Securing Wi-Fi For Security Applications
♦ Securing Wi-Fi for security applications – we are thinking of incorporating a Wi-Fi subnet into our security system and are wondering how we could ensure security.
A: Wi-Fi integration can be risky, even if your security profile is optimised. All the simple things help with Wi-Fi. Start by changing the default passwords and apply WPA (Wi-Fi Protected Access) encryption, not WEP.
Filter your MAC addresses so as to restrict access to authenticated users. Some people might think they can retain bandwidth by rejecting encryption and just controlling WLAN access with MAC addresses but this is naive. A MAC address is nothing more than a 12-digit HEX that any old sniffer program will swallow whole and regurgitate.
Be sure to protect service set identifiers (SSIDs) – change them from default for a start. Firewall everything – the network and your wireless devices using a host-based solution. Keep your anti-virus defences up. It’s not about keeping viruses out so much as stopping spyware and Trojan horses at the network gate.
Other things to consider with Wi-Fi include integrated wireless security options and applying internal VPNs to ensure nothing that’s not encrypted by your system can transit your network.
It’s also possible to deploy Wi-Fi applications on a subnet that’s independent of the core security system, allowing your IDS to police data coming from in that subnet as though it’s coming from outside your network’s sterile zone.
#SEN #SENnews #security #electronics
