Burton Group Releases Report on Wireless LAN Security.Business Editors/High-Tech Writers SALT LAKE CITY--(BUSINESS WIRE)--June 24, 2002 "Securing Wireless LANs A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area " Report Defines Market Impact and Recommends Defense for Minimizing Security Risks to Enterprise Networks Burton Group, a technology-industry pioneer of network research and consulting, has released a report that describes the market impact of Wireless LANs (WLANs) and recommends a multilayered mul·ti·lay·ered adj. Consisting of or involving several individual layers or levels. defense strategy to protect enterprise networks from attack. Written by Burton wireless technology and network security expert Michael Disabato, "Securing Wireless LANs" presents enterprise network managers with methods and procedures to follow to ensure the security and integrity of WLAN See wireless LAN. WLAN - wireless local area network segments under their care. Wireless LANs are an increasingly integral part of enterprise network architectures. They have appeared in the enterprise, the home and in public places such as airports and hotels. While they provide a high degree of flexibility for the mobile user, they have serious security weaknesses. "The growth of wireless LANs to a U.S. $6 billion industry in 2001 presents network managers with a whole new security challenge," said Disabato. "Business travelers using mobile computing Using a computing device while in transit. Mobile computing implies wireless transmission, but wireless transmission does not necessarily imply mobile computing. Fixed wireless applications use satellites, radio systems and lasers to transmit between permanent objects such as buildings devices and employees working from home are driving the growth of WLANs in public places and home offices. "This creates more opportunities for a hacker to penetrate an enterprise by creating `back doors' in network security. To prevent invasion, network managers must make a concerted effort to secure client workstations and home networks, and have a plan in place to respond to new threats as they appear." Although the attacks and defenses covered in this report are equally applicable to any wireless network, most wireless LANs are based on the IEEE (Institute of Electrical and Electronics Engineers, New York, www.ieee.org) A membership organization that includes engineers, scientists and students in electronics and allied fields. 802.11b standard. Disabato examines the cause of these weaknesses and describes several attacks that exploit them, including insertion, interception and monitoring, denial-of-service and service set ID attacks. He also recommends defenses against these attacks and details an architecture for protecting WLANs. The report presents the basics of a wireless LAN and its security, and discusses the vulnerabilities of the Wired Equivalent Privacy Wired Equivalent Privacy or Wireless Encryption Protocol (WEP) is a scheme to secure IEEE 802.11 wireless networks. It is part of the IEEE 802.11 wireless networking standard. (WEP (Wired Equivalent Privacy) An IEEE standard security protocol for wireless 802.11 networks. Introduced in 1997, WEP was found to be very inadequate and was superseded by WPA, WPA2 and 802.11i. ) protocol. It also covers 802.1x protocol security, including the authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. process and session hijacking/man-in-the-middle attacks and defenses, advises on how to increase security when installing new equipment, and how to minimize "War Driving" and defend against spillover spill·o·ver n. 1. The act or an instance of spilling over. 2. An amount or quantity spilled over. 3. A side effect arising from or as if from an unpredicted source: and client attacks. Burton Group's Networks & Telecom Strategy Service group will conduct numerous sessions on wireless networks, VPNs and converged networks at its ninth annual Catalyst Conference North America North America, third largest continent (1990 est. pop. 365,000,000), c.9,400,000 sq mi (24,346,000 sq km), the northern of the two continents of the Western Hemisphere. . Held on July 15-17 in San Francisco San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden , Catalyst will provide a forum for Burton analysts and consultants, end users and vendors to discuss issues important to network architects and planners. Topics include VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. deployment, security and remote access; VoIP, bandwidth efficiency The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. and SIP; and wireless LAN architecture, and security and integration with mobile WANs. Information about the Catalyst Conference is located at www.burtongroup.com/catalyst. The "Securing Wireless LANs" report is available with a license to Burton's Networks & Telecom Strategy Service. Details about Burton's products and services are on www.burtongroup.com or e-mail information requests to info@burtongroup.com. Notes to Press Only: Requests for complimentary press review copies of the "Securing Wireless LANs" report should be directed to Thomas Aitchison (taitchision@blancandotus.com). To interview Michael Disabato, contact Jaculynn Peterson at jpeterson@burtongroup.com. Burton Group is extending complimentary registration to Catalyst Conference (www.burtongroup.com/catalyst) for members of the media. To register, contact Aitchison at taitchison@blancandotus.com or 512/335-8771 ext. 15. About Burton Group A technology-industry pioneer, Burton Group (www.burtongroup.com) is the only company to offer integrated research, advisory and consulting services, which are critical to Global 2000 enterprises planning the evolution of their network and applications infrastructure. Burton consultants and analysts champion vendor-independent viewpoints as they guide IT professionals in the strategy of building and the tactics of managing scalable, secure, efficient networks. Burton has specialized in network-technology research and analysis since its formation in 1990. The company predicted and defined the role that meta-directory plays in an enterprise. Today, Burton continues to anticipate the direction of key networking technologies and guide the decision-making process for almost half the Fortune 100 and other enterprise clients in key markets such as education, banking/finance, health care, pharmaceuticals, automotive and manufacturing. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion