Securing a Wireless Network

Have you ever wondered how you can prevent unauthorized people from accessing your school ? s network if you have a wireless network infrastructure at your school. Wireless Access Points have several different ways that you can employ to secure your wireless network . This article will give you information about the ways to help…

Have you ever wondered how you can prevent unauthorized people from accessing your school ? s network if you have a wireless network infrastructure at your school. Wireless Access Points have several different ways that you can employ to secure your wireless network . This article will give you information about the ways to help you to secure your network .

Choosing a method of securing your wireless network depends upon how complicated you wish the setup to be or how secure your network needs to be. For example if you are running allows network that has access to confidential administration data you will need to employ methods that will encrypt the data and hide the existence of the wireless network so that the casual possibly is unaware of its existence.

Before securing your wireless network it is advisable that you read your suppliers manual and also set up a test network and laptop so that you are confident in implementing the right solution for the job.

There are several standards that concern Wireless Security. You may already of heard of WEP ( Wired Equivalent Privacy), WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) and WPA-802.1x.

Types of Wireless Security

WEP (Wired Equivalent Privacy), if used, encrypts data before transmission. This provides greater security and privacy. All Wireless Stations need to use the same settings (WEP Key size and WEP key).

E ncrypting the data using WEP is by far the simplest method of implementing security. Most wireless access points will allow for 64 bit encryption or 128 bit encryption, this is implemented by means of a controlled access key. Most modern access points can automatically generate a key based upon the phrase or you may generate the key value by making up hexadecimal number.

An example encryption key may look like this :

  • 64Bit : 09641139E3
  • 128Bit : 5A516358A0CDAC6D330030471D

When WEP has been enabled at the access point each client device will need to use the defined key in order to gain access to the internal network. Windows XP as a built in Wireless Configuration tool that will automatically detect the type of wireless network that has been configured and will prompt for the WEP key for the wireless network.

WPA-802.1x (Wi-Fi Protected Access) – WPA requires the use of a Radius server for authentication. Each user (Wireless Client) and network device must have a "user" login on the Radius Server. Data transmissions are encrypted using a key which is automatically generated.

Implementing WPA is a lot more complicated than WEP but offers a greater level of security and manageability. Windows Server has a built in Radius server for authentication of clients. This can be configured with help from the online help or by searching the internet.

WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) – A version of WPA that uses a PSK (Pre-shared Key) for authentication, so you don’t need a Radius Server. All Wireless stations need to use the same PSK (Pre-shared Key). Data transmissions are encrypted using a 256 Bit key derived from the PSK. This key changes regularly, providing greater protection. WPA is more secure than WEP.

Using this method does not require use of additional services and servers. WPA-PSK is as simple to use as WEP. I would recommend that you try WEP first as not all of your devices may support the WPA-PSK protocol.

Cloaking the Wireless network

Cloaking is a method of hiding the existence of the wireless network by switching off the broadcast feature of the wireless network point. This can make it harder to diagnose problems with accessing the wireless, therefore I would suggest that you do not switch off the broadcast feature whilst you are testing and implementing your wireless setup.

Filtering

Another way to prevent access to the wireless access point is to implement a MAC (Media Access Control) address filtering system. This will prevent any computer accessing the wireless network if the MAC address does not match one of those boxes listed against access point. Using Mac address filtering is good for small networks where there are limited numbers of wireless clients. However Mac addresses can be spoofed by hardware and software so this is not totally full proof. A MAC (Media Access Control) address is a hardware address that uniquely identifies each node/client/device of a network. The Mac address is usually the assigned by the manufacturer to a piece of networking equipment.

Other security measures

It is recommended that you set a secure password on your Wireless Access point so as to prevent the casual user from interfering with any of the settings that you have configured.

Online Resources

Ten Steps to Secure a Wireless Network ? By PC Magazine

Similar Posts

  • What is WEP, and how to use it

    WEP is an acronym for Wired Equivalent Privacy.  This basically means that all data that is to be transmitted over a wireless local area network (WLAN) is encrypted using a 64bit or 128bit encryption key.

  • What is WPSK

    WPSK or WPA-PSK uses a pre-shared Key for authentication on a wireless system, so you don’t need a Radius Server. In order to access a WPA/WPA2 protected network all Wireless devices such as laptops, tables and smartphones would use the same pre-shared Key (PSK) to access a particular SSID. Data on a wireless network is usually…

  • Survey your site

    When installing a wireless network that is going to be used all around your school, it is important to survey the buildings and map out where each wireless access point will be placed.  It will also allow you to find the best positions to place new cabling and to help stretch your budget a little…

  • Configure a static IP Address Server 2012 R2

    How to configure a static IP address for a Windows Server 2012 R2. As part of a Server installation, it is usually essential to configure a static IP Address.  A static IP address is usually configured if the Server will host Active Directory, DNS or DHCP roles.  Setting the configuration of an IP Address in…

  • What is a MAC address

    A MAC address is a unique identifying number that works in a similar way to a TCP/IP address, however this magic number is usually assigned to a network device when it is manufactured.  If your network uses TCP/IP, IPX or even NetBeui then all of these protocols will rely on the MAC address.