907 KB | 3 files | DOC, PDF
Wi-Fi has been in the enterprise for more than a decade now, but security on older wireless hardware has been lacking. This guide will help you map a migration to greatly enhanced IEEE 802.11i-based security.
Wireless local area networks (WLAN) are groups of wireless networking nodes within a limited geographic area, such as an office building or building campus, that are capable of radio communication. WLANs are usually implemented as extensions to existing wired local area networks (LAN) to provide enhanced user mobility and network access. The most widely implemented WLAN technologies are based on the IEEE 802.11 standard and its amendments. This document discusses the security of legacy IEEE 802.11 technologies — those that are not capable of using the IEEE 802.11i security standard.
Organizations employing legacy IEEE 802.11 WLANs should be aware of the limited and weak security controls available to protect communications. Legacy WLANs are particularly susceptible to loss of confidentiality, integrity and availability. Unauthorized users have access to well-documented security flaws and exploits that can easily compromise an organization's systems and information, corrupt the organization's data, consume network bandwidth, degrade network performance, launch attacks that prevent authorized users from accessing the network or use the organization's resources to launch attacks on other networks.
The National Institute of Standards and Technology (NIST) recommends that organizations with existing legacy IEEE 802.11 implementations develop and implement migration strategies to move to IEEE 802.11i-based security because of its superior capabilities. IEEE 802.11i addresses the security flaws in the original IEEE 802.11 standard with built-in features providing robust wireless communications security, including support for Federal Information Processing Standard (FIPS) validated cryptographic algorithms. While legacy IEEE 802.11 networks are still in use, organizations should follow the recommendations in this publication to compensate for the security weaknesses inherent in legacy WLANs.
The attached Zip file includes:
Cover Sheet and Terms.doc
This guide will assist organizations and system owners in making practical sanitization decisions based on the categorization of confidentiality of their information. ... More >>
This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations. ... More >>
This three-volume report presents an analytical framework that organizations can use to develop effective cybersecurity strategies tailored to their particular combinations of smart grid-related characteristics, risks, and vulnerabilities. ... More >>