Summary

Many concerns are involved in securing wireless networks. A solid network design with proper Layer 3+ controls and controlled signal leakage are all part of an important start. Using proper, proven encryption algorithms and authentication, disabling SSID broadcasts, locking down MAC addresses, and hardening your access point are all vital in the proper security of your wireless network. Employing defense in depth with host-based security mechanisms and IPSec round out the network's security. Auditing the design with popular AP detection tools, wireless sniffers, and encryption-cracking tools validates your work.

Although no one suggestion in this section is a foolproof defense for wireless security, using the combination of these security techniques will help keep your network off the attacker's radar and make compromising it a much more difficult task. Because undefended wireless networks are in such great number at this time, the more protected your wireless network is, the less likely an attacker will waste his time pursuing it. The reality of network security is that in environments that need to be highly secure, wired networking should be deployed. It is less expensive and easier to lock down than its wireless counterpart. However, when business needs dictate that wireless networking is to be used in your environment, deploying solid wireless network security methods, as covered in this chapter, will prove invaluable to your organization.