Wireless LAN security: Time to take action

By using wireless LANs (WLANs) without taking proper security measures, companies leave their networks vulnerable to even relatively unsophisticated hackers using readily available, inexpensive equipment.

Gary Boniface, CSO manager of 3Com SA, looks at the implications of a security breech and discusses some of the solutions that are emerging.

Any breach of security is potentially a huge problem for an organisation. Once in, hackers can gain access to corporate passwords, log on to servers and steal information, take over the corporate Web site or even shut down the entire network.

The problem has been exacerbated by the advent or wireless technology and the implementation of WLANs which have not benefited from the corporate "fortress mentality" that is evident in terms of physical security. The reason for this may be simple ignorance of what is available in terms of wireless security - a na"ive assumption that the signals don`t carry beyond the company`s walls, or an instinctive head-in-the-sand idea that if you can`t see the information, you can`t steal it.

Perhaps the most compelling message from the networking industry is that it doesn`t have to be this way - using a WLAN doesn`t mean trading security for wireless convenience. However, it does mean that companies have to take adequate security precautions.

The most basic level of security for WLANs is the Wired Equivalent Privacy, or WEP, which is a standard feature on all Wi-Fi certified wireless LANs. WEP, which was created by the Institute of Electrical and Electronics Engineers (IEEE), is designed to (a) provide basic security, (b) prevent causal eavesdropping and (c) protect the network by encrypting all of the data that is sent wirelessly with an RC4 encryption algorithm based 40- or 128-bit shared key encryption.

In theory, WEP keys are essentially shared passwords that allow users to encrypt and decrypt data that travels on the wireless network.

The vulnerability is two-fold: firstly, hackers can gain access to the keys by sitting outside the company building and capturing a stream of encrypted data on their laptops and decoding it using special software.

Secondly, poor key management can be an issue. Often system administrators will assign just one key for the entire company, meaning once a hacker gets the key, the hacker potentially can have access to all of the company`s proprietary information and network resources.

Or the administrator will give every user a different key, but make them static by never changing them. Either way, once hackers get access, they can always retain unauthorised access in a static and shared key environment. Manual key management can become a cumbersome task as the number of wireless users grow.

3Com is addressing the key management and authentication requirements through a capability called Dynamic Security Link. When a 3Com wireless access point is used in conjunction with 3Com wireless clients, Dynamic Security Link automatically generates a brand new 128-bit encryption key that is unique to each user and to each networking session.

This kind of security solution provides a much higher level of security than static shared-key schemes, and frees users from the hassle of manually entering confusing keys.

It also guarantees that each user has a unique key that is constantly changed, so even if a hacker does break the encryption and gain access to the network, that hacker`s key will only work for a few hours, limiting potential damage. For additional security, 3Com access points can use user authentication whereby all users must log in with a name and password at each session.

This user-based authentication capability offers enhanced level of security and management compared to device MAC-address based authentication schemes.

Another advantage of these access points is that automated and dynamic key management capability is implemented right from the access point itself, so the solution doesn`t require any additional key management servers or other infrastructure.

Security on larger WLAN networks need similar types of security capabilities but also need to extend well beyond it, due to large numbers of users and more complicated security requirements.

Larger installations usually need a more robust encryption key management technology, scalable authentication mechanisms and centralised user management across the network infrastructure, which can`t be stored in the limited memory of a WLAN access point.

While the security in the WEP and Dynamic Security Link solutions are localised - managed within the WLAN access points - a larger system that must accommodate thousands of users and state-of-the-art encryption and authentication usually requires a security solution that is administered from a central location.

Usually these systems are managed by a RADIUS (Remote Authenticated Dial-In User Service) infrastructure. RADIUS provides for a centralised management and administration of large number of users that are authorized to access resources on the network.

Supporting RADIUS with 802.1x, the standard for network login within both the wired Ethernet network and the wireless 802.11 network, further enhances the user authentication capability for the wireless enterprise network.

Given the mixed infrastructure platform nature of today`s networks and the range of Windows operating systems that are deployed within the enterprise, the 802.1x capability delivers a range of superior and scalable wireless security capabilities.

Whatever the level and scope of wireless security called for by the network infrastructure, a layered solution that can be customised to suit the specific wireless security requirements is ideal.

Wireless security solutions can extend all the way from standard-based basic WEP to security administered within the access point, to robust and scalable security that is centrally managed and extend from the wired infrastructure to the wireless infrastructure.

Rather than something that can just be slapped onto the network, security needs to be integrated into the fabric of the business.