Wireless LAN Security Requirements

Due to the popularity and the ease of use that wireless LANs provide, organizations today are rapidly deploying wireless LANs to provide mobility to their users.

Individuals and home users are enjoying the ease of setting up networks, and wireless ISPs are providing services at public places like coffee shops and shopping malls. Unfortunately, most such deployments ignore the basic security issues that are related to the currently available wireless LAN technologies.

The main security issue with wireless networks, especially radio−frequency−based networks (for example, 802.11−based networks), is that the wireless networks intentionally radiate data over an area that may exceed the limits of the area the organization physically controls.

For instance, 802.11b radio waves at 2.4 GHz easily penetrate building walls and are receivable from the facility's parking lot and possibly a few blocks away. Someone can passively retrieve all of a company's sensitive information by using the same wireless LAN adapter from a distance without being noticed by network security personnel.

These vulnerabilities of wireless LANs have made them one of the prime targets of the hacker community today. Security issues surrounding wireless LANs become even more critical when a wireless LAN is connected to the Internet.

In this situation, hackers are not only interested in gaining access to a wireless LAN to tamper with it, they are also interested in gaining unauthorized access to the Internet for free high−bandwidth connection and impersonating network users.

It is, therefore, extremely important that wireless LAN security and the risks and vulnerabilities are well understood before they are deployed or used.

Security of a LAN is often dictated by the physical properties of the medium it uses for communication, the methods used to transmit the data, the protocols that are used to control the security of the data transmitted, and the policies that a LAN enforces to ensure authorized use.

For example, private wired LANs are considered secure networks as long as they are not connected to an outside network (for example, the Internet), the LAN equipment and the wiring are physically secured, only authorized personnel are allowed access to the network, and the network security policies are strongly enforced.

Wireless LANs use airwaves to transmit the data and are considered inherently insecure because their data transmission medium is not physically bound like their counterpart, the wired LANs.

Transmitted over the airwaves, the data in a wireless LAN, which spreads in all directions, allows its users the freedom to move about. However, this also means that adversaries do not require a physical connection to hack into the wireless LAN. Instead, he or she needs to be present in the physical range where radio signals can be intercepted.

For example, if a wireless LAN emits a radio signal that reaches up to a radius of one mile, all hackers within the one−mile radius can easily intercept the signal and possibly conduct an attack on the network.

A standalone wired LAN (one that is not connected to an outside network) is far more secure when compared with a standalone wireless LAN. Wireless LAN security can be compared to wired LAN security by using the example of old cordless phones that did not securely communicate with their base stations.

For example, assume that your neighbor and you both have one of the old cordless phones that did not encrypt the signals between the handset and the base station.

Every time you pick up the phone to make a phone call, provided that your and your neighbor's phone were using the same frequency channel, you will be able to eavesdrop on your neighbor's conversation.

Wireless LANs are, therefore, inherently insecure and appropriate measures must be taken to ensure a high performance and secure wireless LAN. To secure a wireless LAN, both operational security and data security must be enforced. The security issues of wireless LANs are similar to those of the wired LANs.