Enteprises' Biggest Fear: Rogue WLANs

By Eric Griffith

May 20, 2003

Research confirms that security issues have been keeping businesses both large and small from embracing wireless networks. Rogue WLAN access points and users are listed as the biggest fear by companies; 802.11i might be the only concrete solution.

In a conference call yesterday, Julie Ask, senior analyst at Jupiter Research (which is owned by Jupitermedia, parent company of this site) said that the next twelve months "will represent a time when enterprises do much bigger deployments of wireless LANs, and off the shelf boxes are not going to be cutting it anymore."

That's good news for the burgeoning WLAN switch market, certainly, but even those centralized solutions won't overcome the biggest fears network admins have about wireless, namely, security.

Ask's presentation, "Who's Listening to Your Wi-Fi?" was based on a Jupiter Executive Survey done in February. While 90% of those surveyed say improved security solutions will impact their decision whether to install a WLAN this year (with lower total cost a close second at 82%), perhaps most interesting was the major security concern: rogue user users and access points.

JupiterResearch's survey pegs rogue users as a bigger concern (for 49% of respondents) than even keeping up with the constantly revolving security standards in WLANs today.

Similarly, analyst Security provider AirDefense published a list of what it sees as the "Top 10 Wireless LAN Policy Violations" based on what it has seen. Leading that list is "Unsanctioned or Rogue Access Points," both internal and external.

Internal rogues, of course, are a worry whether a company has a WLAN or not, since any employee can plug an access point from their local Best Buy into an office Ethernet port to try and provide wireless access for themselves. Since these access point seldom get security turned on, they leave the network wide open to use by anyone in range of the signal.

Chris Kozup, analyst at META Group is quoted in the AirDefense list as saying: "Detecting rogue access points must be a top priority for security conscious enterprises, irrespective of their plans to deploy wireless technology,"

Kozup will be leading a WLAN Policies Webcast for AirDefense in early June.

Coming next on AirDefense's list were "unsanctioned wireless workstations" --which can connect to unknown WLANs outside of the office opening up access to files -- and "ad hoc networks" for the same reason.

Currently, Jupiter Research says 44% of respondents with a WLAN in place use restricted SSID access as the top way people are controlling security on their wireless networks today. VLAN segmenting and MAC address-based device authentication come next, beating out even 802.1X authentication.

The solutions out there are not perfect. Proprietary solutions can do the trick for some customers, but have issues, whether cost, proprietary product needs, or scalability. Ask also says that the current open WLAN security standards -- specifically WEP using RC4 encryption -- "fail to address all security issues."

Wi-Fi Protected Access (WPA), a subset of 802.11i (both of which incorporate 802.1X) that recently just saw its first product support, comes with big improvements over WEP, such as TKIP key management. WPA might be enough for most companies, especially those not in the healthcare or financial fields, says Ask.

"If you have a need for high security," says Ask, "you definitely have to wait for 802.11i."

802.11 Planet Conference What are you biggest security worries? Join us at the 802.11 Planet Conference & Expo, June 25 - 27, 2003 at the World Trade Center Boston in Boston, MA. Alleviate them by attending our full day of workshops covering WLAN security.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.