Wireless networks are becoming very common in the enterprise, with many devices utilizing it as a primary communication method. Although these networks provide convenience and enhanced productivity, they also provide new opportunities for abuse and breaches of security. This is especially true when wireless devices are in proximity to people or computers that run on the traditional wired network. As such, organizations must be equipped with robust security controls to protect their wireless environment from potential threats and intruders. In order for effective enterprise defense strategies to be put in place, it’s important that we have a solid understanding of how wireless technologies interact with the wired network environment. In this article, we’ll discuss the similarities and differences between the two network architectures and break down the wireless security concerns that must be addressed in order to protect your wired network resources.
Wireless Technology:
Wireless technology has created a new influx of networks within our organizations. This has introduced many new challenges as well as opportunities for our users. For example, Users may want to use their laptop while traveling or working on a sales presentation in a conference room, users now have access to distribute computing solutions (such as Thin Clients), and users are becoming more mobile by using more wireless devices such as PDAs, mobile phones, smartphones and wireless headsets instead of traditional computing devices such as desktops and laptops.
Wireless technology has also provided new security concerns that must be addressed in the organization’s wireless network architecture. One of the key concerns is the problem of electromagnetic interference (EMI). EMI is a concern when two or more wireless devices are operating in proximity to one another. If a new wireless device is operating nearby an existing one, this may cause degradation of performance and possibly even damage to the existing device. The most common form of EMI can be attributed to the use of wireless devices in enterprise environments. An EMI issue on the wireless side is often the cause of poor performance and increased latency in the wired network. This can also be a major concern with virtual private networks, as high-frequency radiation waves (termed “white space radiation”) can exist in this environment.
Wireless Network Security:
It’s important to understand how all wireless devices operate in order to design a secure and effective architecture for them. Wireless security is just one of these concerns. Some of the concerns and techniques for mitigating wireless networks.
- Encryption: A wireless protocol that uses encryption to secure data and messages over the air.
- Rogue Access Points (AP): An AP is a wireless access point that can be used by unauthorized users to gain access to your networks.
- WLAN Spoofing: Using falsified data in order to impersonate a legitimate access point (AP).
Attacks on Wireless Networks:
There are two main categories of attacks that can affect wireless networks: Distributed Denial-of-Service (DDoS) and Distributed Hash-table (Hashing). These attacks can take place on the 2.4 GHz and 5 GHz ranges of the spectrum, depending on the type of encryption used. In order to protect your organization’s wireless network resources, you should be familiar with these common attacks as well as their potential impacts on your network. Where possible, we’ll discuss how to mitigate them with Enterprise Wireless Security Design and Implementation.
Distributed Denial-of-Service:
Briefly, DDoS is an attack in which a number of computers are connected to a centralized source using peer-to-peer networking, which allows them to send packets at extremely high rates. These packets are targeted at a single victim, which will eventually result in the victim’s inability to respond to requests. DDoS attacks can be launched by using multiple wireless devices with IEEE 802.1Q encryption. This type of encryption provides fast data rates and is used in exchange for its vulnerability to the following attack:
- The attacker connects to each wireless device individually and sends it a spoofed IP packet with its source address set to that of the target (victim). The AP receives this message and responds in kind, which results in a flood of traffic being sent directly to the victim.
- In order to mitigate DDoS attacks, you should implement a centralized wireless security solution to monitor and control.
Distributed Hash-table (Hashing):
Hashing is an attack in which the attacker computes a hash value based on the data being transmitted. If the hash value matches that of a preconfigured table, then a denial of service may occur. This type of attack comes in two varieties:
- Distributed Collision-Based Attacks (DCBA)
- Distributed Hashing-based Attack (DHBA)
Unlike the case with DCBA, where collisions are expected between APs due to their limited number of slots in IEEE 802.