Guide to securing a wireless LAN
A white paper from HP discusses the threats posed to 802.11 wireless LANs from hackers and provides best-practices approaches to securing WLANs. Entitled Securing the Enterprise Wireless LAN: How to protect against security breaches in a wireless age, the paper offers guidance from developing appropriate security policies to how to manage individual pieces of WLAN hardware. Ric Hall, a systems architect in the HP Network Architecture, Global Network Engineering organization, authored the paper. HP offers design, implementation, monitoring and management services for WLANs.
In a section of the paper called "Protect the data transport," Hall makes the following recommendation about access points.
Use lightweight access points. The lightweight access points within the WLAN controller-based solution that HP uses do not store encryption or other security information locally, so the network cannot be compromised if an access point is stolen ... To prevent unplanned changes to RF coverage, access points should be secured against tampering. When possible, deploy them out of sight above a suspended ceiling, with only the antenna visible.
That section of the paper also encourages WLAN managers to complete site surveys, change default parameters, use authentication and key management, use strong encryption and comply with WLAN regulations and standards among several other recommendations.
Following the white paper's text are lists of eight recommendations for WLAN management, 27 technical recommendations and 12 operational recommendations.
