Manualshelf

Operation Manual

ManualsBrandsCompaq ManualsComputersIpaq 3630 wireless security
21222324252627282930
Wireless Security White Paper 29
See “Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success”
(
http://activeanswers.compaq.com/ActiveAnswers/Render/1,1027,1317-6-100-225-1,00.html) the
Compaq technical guide cited at other places in this paper, for detail on security measures
recommended for corporate servers.
Conclusion
Pre-wireless technologies such as networked desktop computers, extranets, firewalls, and virtual
private networks (VPNs) all have certain vulnerabilities to intrusion and attack. Such attacks,
however, can be traced to a physical location, and the risks they pose can be overcome if the
security holes are anticipated. With wireless connectivity, however, the ability to trace a breach in
network security to a physical location is severely limited at present. A lost or stolen mobile
device may compromise the network. Issues such as subscription fraud, eavesdropping, and
denial-of-service attacks acquire even greater weight because of the difficulty in tracing them to a
physical location.
In general, it may be considered both a blessing and a challenge that wireless users have benefited
from the security lessons learned from wired technologies in the 1990's. Whereas security around
new technologies in the nineties traditionally arrived as an afterthought, wireless users expect
security to be built into the system from the beginning. Products without security will not survive.
This paper has shown, however, that users of wireless networks are not taking full advantage of
available security mechanisms. This paradox is in line with a traditional response to new
technology in which excitement trumps caution for a time.
It is imperative for users to make use of the security technologies and techniques available for
both wireless and wired networks. The following principles apply:
1. A security policy must address every essential element of security (Privacy, Authentication,
Integrity, Non-Repudiation)
2. A security policy must be applied at every point in the wireless access pipe (device,
connectivity technology, access point, corporate access, and corporate data.
3. A security policy must be consistently enforced for all users, regardless of device or method
of access.
4. Multiple technologies or security policies should be applied for greater security at key points
in the pipe and should address the key essential elements of security.