We talked about wireless security issues with Betty Chan, Wireless Product Marketing Manager at SMC Networks. Betty Chan has over ten years of experience in the high-tech industry and has been involved in the Wireless Networking area for the past three years.
SMC Networks among other things produce the EliteConnect line which is comprised of enterprise-class wireless LAN solutions. The first product available in the new line, the EliteConnect WLAN Security System, is an advanced wireless security and management solution. This cutting-edge system incorporates advanced VPN technology, user authentication and rights management tools for protecting mission critical data and managing mobile users.
Despite the insecurities of 802.11, the number of wireless networks is growing rapidly. What should be done in order to raise awareness of wireless security problems?
Press, News, Publicity, are the most credible and effective way of getting people’s attention. There should be more articles and news regarding wireless security problems.
Your product, the EliteConnect WLAN Access Manager is presented as “an ideal solution for protecting, managing, and controlling your wireless network.” Introduce its unique features.
The EliteConnect WLAN Access Manager unique features:
- Lies between wireless clients and the protected area of the network
- All traffic between each user and the rest of the etwork passes through the Access Manager
- Enforces VPN Security
- Enforces Authentication
- Enforces Rights of local authenticated users
- Wireless access the corporate network through Access Points, which are connected to Access Managers. It coordinates Layer 3 roaming with other Access Managers and maintains active sessions when roaming.
The EliteConnect WLAN Secure Server seems like a perfect product: “an all-in-one solution that provides network protection, access management, and an overall enhancement of your wireless network.” What are its distinctive features that make it stand out from the competition?
The EliteConnect WLAN Secure Server has the following features which set it apart from the competition:
- Fine-Grained Network Access Control by Time, Location, User, Host.
- Comprehensive Authentication Support including LDAP, RADIUS, 802.1x, Windows NT/2000-domain, Kerberos
- VPN Security Support including IPSec, PPTP, and/or L2TP/IPSec
- Convenient Web-Browser based Configuration and Management
- Anti-Mac Address Spoofing
- Packet Inspection Engine
- Layer 3 Roaming Across Different Subnets
- Persistent Session Roaming
- 24/7 Free Technical Support
- Limited Lifetime Warranty
What software do you use for testing the security of wireless networks?
We use programs like AirSnort. However, some of our wireless networking products have built-in intrusion detection and hacker monitoring function. In addition, we use various test like port scan, stealth scan, TCP, UDP scan to make sure the network is not compromised.
Handheld devices are now owned by many people who use it for business purposes, which makes companies more susceptible to wireless security problems. In your opinion, what is a good approach in writing a wireless and handheld device usage policy for a corporate network?
Our EliteConnect WLAN Security Product has a very good approach: it allows administrators to set fine grain access control policy called “Rights” that are based on Time, Location, Network Traffic, User, Guest, etc. This fine-grained set of user rights matches users with appropriate network privileges. For handheld devices users, the rights should be set to default as “Guest” and only have Internet access in the corporate network without any access to the corporate resources on the network.
Do you see Wardriving as an extensive problem?
Yes, that’s one of the reasons why we developed EliteConnect WLAN Security System to provide wireless security in the corporate environment.
Wireless security is subject to interference and therefore to Denial of Service attacks. What can be done to protect from such attacks?
Authentication of wireless clients will not proceed while the wireless network is being jammed. A good mechanism would be to have the ability to detect wireless interference or jamming attacks and automatically send an alert to the system administrator. Once authentication has been achieved, it is important to have a Wireless Security product like EliteConnect. Running VPN (IPSec or PPTP) tunnels from Wireless Clients to the network should be extremely safe and can protect the wireless client data with their strong standards-based encryption.
A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?
The biggest threats are that people are not educated or aware of wireless security. Naive users may not take any precautions and may leave their settings as factory defaults which makes it easy for hackers to attack the network.
What is your vision for the future of wireless security?
The future may be that all wireless clients will be required to be authenticated and run VPNs to their networks, that would solve a large number of the wireless security issues we see today.