12.2 Costs of Securing WLANs

Previous page
Table of content
Next page

12.2 Costs of Securing WLANs

What are the costs associated with securing wireless networks? Compare the cost of the solution(s) against the assets the organization is trying to protect. Are security costs worth the investment, considering the risks, in implementing a WLAN? If the network is compromised, what could the potential costs be? How does the potential cost of infiltration and compromise weigh against the costs associated with securing the network? Each of the following questions should be addressed as part of a security cost analysis before moving forward with a WLAN installation that involves people, training, equipment, and time.

While implementing a multilayer solution, the cost of any given combination of solutions may be two times or more the cost of a single solution. Costs come in the form of dollars and time spent implementing and managing multiple solutions. Each layer of the security solution that is being considered should first be analyzed by itself to determine what costs will be involved in the purchase of any needed hardware or software.

Combining solutions often results in using two different types of security products from two different vendors, which does not lend itself to the opportunity for volume price discounts or purchasing combined solutions at a discount. Different deals will be required with each vendor for each particular part of the layering solution. Some vendors on the market can provide Layer 2 and Layer 3 solutions, but rarely do those vendors also have application layer implementations . It would be wise to consider requesting an RFP from an integrator that provides products and services from multiple manufacturers.

When considering which LEAP implementation will meet the organization's needs, one should consider how much ongoing maintenance, management, and project startup overhead is required. Costs in both labor and money should be considered. For example, if hundreds or thousands of wireless users were going to be deployed on the network, management costs would be considerable if EAP-TLS were used without a previously installed PKI solution. In this case, client certificates must be installed on each machine, and when a machine is lost or stolen, a certificate must be revoked . Using EAP-TTLS, on the other hand, would only require each workstation to have client software installed, and the authentication would occur through usernames and password validation, eliminating client certificate problems. Loss or theft of a machine would not pose a great security risk provided the username and password were not saved on the machine.

Other costs may come in the form of additional hardware and software, such as software licenses for server applications and per-machine licenses for client software that needs to be purchased. Some RADIUS software packages are more expensive than others. Some companies have opted to use 802.1 x /EAP client software packages, which can be easily deployed and are more cost effective than purchasing hundreds of certificates. From small to very large, VPN concentrators are known for being expensive, getting significantly more expensive as the number of simultaneously supported VPN tunnels increases . VPN concentrators are never purpose-built for wireless environments, hence the introduction of the Enterprise Wireless Gateway (EWG), which has VPN concentrator functions in a gateway specifically designed for wireless.

Thin clients are aimed at cost-conscious IT managers who see the value of simple and inexpensive desktop boxes that leave administration and deployment of software licenses to a central IT team that is no longer required to physically access each desktop. Wireless thin client devices are ideal for situations where an institution desires to deploy a fleet of devices that will be shared among "near mobile employees " who are roaming a campus and accessing clinical or corporate information from their local area network (LAN) using 802.11 standard wireless networks. Thin clients have a low Total Cost of Ownership (TCO) because they are inexpensive and can be programmed, monitored , and maintained centrally . Thin clients have no moving parts (such as hard drives ) and are less expensive than typical laptops. Providing drivers and client utilities for particular wireless network cards as part of the embedded firmware image on the thin client is essential to a successful and simple deployment in many cases. Security solution provided by WLAN vendors (such as CISCO's LEAP) and thin client security solutions (such as Citrix's Secure ICA) are both viable WLAN security solutions in this product type.



Previous page
Table of content
Next page
Wireless Operational Security
Wireless Operational Security
ISBN: 1555583172
EAN: 2147483647
Year: 2004
Pages: 153
Authors: John Rittinghouse PhD CISM, James F. Ransome PhD CISM CISSP
BUY ON AMAZON
Qshell for iSeries
Image Processing with LabVIEW and IMAQ Vision
Developing Tablet PC Applications (Charles River Media Programming)
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
Information Dashboard Design: The Effective Visual Communication of Data
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy