Executive Briefing: Wireless Network Security White Paper www.docs.hp.com Manufacturing Part Number : T1428-90017 September 2003 U.S.A. © Copyright 2001-2003 Hewlett-Packard Development Company, L.P.
Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material. Warranty.
Wireless Network Security Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Security is the Main Concern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Layered Wireless LAN Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Three Levels of Wireless Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Wireless Network Security Introduction Wireless Network Security Introduction Wireless network (WLAN) technology is the fastest growing segment of the communications market. According to Gartner Research, worldwide shipments of WLAN units are forecasted to grow at an annual rate of 42% through 2007. The major driver fueling this growth is the strong return on investment afforded by much lower installation costs, higher availability, and mobile data connectivity.
Wireless Network Security Security is the Main Concern Security is the Main Concern Wireless access points (APs) translate the hardwired electronic signals in the network to radio signals that are sent across the air. Plugging an access point into the existing network and a wireless interface card directly in the PC can extend networks quickly and easily.
Wireless Network Security Layered Wireless LAN Security Layered Wireless LAN Security Like all IT-based security, WLAN security should be handled in layers. This provides several advantages: stronger overall security, the ability to block access at multiple layers of the network, and flexibility in selecting the cost/benefit ratio of the desired solution. By building security in layers, protection can be provided at each layer in the network model.
Wireless Network Security Three Levels of Wireless Security Three Levels of Wireless Security 1 — Physical Layer Encryption The lowest level of security that can be deployed in a wireless network is the Wired Equivalent Privacy standard (WEP). WEP allows for 40-bit or 128-bit keys to be entered in both the access point and the clients to encrypt the traffic between the PC and the access point.
Wireless Network Security Three Levels of Wireless Security encryption keys. Through these enhancements, TKIP addresses all of WEP's known encryption vulnerabilities. TKIP software upgrades are expected to be available from wireless LAN component suppliers in 2003. A more robust replacement for TKIP being debated in the IEEE standards committees is a new encryption standard called 802.11i.
Wireless Network Security Three Levels of Wireless Security If the user is both authenticated and authorized to access the network, and the access point is verified as being part of the network, then the security server communicates directly with the access point to authorize the user's access to the network.
Wireless Network Security Three Levels of Wireless Security Figure 3 VPN Security and 802.1x Authentication Used Together 802.1x Security Server VPN Client Secured Network VPN Gateway /Firewall Wireless Access Point VPN Client Figure 3. VPN security used in conjunction with 802.1X authentication. Another consideration that must be weighed is the additional costs and administration overhead associated with VPNs.
Wireless Network Security Conclusion Conclusion The benefit of wireless networks is driving the explosive growth of the WLAN market. Where security has been the single largest concern for wireless network deployment in the corporate setting, strong security solutions are available to make wireless networks as secure as wired networks. Wi-Fi Protected Access (WPA) overcomes the inherent flaws of early wireless networks. WPA uses TKIP at the physical layer, and 802.