- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Security standards aside, wireless gear vendors are peppering their products with other features that can help secure WLANs, including access controls, VPN technologies and tools to locate and lock out rogue users.
One of the most common security features of the access points tested was MAC-based access controls. 3Com, Actiontec, Airespace, Aruba, Buffalo, Cisco, HP, Netgear, Proxim, SMC and Trapeze all support this feature. To use these controls, you need to know the Ethernet address of every wireless card that will connect to your network. It might seem tedious, but it helps defend against casual attackers.
MAC-based access controls come in two flavors. Access points designed for home use force you to keep a static list of MAC addresses on the access point. This technique has become popular enough that access point and wireless switch vendors have scaled this technique so that multiple access points can look up the static MAC address in a RADIUS server to see if it's allowed on the network.
Access control of the second sort comes in built-in firewalls shipped as part of an access point. Some access points, such as 3Com's WL-450, do a very simple type of packet filtering, primarily designed to keep garbage such as IPX routing broadcasts off your WLAN. Others have a more sophisticated set of packet filters for access controls. For example, the Airespace switch and the Buffalo, Cisco, HP and Proxim access points all let you control access up to the IP level. For serious firewalling, Aruba packs a full, stateful firewall into its wireless switch equipment.
Trapeze's access controls apply to the actual authenticated user. Most products define controls based on which WLAN you are on, so all users on that LAN get the same access list. However, Trapeze actually ties the IP access list to authenticated users, so your access list is defined based on your authentication information. Airespace offers a similar feature as an option. When using RADIUS for authentication, you can also send down an access control list name that will apply to that particular user.
Rss FeedRss Feed
Discover the capabilities your file integrity monitoring solution should have to effectively secure...
Realizing the Potential of User-Generated and Social NetworkingCan communication service providers (CSPs) leverage Web 2.0 services and create new service...
Digital Asset Management StrategyThe reality of Dramatically changing media landscape, has created awareness within the media and...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Intelligent Mobility: BlackBerry Technical Seminar 2008The virtual BlackBerry Technical Seminar keeps growing in popularity every year, and we want to...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
WAN Ethernet services are reliable, cost-efficient offerings that are widely available and in a...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment