NETWORK WORLD NEWSLETTER: JOANIE WEXLER ON WIRELESS IN THE ENTERPRISE 11/29/04 Today's focus: Rogue monitoring turns controversial
Dear [EMAIL PROTECTED], In this issue: * When are rogues a threat? * Links related to Wireless in the Enterprise * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Chantry Networks Chantry Networks is the leading provider of secure integrated mobility management solutions for wireless networks. Chantry's award-winning BeaconWorks suite of products offers unprecedented scalability and availability, coupled with unique network virtualization features; enables out-of-the-box compatibility with wired networks, and provides the foundation for wireless voice over IP. For more information visit: http://www.fattail.com/redir/redirect.asp?CID=88713 _______________________________________________________________ Weekly Webcast Newsletter The weekly Webcast Newsletter brings you information on webcasts available on NW Fusion - your 24/7 source for the latest solutions and strategies, complete with links, resources, and the personal answers you need. Covering vital topics like security, applications, wireless, and more, our webcasts are highly focused, single-topic briefings from experts in technology. Sign up today! http://www.fattail.com/redir/redirect.asp?CID=89245 _______________________________________________________________ Today's focus: Rogue monitoring turns controversial By Joanie Wexler A number of you replied in earnest to my recent newsletter, "Do we really need rogue AP detection?" Some of you asserted, for example, that if you've done a good job getting all your other network security ducks in a row, you shouldn't have to chase after rogue access points (AP). I agree. But I also think that's a big "if," at least in these early days of wireless. Others felt that even when properly implemented, 802.1X authentication wouldn't keep rogues from admitting intruders onto the corporate network. There I tend to disagree. But note the synergies between these two arguments. Let's start with No. 1: An otherwise well-secured network shouldn't be susceptible to rogues. True. But how many of you are completely up to speed with 802.11i deployments, wireless best practices and wired-network best practices, all working in harmony? 802.11i (a.k.a. WPA2) product certifications are very new, for example, and thus only a few are on the market. In addition, very few of the enterprises I interview tell me they are using even the older WPA to secure their wireless LANs. Most use dynamic WEP or MAC filtering (usually with SSID suppression) as their primary security method. Until wireless security deployment and practices catch up to the technology, it's not a bad idea to suppress rogues as a backup. Argument No. 2: 802.1X wouldn't disarm rogues. With no authentication measures implemented in the network, a rogue would allow any client to associate to the WLAN and possibly penetrate the wired corporate network. But with properly configured 802.1X framework in place, the supplicant (client) needs authentication credentials that can be verified by the back-end authentication server. If those don't exist, accompanied by network-access permissions, the user should not be able to tap any resources on the wired network. That leaves the user able to communicate, potentially, with other wireless devices. However, you could implement a two-way, mutual authentication algorithm within the 802.1X framework (using a two-way Extensible Authentication Protocol such as EAP-TTLS, PEAP or Cisco LEAP). This algorithm will authenticate not only the supplicant but also the AP. If it's a rogue, clients can't use it to get anywhere, on either the wireless or wired network. The degree to which you need to scan for rogues does depend on the strength of the rest of your security system. Until the latest wireless security products and best practices are installed and humming, though, having an automated system to identify rogues connected to your network and to potentially close them down is probably wise. RELATED EDITORIAL LINKS Do we really need rogue AP detection? Network World Wireless in the Enterprise Newsletter, 11/17/04 http://www.nwfusion.com/nlwir859 AirDefense counterattacks WLAN threats Network World, 11/08/04 http://www.nwfusion.com/news/2004/110804airdefense.html Wi-Fi plays defense http://www.nwfusion.com/nlwir559 Law could sway Philly Wi-Fi rollout Network World, 11/29/04 http://www.nwfusion.com/news/2004/112904philly.html _______________________________________________________________ To contact: Joanie Wexler Joanie Wexler is an independent networking technology writer/editor in California's Silicon Valley who has spent most of her career analyzing trends and news in the computer networking industry. She welcomes your comments on the articles published in this newsletter, as well as your ideas for future article topics. Reach her at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Chantry Networks Chantry Networks is the leading provider of secure integrated mobility management solutions for wireless networks. Chantry's award-winning BeaconWorks suite of products offers unprecedented scalability and availability, coupled with unique network virtualization features; enables out-of-the-box compatibility with wired networks, and provides the foundation for wireless voice over IP. For more information visit: http://www.fattail.com/redir/redirect.asp?CID=88710 _______________________________________________________________ ARCHIVE LINKS Archive of the Wireless newsletter: http://www.nwfusion.com/newsletters/wireless/index.html Wireless research center Latest wireless news, analysis and resource links http://www.nwfusion.com/topics/wireless.html _______________________________________________________________ Out with the old, in with the New - Application Front Ends (AFEs) Tune in to learn about an evolutionary jump from the late '90s - load server balancers - to today's state-of-the technology - AFE. http://www.fattail.com/redir/redirect.asp?CID=89246 _______________________________________________________________ FEATURED READER RESOURCE DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on securing remote access, VOIP and productivity, domain name system best practices, WLAN security, IT documentation and much more. Click here to download: <http://www.nwfusion.com/vendorview/whitepapers.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
