Rx for security anxieties
If you are a conscientious network manager, you might still be fretting about whether wireless LANs are really secure. It is true that because wireless data isn’t confined within cabling, radios in wireless access points belonging to utter strangers might be able to tune in to your data -- wittingly or unwittingly. Those access points could be in an office next door or across the street.
To assuage these worries, the Wireless Ethernet Compatibility Alliance (WECA) -- the multivendor alliance that certifies compliance and interoperability among 802.11 wireless LAN products -- has a few tips. First, Carl Temme, chair of the 5-GHz Marketing Group within WECA, has a few noteworthy comments about the Wired Equivalency Protocol (WEP):
* WEP is a 40-bit encryption scheme that is aimed to allow wireless LANs to achieve the same degree of privacy afforded by physical cabling (carrying unencrypted data). In other words, the protection afforded by a copper or fiber sheath is about what you get with WEP.
* 802.11b LANs ship with WEP not activated (because each customer needs to specify an authentication key). So in order to benefit from WEP, you must turn it on. Temme says this basically involves "flipping a switch" on the client LAN card and at the access point.
* WECA stresses that for most organizations, WEP will likely be just one component of a wireless security strategy. The group recommends also using IP Security or taking advantage of vendor-proprietary encryption that uses 128- and 256-bit keys for stronger security if your data must remain private.
* WEP is an optional component of the 802.11b standard, so it is not a given that all "802.11-compliant" products support it. However, for a product to receive WECA’s stamp of approval, WEP support must be present, as well as interoperable with other WEP implementations.
Meanwhile, the IEEE is enhancing the security mechanism in 802.11 LANs by adding more granular authentication capabilities and longer key lengths, Temme says.
Temme is also director of product marketing at wireless LAN chip maker Atheros Communications and was formerly the chair of Task Group H within the IEEE 802.11 committee. "This is new and is still being standardized," he says. However, he expects that once the security is enhanced, WECA’s test equipment would be upgraded to verify and certify compliance.
» posted by ITworld staff
Network World
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
