "mobile computing" truly a reality. It has also drastically changed the network security perimeter for companies of all sizes. Traditionally, corporate networks were connected to the outside world in only a few places (see Figure 10.1). This allowed network managers to concentrate on protecting these limited access points. You could put firewalls and other defenses at these crucial choke points. The inside of the network was largely treated as trusted because there was no way to get there other than through the protected points.
Figure 10.1. Network Threats Before Wireless Networking
Now the advancing march of technology has moved the security bar up a notch again. With a wireless LAN deployed, your new security perimeter becomes literally the air around you. Wireless attackers or eavesdroppers can come from any direction. If you have wireless access deployed, anyone with a $50.00 card can potentially listen in on your network wire without ever stepping foot on your premises. Figure 10.2 shows the new network security perimeter with wireless technology. As you can see, if you are using wireless for part of your network, your security threats go up considerably. But before you can properly secure your wireless network, you need to understand how wireless local area networks function and what their basic weaknesses are.
Figure 10.2. Network Threats with Wireless Networking
Manufacturers of wireless LAN equipment have lowered the prices so much that it is now a feasible alternative for home networks. Rather than wiring your house for Ethernet to connect your PCs, you can buy a wireless base station and a couple of wireless cards and use the Internet from any room in your house (or outside for that matter). Many business conventions now offer free wireless Internet access to their attendees via wireless stations. There are grassroots campaigns to create free Internet access for neighborhoods outside the reach of DSL or cable by using public wireless access points. Wide deployment of wireless LAN technology is definitely here to stay, and sooner or later you will probably have to deal with it.
|< Day Day Up >|