Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
0
Wireless Network Security: What are the basics on securing a wireless network in a small office?
Anti-virus/anti-malware software is already installed, and we do have a password protected network. Should we consider installing a firewall as well? The only computers that access our office network are the 6 office machines, and the Founder’s laptop. What do you recommend?
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
5 Answers
In today's world you can NEVER be too cautious. Yes, a firewall is an excellent idea. There are a number of strong external hard-device firewalls available. Cisco/Linksys and SonicWall are two of the more well-known names in the industry, but there are others.
First, and foremost, use a proper encryption protocol and a very strong password. I typically use passwords in excess of 20 characters. Use something other than WEP, which can be easily broken. Hide your network's security id to make it less visible to someone driving by. Do not give your network an obvious name that may suggest what is contained therein.
You may even want to consider MAC address filtering, where each system has the MAC address of their network card(s) entered in to the router's configuration table. This adds another layer of protection against unauthorized access.
I also agree completely with the two previous posts to this question.
Do you need a wireless network? If yes, then use WPA2 for encryption. Anything less is too weak.
Another option is to have a wireless access point connected to a hardware firewall so the wireless access point is treated as the internet. You then connect to the wireless access point and bring up a VPN connection to the firewall. Your data to/from your internal network is encrypted and the threat to your network from your wireless access point is then the same as a threat coming from the internet.
A wireless access point connected directly to your network, even with encryption, would be a weaker solution due to the fact that the encryption on a WiFi connection is weaker than that of a VPN.
MAC address filtering wouldn't really help as you can spoof the MAC address of an existing client.
Hiding the SSID is a totally bogus security measure. It is sent in the clear with every association packet transmitted, regardless of encryption or SSID broadcast status. Vista and Win 7 actually actively "ping" the access point with these packets to help keep the connection alive! This is how it is possible to see "hidden" wireless networks.
SSID = Service Set Identifier.
The point of hiding the SSID isn't to secure the network, simply to make it less visible. If someone is really determined to get into your wireless network, they will find a way. That is why Robin's suggestion of putting a firewall behind the access point is a good one.
Answer This Question