Page 14 Processor.com December 2, 2011 HOW TO Secure Your Wireless Network Protect Your Employees & Sensitive Data From Outside Threats Because wireless networks are becoming the norm in business environ- ments due to the influx of smartphones, tablets, and mobile devices into the work- place, it’s more important than ever to have strong security and encryption in place. Koroush Saraf, senior director of product management at Fortinet (www .fortinet.com), shares a fictional but real- istic situation where an employee could send sensitive data to hackers without even knowing it. “The threat usually involves a malicious traffic interception scheme, either as a pas- sive scanner or as an active evil-twin access point that’s impersonating a real SSID a company is using in their infrastructure,” Saraf says. “An employee’s laptop will con- nect to this evil-twin access point, since it can’t tell the difference, making it easy for the interceptor to siphon off all of the employee’s communication.” This is just one example of how easy it is to lose information during the wireless transfer of data and one reason of many why wireless network security is so important. We’ll show you a few steps to take when securing your network, including how to get started and how to manage your implemented solutions. Assess Your Employee & Connectivity Needs The first and most important step in secur- ing your wireless network is to understand what you need based on the number of employees you have, what types of devices they’re using, and how many total devices will need access to the network. From there, you’ll know exactly how big the network will need to be and, in turn, get a good idea Action Plan Teng Tai Hsu, executive vice president at 4ipnet (www.4ipnet.com), provides a quick list of steps to follow when assessing your security needs and setting up your wireless network security: ¦ Determine the number of users that will have access to the wire- less network. ¦ Determine the number of WLAN access points required to provide the required capacity and coverage. For the service quality of wireless access, it is recommended that each access point not servicing more than 10 users. ¦ Determine the type of access control policies required. ¦ Select a WLAN controller type of equipment with the capacity and features that can manage the planned wire- less network. Top Tips ? Understand that security should be in layers, says Koroush Saraf, senior director of product management at Fortinet (www.fortinet .com). Some products say that they provide high-level security, but if it isn’t a layered approach that addresses every facet of the wireless network, it won’t be as effective. ? Only purchase products from companies known for their security DNA, Saraf says, because such companies have dedicated per- sonnel that keep track of threats and have centralized upgrades and feeds to keep wireless systems up-to-date. ? Saraf says companies should understand that a wireless network is a shared medium with a scarce bandwidth, which means they should purchase business-grade wireless LAN products that not only provide connectivity, but also ensure network uptime. ? Make sure that you aren’t buying a product simply because it is easy to install or because it has the most visibility, Saraf says. Instead, conduct research and focus on finding a solution that solves your company’s security problems. of how many access points you’ll need to protect. Then, it’s a simple case of under- standing what type of solution will fit your specific environment the best and ensuring that it will be reliable and easy to use. Tools Of The Trade After you’ve assessed your overall secu- rity needs as a company, it’s time to choose a type of security as well as the solutions that help you achieve the highest level of secu- rity. For instance, Teng Tai Hsu, executive vice president at 4ipnet (www.4ipnet.com), suggests companies invest in solutions that have WPA/WPA2 with AES encryption and 802.1x authentication because this will protect the network as a whole and prevent outside access from unwanted users. But if you are working with hundreds of access points and feel overwhelmed at the thought of managing Key Points You must first gather employee and device information in order to understand how many access points you’ll need and the best possible way to protect them. Invest in a solution that has at least WPA/ WPA2 enterprise-level encryption and use a WLAN controller to help centrally manage each access point and prevent unwanted outside access. Always keep an eye out for new security technologies that can help keep your wireless network safe as new threats and vulnerabilities arise. all of them, Hsu says that WLAN controllers are great for centrally managing wireless net- works. “WLAN controllers can help reduce the management and maintenance complex- ity of the wireless network and automatically configure WLAN access points,” he says. Going back to his previous example, Saraf recommends that in addition to WPA or WPA2 enterprise-level security, companies should find a solution that can detect rogue access points that may pose a danger to their infrastructures and employee lap- tops. Saraf stresses the need for a two-pronged approach where your internal access points are When you first start protected from outside threats and investing in security your internal resources, including solutions, it’s impor- employees and devices, are safe tant to make sure from misleading network connec- tions outside of your company. you’re getting every- As with any type of solution thing you need from in an SME environment, both the beginning. Teng Tai Hsu and Saraf stress ease of use Hsu, executive vice presi- and adaptability when shopping dent at 4ipnet (www.4ipnet around for security products. .com), stresses the importance For instance, along with a cen- tral management tool, such as a of a WLAN controller because it WLAN controller, you should secures “both the wireless net- look for solutions that provide work and wired ports installed regular security reports and ana- in the office to prevent unwant- lytics, so you can make adjust- ed WLAN access.” And Koroush ments to security settings based on Saraf, senior director of product that data. The key is balancing the overall complexity that comes with management at Fortinet (www fully featured security solutions .fortinet.com), says that invest- with simplified implementation, ing in unified threat manage- management, and maintenance ment is important, as well. tools to ensure that your defenses “Unified threat management are always in place and that all of includes strong authentication, the settings are tuned to your com- pany’s specific needs. strong encryption, automated Get Started reporting,” and many other features that are important for wireless security, Saraf says. Keep Up With The Changes Security is evolving along with the rest of the IT industry, so it’s important to constantly look ahead for the newest solu- tions to future security issues. Even though you have a solid security platform in place, that doesn’t mean you can rest on your laurels and wait for something to happen. A com- pany’s security effectiveness is dependent on predicting possible vulnerabilities and addressing them early on, which can save data, man hours, and money. P