Tips for Securing Your Wireless LAN
Though you might be an avid wired networker, wireless networks may be something you’re not so familiar with; especially with the security aspects. If your small business is considering expanding to offer wireless access, you need to make sure you properly secure your network. Without a secure network, Wi-Fi eavesdroppers can sniff the airwaves to view your network communications (emails, web pages, files, etc) and easily connect to gain access to your network.
Here are several ways you can implement a bulletproof Wi-Fi network:
- Use WPA encryption: Using encryption is the only way to prevent Wi-Fi eavesdroppers from seeing the raw data packets of your wireless network. Since WEP encryption can be easily cracked, you should use WPA encryption. The easiest way to use WPA is to enable the personal or home version, called WPA-Pre Shared Key (PSK). For a bullet-proof wireless network and for one that implements account logins (802.1x authentication), you should use the WPA-Enterprise version, which requires a RADIUS server.
- Use MAC address filtering: This consists of limiting the devices that can connect to the network by maintaining a table or list of approved wireless clients by their MAC address, the unique physical address. Though with the right tools, Wi-Fi hackers can spoof their wireless adapter with another MAC address (one they see being used on your network), this offers more protection.
- Limit outside coverage: This helps prevent people in the parking lot from even having the chance to hack your wireless signals, as it will be harder for them in receive all the data packets on the wireless network and harder for your APs to pick up their transmissions.
- Disable SSID Broadcast: Though this doesn’t hinder a serious Wi-Fi hacker, as hidden network names can still be picked up, it does offer another layer to help make their mission a bit harder.
Wireless security is about layers; the more security techniques you use, the more secure your Wi-Fi network will be.