Accountability in enterprise wireless deployments

Sunil Cherian of Array Networks looks at using wired infrastructure to better secure wireless networks

As the need for mobility has grown in the enterprise, so have the security risks. While solutions have been developed to address specific security problems, there needs to be a holistic approach to WLAN security that leverages the security infrastructure of the wireline enterprise network.

The Growth of Enterprise WLANs

Enterprise WLANs have evolved significantly from the days where one only required a cheap access point, which provided coverage for a home or a small office. There have been two drivers behind the growth of WLAN deployments. The first started as a productivity enhancer by providing access to guests or people with wireless enabled laptops.

The second wave is the replacement of wired infrastructure with wireless, which is being driven by technology advances such as the 802.1n standard. With speed increases to 170 Mbps and the ability to build enterprise-wide wireless networks, wireless technology performance can be considered a "good enough" alternative to wireline. Moreover, tools have been developed to determine the best network coverage, avoid overlap between cells, and make better utilization of the spectrum in order to minimize collisions and maximize performance. Although the focus is on performance, the real goal is to enable the productivity that comes with mobility.

The Growing Risks of Mobility

However, with mobility comes a host of security risks and concerns. Since the end point is not fixed, enterprises have to worry about these more than they did about internal security with wireline networks where the physical gates and walls of the buildings, card access and user authentication infrastructure like Active Directory were deemed sufficient. Since wireless networks can be reached just as easily by someone outside the building as by someone inside the building, they are more vulnerable to snooping, impersonation, hacking and a variety of anonymous attacks.

Various technologies have been developed to try and address these concerns including migration from WEP to LEAP to WPA, 802.1x and supplicants, incorporation of IPSec VPNs on the clients and access infrastructure and many other patchwork approaches. Each of these approaches has brought with them some limitations as well. WEP has been cracked. Supplicants need to be deployed and managed because they don't always install well.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags wireless security

More about AlteonArray NetworksetworkLucentOctel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sunil Cherian

Latest Videos

More videos

Blog Posts