Wireless Network Policy Development

[tekno]

For those of you that are in the need or presently developing a Wireless Network Policy.

The need for wireless policy has never been greater. 802.11/a/b/g wireless networks (WLANs) [1] have taken the Information Technology world by storm. With 35 million units expected to sell in 2003 and with a predicted growth rate of 50-200% compounded year over year through 2006, wireless is here to stay. The benefits of wireless connectivity in the business world are immense; they come in the form of flexibility, convenience, portability, increased productivity, relatively low cost, and ease of implementation. These benefits are not without an expense, though. The same aspects that make wireless so desirable in terms of usability and productivity can also become an Achilles heel if the proper security measures are not addressed throughout the network's life-cycle.
This is the first of a two-part series that will help create a framework for the most important aspect of any wireless security strategy -- policy development. With a solid policy and active enforcement, a WLAN will not only be useable, it will operate with limited risk and most importantly, it will be secure.

Here is Part One

and

here is Part Two

if Part 1 has already been posted, forgive me.

anways....enjoy.

laters.

[fraggin]

I will tell you from experience that it is better to have as much authentication as possible at the server level instead of at the access point level. It is much easier to crack an access point than it is to crack a server. Another piece of advice. "Allow only by Mac Addresses" this will save you from being compromised by that nerdy punk who drives a forklift for your company and surfs the web from his parked car during lunch.

[dinowuff]

fraggin is absolutely correct. Only allow by MacAddress. Then server/router security will be the place to monitor and secure. Don't add monitoring WEP's to your to-do list.