896 KB | 3 files | DOC, PDF
The security of each WLAN is heavily dependent on how well each component — including client devices, access points and wireless switches — is secured throughout the WLAN lifecycle.
A wireless local area network (WLAN) is a group of wireless networking devices within a limited geographic area, such as an office building, that exchange data through radio communications. The most widely implemented WLAN technologies are based on the IEEE 802.11 standard and its amendments. The fundamental components of an IEEE 802.11 WLAN (hereafter referred to as a “WLAN” in this publication) are client devices, such as laptops and smartphones and access points (APs), which logically connect client devices with a distribution system, typically the organization’s wired network infrastructure. Some WLANs also use wireless switches, which act as intermediaries between APs and the distribution system.
The security of each WLAN is heavily dependent on how well each WLAN component — including client devices, APs and wireless switches — is secured throughout the WLAN lifecycle, from initial WLAN design and deployment through ongoing maintenance and monitoring. Unfortunately, WLANs are typically less secure than their wired counterparts for several reasons, including the ease of access to the WLAN and the weak security configurations often used for WLANs (to favor convenience over security). The purpose of this publication is to help organizations improve their WLAN security by providing recommendations for WLAN security configuration and monitoring. This publication supplements other NIST publications by consolidating and strengthening their key recommendations.
Organizations should implement the following guidelines to improve the security of their WLANs.
Included in this ZIP file are:
The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure. ... More >>
This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating a variety of attributes. ... More >>
This excerpt from chapter 7 provides an overview of cellular networks, LANs, PANs, WLAN security, and best practices for mobile device security. ... More >>