Previous Page Next Page

Chapter 12. Wireless LAN (WLAN) Security

Wireless LAN (WLAN) network deployments are on the rise and are becoming increasingly popular because of the ease of deployment, cost effectiveness, scalability, and significant productivity gains. This rise in the recent years has offered greater mobility to users by allowing them to move freely without tangling with wired workstations. Some of the most common WLAN deployments are not secured appropriately, thereby attracting unauthorized use of the network services. The lack of trust in the security of the wireless technology has caused increasing concern when organizations are deploying WLAN-based network solutions. Organizations now demand comprehensive and secure WLAN solutions. As the leader in providing wireless networking technology, Cisco now offers comprehensive solutions to secure wireless LAN networks.

Wireless LAN (WLAN)

WLAN is a LAN that uses radio communication to provide mobility to network users while maintaining the connectivity to the wired network.

The IEEE standardizes the security for wireless-based networks into two main components: the encryption and the authentication. The following section provides a basic overview of WLANs followed by a closer look at the security features.

Radio Waves

WLAN is a LAN that transmits over the air by using radio waves that travel between the clients and access points (AP).

WLAN uses spread-spectrum technology that is based on radio waves to enable communication between devices in a limited area, also known as the basic service set. Spread spectrum technology is used both to increase the data rate and increase its tolerance to harmful interference. Spread spectrum dictates that data transmissions are spread across numerous frequencies. This gives users the capability to avoid interference from other wireless devices.

Radio waves do not require a line of sight between sender and receiver and can send or receive signals through the walls, ceilings, floors, and so on. This means that the broadcast transmission can reach unintended recipients. Therefore, strong security measures are needed to provide the same level of security as offered by wired LAN networks.

IEEE Protocol Standards

In 1990, the IEEE standards committee established a group to develop a standard for wireless communication devices. The objective was to implement wireless LAN networks (an upper-layer feature) at the data link (Layer 2) and physical layer (Layer 1) of the OSI model because they use standard interfaces into the IP layer (Layer 3). This solution provided scalability for existing operating systems and applications to be integrated into WLAN devices without modification in the upper layers.

The IEEE introduced the 802.11 family for wireless communication devices that offered the following over-the-air modulation techniques used for the wireless-based LAN technologies:

The Wi-Fi Alliance, on the other hand, is a nonprofit, vendor-neutral organization that provides the branding for 802.11-based technology known as Wi-Fi. An 802.11-based device undergoes rigorous functionality and operational testing before it can be certified by the Wi-Fi Alliance as a compliant device to ensure the interoperability with all other Wi-Fi certified products regardless of the vendor.

Communication Method—Radio Frequency (RF)

As pointed out earlier, the WLAN is a LAN that transmits data over the air, using radio frequencies to communicate between wireless enabled devices. The transmission frequency of a WLAN depends on the IEEE protocol standard used.

The wireless-based standards take advantage of the ISM band (Industrial, Scientific, and Medical) radio spectrum that is deemed usable by the public. The 802.11 standard specifically takes advantage of the following RF bands:

These bands are unlicensed frequency bands (but are regulated by authorities) and are free for use by anyone without restriction as long as they comply with the regulations.

WLAN Components

WLAN networks comprise the following basic components:

Figure 12-1 shows a basic setup that includes wired and wireless LAN network connections.

Figure 12-1. Wired and Wireless LAN Connected Clients


Previous Page Next Page