11.8 Conclusion

This chapter has covered the IEEE 802.11i draft and its importance in securing existing and future wireless networks. Additionally, we have covered IDSs, the security advantages of thin clients in a wireless environment, use of DHCP services for authentication, baselining, use of Kerberos, RADIUS, and LDAP for WLAN authentication, multifactor authentication, and 802.11i and WPA and their importance in securing existing and future wireless networks. Of particular importance is the current transition to the IEEE 802.11i draft standard and WPA as a stop-gap measure. WPA is a new set of tools defined by the IEEE and implemented by the WiFi Alliance to secure wireless networks. WPA compliance will be necessary in order for vendors to receive or maintain product certification from the WiFi Alliance. There will be multiple modes of WPA operation to allow for different environments. PSK will accommodate SOHO networks that have no central authentication server, EAP framework, or VPN solutions. Mixed-mode deployment will compensate for environments with several types of authentication and encryption solutions in place by smoothing the transition between legacy and leading-edge security standards. In the future, both regulatory and general security requirements will drive higher levels of encryption than those currently offered in WEP and TKIP solutions to those that implement 3DES or AES.