Wireless Technology in a Wired Environment
Since their inception, wireless networks have been known for being vulnerable. On the other hand, the current emphasis on security has made this type of environment more secure than a wired network in some ways. In this article we will shed more light on the subject and describe how a few security techniques from wireless security can be implemented into your wired network.
It seems as if the terms "wireless network" and "insecure" go hand and hand these days. The World Wide Web has been congested with various articles telling gruesome stories about wireless networking. From RAPs (Rogue Access Points) and parking lot spies to the planting of secret antennas, they have all been a major problem for several wireless network administrators. When considering the facts, it's hard to see how any aspect of the wireless environment can be more secure than a wired network.
Benefits of Wireless Networks
While both have their drawbacks, wireless technology does have its advantages. One of them relates to the very factor that has dubbed wireless networks with the "insecure" label. Wireless networks have ascended to such popularity that several companies have invested major dollars into developing products to make these environments more secure. There are many security solutions for wired networks as well, although wireless products tend to better developed and often suited for both environments.
Another advantage is a basic feature that comes included with most wireless access points, a list of users or workstations allowed to access the network. This allows you to enter the MAC (Media Access Control) address of each wireless NIC (Network interface Card) associated with the network. If someone attempts to make a connection to the network, the access points determine if a particular MAC address is allowed. If not, that connection request is denied.
Most wired networks do not have such a system in place. Several administrators have the misconception that every computer on a wired network is authorized to be there, seeing no need in using a MAC address filter.
RAP in Wired vs. Wireless Networks
While it is highly unlikely that a stranger will walk into the office, plug up their laptop and manipulate the connection of a wired network, Rogue Access Points have become a large problem for many businesses. Numerous situations have been documented where companies have been in dispute about whether or not to implement a wireless network. A common case involves a disgruntle employee setting up an access point of their own against company wishes. This can be easily done as an employee doesn't need a spare network plug to create their RAP. Most access points come with a built-in mini hub, which allows the rogue employee to plug their computer right into it. With a MAC address filter in place, the RAP would never be able to access the rest of your wired network.
The Flaws of the MAC Address
Although rather helpful, the MAC address feature doesn't not provide complete protection. For instance , an intruder can eavesdrop on the network, obtain a valid address from an authorized NIC and the reassign that address to their own NIC. This is when you should know that the MAC filter is not your only defense mechanism. You can also employ various layers of protection including WAP encryption, firewall applications and Intrusion Detection Systems - common wireless security mechanisms that work just as well in the wired environment.