Date: 2009-08-10 12:58:08
Wireless comes with its own set of acronyms and security terminology that we will briefly discuss.
Default Wireless Network Name (SSID)
The Service Set Identifier or SSID is the name that the wireless device will advertise. By default it is typically the brand name of the device like linksys, netgear, or tsunami in the case of Cisco. This name can be set to not broadcast. It should also be changed to something more relevant like YourCompanyName, or perhaps something less conspicuous like AP0001.
Here is an example of a few SSIDs being advertised.
There are several wireless protocols on the market now. Most times the access point needs to match the wireless card in the computer.
has a maximum rate of 54 megabits per second. It was released in 1999, and was not very popular. It operates at 5 gigahertz. Its overall range was far less than 802.11b and its costs were higher.
has a maximum rate of 11 megabits per second. It was released in 1999, and was very popular. It operates at 2.4 gigahertz. Other devices that operate on this frequency are microwaves, baby monitors, cordless phone, Bluetooth etc...
has a maximum rate of 54 megabits per second. It was released in 2003, and became popular. It operates at 2.4 gigahertz, but uses some technology from 11a as well. A number of new adapter cards are capable of dual or tri-mode operation in B, G, or A. Note, in a G network, if a B device comes online all the other G devices will slow down to B speeds. 11g suffers from the same interference as 11b.
has a maximium rate of 144 megabits. It has not be ratified by the industry working group, although several vendors have released devices already.
Each device operates on certain channels, much like a T.V. Typical channels are 1, 6, and 11. If there are other wireless access points occupying the same area you can choose a different channel to avoid "bumping" into or talking over the other device.
We don't want people snooping on our conversations and email, especially if it is business related. There are a couple encryption methods that can be used to thwart snooping. Each has its own benefits and weaknesses. The newest form of encryption commonly used is Wi-Fi Protected Access (WPA/WPA2). WPA/WPA2 is more secure than its older brother Wireless Equivalency Privacy (WEP). WEP may have to be used if older devices are used in the office. WPA or WEP is enabled on the wireless router or access point. When the configured a key or passphrase is chosen. This key must be used on every computer or device that needs to connect. It only needs to be set up once. After this security feature is enabled all transmissions between the computers and the access point will be encrypted.
MAC Address Filtering
Each computer has a unique Media Access Control (MAC) address. The MAC is also known as the physical address. This address can be typed into the access point to restrict what computers can connect. This is another layer of security. It is possible for someone in the office to hand out the encryption key, much like loaning someone a key to the office. MAC filtering will allow only pre-authorized computers to talk to the access point, even if they have the encryption key. Each computer that needs access to the internet would need to be authorized in the access point first. You can find the MAC by opening a Command Prompt in Windows and typing: ipconfig /all
Default Device Password
Another important item is changing the default password of the wireless device. Since it is a wireless router/access point, and accessible by anyone in range, nefarious people may try to gain access to the device and reset all the security.
Another way to reset or bypass the security is to physically push the reset button or plug right into the router with a cable. If physical security is a concern it is best to keep the network devices in a separate room, closet, or in a vented rack/box that can be locked.
If you would like more information, please let me know. I am more than happy to provide advice and assistance.