907 KB | 3 files | DOC, PDF
Wi-Fi has been in the enterprise for more than a decade now, but security on older wireless hardware has been lacking. This guide will help you map a migration to greatly enhanced IEEE 802.11i-based security.
Wireless local area networks (WLAN) are groups of wireless networking nodes within a limited geographic area, such as an office building or building campus, that are capable of radio communication. WLANs are usually implemented as extensions to existing wired local area networks (LAN) to provide enhanced user mobility and network access. The most widely implemented WLAN technologies are based on the IEEE 802.11 standard and its amendments. This document discusses the security of legacy IEEE 802.11 technologies — those that are not capable of using the IEEE 802.11i security standard.
Organizations employing legacy IEEE 802.11 WLANs should be aware of the limited and weak security controls available to protect communications. Legacy WLANs are particularly susceptible to loss of confidentiality, integrity and availability. Unauthorized users have access to well-documented security flaws and exploits that can easily compromise an organization's systems and information, corrupt the organization's data, consume network bandwidth, degrade network performance, launch attacks that prevent authorized users from accessing the network or use the organization's resources to launch attacks on other networks.
The National Institute of Standards and Technology (NIST) recommends that organizations with existing legacy IEEE 802.11 implementations develop and implement migration strategies to move to IEEE 802.11i-based security because of its superior capabilities. IEEE 802.11i addresses the security flaws in the original IEEE 802.11 standard with built-in features providing robust wireless communications security, including support for Federal Information Processing Standard (FIPS) validated cryptographic algorithms. While legacy IEEE 802.11 networks are still in use, organizations should follow the recommendations in this publication to compensate for the security weaknesses inherent in legacy WLANs.
The attached Zip file includes:
Cover Sheet and Terms.doc
This excerpt focuses on the conceptual aspects of defect management, including the basic concepts of a defect, how to manage defects, and an analysis of the root causes of defects. ... More >>
This document makes recommendations for how users and developers should select checklists from the NIST National Checklist Repository, evaluate and test checklists, and apply them to IT products. ... More >>
This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle. ... More >>