Strategien


WLAN-Sicherheit

Cheap, Cool and Dangerous

Sarah Scalet ist Senior Editor unserer US-Schwesterpublikation CSO Online.

3 Encrypt data end-to-end witha VPN.

Within the next two years, Odson anticipates that her attorneys willalso use WLANs regularly for accessing the network. In fact, she's sosure of this that as Paul Hastings designs new offices, she's spendingless money on cabling. For transmitting sensitive legal documents ande-mail, she'll use a combination of virtual private networks andencryption, treating each attorney as a virtual user even if he is inthe office.

For that scenario, even an improvement on WEP wouldn't work. WEPencrypts data between a wireless network card to the access point; aVPN encrypts data end-to-end. That kind of setup is already common incorporate America, especially for mobile employees. It isn't a perfectoption, of course. Not only are VPNs expensive and difficult to scale,but they also limit IT's control over the data transmitted over thenetwork, says Meta Group's Kozup. But he adds that this is still theoption most organizations are choosing for securing their WLANs.

4 Find a proprietary solution.

There are other proprietary wireless solutions for CIOs who aren'tcontent with these options. Major WLAN hardware vendors, including3Com, Cisco and Enterasys Networks, are adding extra securitycapabilities into their products. Among them, Cisco's LEAP (lightextensible authentication protocol), which automatically changes theWEP keys in less time than it would take a hacker to decode them, hasgotten the most attention. Other companies known as wireless LANgateway vendors - Bluesocket and Vernier among them - sell centralizedservers that perform authentication, encryption, and handle additionalmanagement and security details.

Zur Startseite