Stop Wifi Intruders and Freeloaders
A huge number of businesses have wifi networks on their premises in order to provide Internet connectivity to customers and/or employees. Yet, in their haste to create hotspots, many companies fail to build adequate security into their wifi networks.
A poorly protected wireless network leaves users' transmissions vulnerable to interception, leading to potential financial losses as attackers use stolen credit card numbers, bank-account passwords, confidential business information and other sensitive data to enrich themselves and their cohorts. For the business hosting the network, inadequate safeguards can expose critical wired and wireless network resources to snoops and crooks.
Protecting a wifi network isn't difficult, but it takes time, careful planning, attention to details and a few simple security tools. Below are strategies that can help you secure your wifi network.
1. Secure your access points. Begin by creating a new administrator password. This is a simple step that many businesses overlook. If an access point's administration area can be accessed by entering a stock word like "admin" or "password," the system is literally begging to be attacked.
2. Activate encryption. Using WPA (Wifi Protected Access) encryption in the form of WPA or WPA2 is highly recommended. WPA or WPA2 with EAP-TLS (Extensible Authentication Protocol Transport Layer Security), with both user and computer certificates, is the strongest method of authentication. EAP-TLS uses digital certificates to provide mutual authentication, in which the wireless client authenticates to the authentication server and vice versa. EAP-TLS authentication requires a PKI (public key infrastructure) to issue certificates and keep them current. The PKI should be configured to issue both user and computer certificates for wireless access.
Some older clients don't support WPA or WPA2. If you decide that your network must serve such technologies, turn on 128-bit WEP (Wired Equivalent Privacy) encryption and use a password to generate the key. Be sure to keep a record of the password so it can be supplied to the people who need network access. Remember, however, that WEP is a weak security approach that can be defeated relatively easily by a skilled attacker. One way of improving on static WEP is to configure access points to use MAC (Media Access Control) filtering to allow only a predefined group of clients to access the network. Unfortunately, a truly committed attacker can also defeat this technique.
3. Create a fresh SSID. What could be worse then using a default SSID (service set identifier)? Why, giving it your company's name, of course (although potential hackers will thank you for identifying their target). Try using a name that's cryptic, like "jup2fjk," or one will make attackers think twice — something like "infected node" (although such a name may also scare away legitimate users from using a public hotspot).
4. Sniff out rogue access points. Most business networks lie within range of access points connected to other networks. Most of these access points will be linked to legitimate systems, but some may be the handiwork of potential mischief-makers, such as attackers and even company employees operating their own unauthorized networks. Unmanaged access points can create a vulnerable point of attack against a business's network. Plugging a laptop into the network and running a detection tool, provided by a vendor such as AirMagnet and Aruba Networks, will enable the network administrator or other authorized individual to quickly pinpoint the existence of any rogue devices. Steps can then be taken to either take down the access point or to secure the network against its presence.
IT must ensure new applications are rolled out quickly, reliably, and without risk, while at the same time guaranteeing performance and availability. Read this VirtualWisdom white paper to find out how to achieve application-aligned infrastructure performance, and more. more
Today's SRM and APM tools weren’t designed to manage the real-time performance and availability of your application infrastructure. Nor are they capable of giving you an unbiased, system-wide view of how applications are performing throughout the infrastructure they’re riding on. This whitepaper describes how the VirtualWisdom IPM Platform can help you. more
Free 60-Day Trial: HP Intelligent Management Center (IMC) Network Management Solution more
This complimentary presentation from HP features VP of Marketing Mike Banic's demonstration of the HP Virtual Application Networks Manager Module. Mike will introduce you to the module, show you how to deploy new applications in the data center, and much more. more
HP and Microsoft joined together to create and deliver the most complete, end-to-end UC&C solution, optimized for Microsoft Lync. Download this free white paper to find out exactly how HP and Microsoft transform how businesses communicate, enable workflow tasks, and provide business tools to office and remote workers reliably! more
Increasingly, the success of business is being tied to the network. The transformation of the network and IT can help organizations deliver and support highly available applications and services while reacting more quickly to changes in the business environment. In this complimentary white paper from IDC, learn how HP can help its customers and partners improve the overall application experience. more
The cloud is a desirable destination where applications and information are readily available and can be consumed quickly, efficiently, and anywhere. HP Virtual Application Networks provide a fundamentally better operating model for IT; download this white paper to find our exactly how! more
This white paper gives an overview of software-defined networking and how HP is leveraging SDN to deliver the Virtual Application Networks strategy. more
This Technology Spotlight discusses the business drivers to optimizing networks and examines the role that HP plays in providing network infrastructure consulting services. more