The growing number of laptop and tablet PCs and other WiFi-enabled devices in use within the corporate network - and the success of 'bring your own' (BYO) device programmes - is testament to the increasing levels of mobility demanded by today's workforce.
This is the view of Martin May, regional director (Africa) of Enterasys Networks, who says this is true, not only in private companies, but in schools, hospitals and public organisations too.
“In addition to strong performance and seamless roaming capabilities, mobile users require continuous uptime. This is putting pressure on network designers to create fully integrated, easily managed and secure wireless networks with 'wire-like' performance attributes,” he says.
However, one of the pitfalls of a wireless infrastructure is increased exposure to unauthorised intrusions, which, according to May, add extra levels of complexity to the issue of security when wireless networks are compared with their wired counterparts.
“Unlike wired networks which send electrical signals through cable, wireless radio signals propagate through the air. This makes them innately easier to intercept. Signals from most corporate wireless networks often breach exterior walls and invade nearby streets or parking lots.”
He highlights the practice of 'war-driving', which has exposed the vulnerabilities of wireless infrastructures and boosted research into appropriate security technologies and defences.
To counter these threats, he says security has been ramped up to the point where data encryption, and other security barriers such as MAC (media access control) address filtering - geared to deny network requests from unfamiliar or unwanted users - are incorporated as standard features in the latest wireless routers and access points.
“Adding a further security layer such as NAC (network access control) should also be considered. NAC is an approach to security that unifies network endpoint security technologies - such as anti-virus, host intrusion prevention and vulnerability assessment techniques - as well as user or system authentication and network security enforcement systems. Importantly, NAC will authenticate the user and device being used to both the wireless and wired infrastructures.”
Despite these barriers, May maintains that the level of administration and the strictness with which security policies are adopted and enforced within an organisation can play a vital role in security maintenance.
“Modern networks, featuring unified access layer management and other technologies and techniques, facilitate the centralised visibility and management needed to minimise risks,” he stresses.
“A common thread binding many of today's wireless networks is their automated, role-based architectures designed to enable multi-user authentication, authorisation, access control and traffic flow optimisation - all of which help to ensure transparent access to business services and tight security for the growing army of mobile users.” May claims that role-based provisioning systems also contribute towards lower operating costs and help ensure consistent access to business services whether users are plugged into the wall or are untethered and moving freely around the corporate campus.
“Traditionally, the management of a wireless network is complicated by the fact that most enterprise networks often comprise both wired and wireless networks. Today's networks are able to integrate wired and wireless management and thus help secure the infrastructure as a single entity.
“Integrated security across a wired/wireless network also enables more rapid diagnosis and resolution of threats and real-time location capabilities help detect rogue users and shut down hot spots by exact location - which has been, up to now, a critical enterprise challenge,” he adds.
Share
Editorial contacts