Better Wi-Fi Network Security: Advanced Techniques

"#1 Move to enterprise encryption

"If you created a WPA or WPA2 encryption key of any type and must enter it when connecting to the wireless network, you are only using the Personal or Pre-shared key (PSK) mode of Wi-Fi Protected Access (WPA). Business networks--no matter how small or big--should be protected with the Enterprise mode, which adds 802.1X/EAP authentication to the wireless connection process. Instead of entering the encryption key on all the computers, users would login with a username and password. The encryption keys are derived securely in the background and are unique for each user and session.

"This method provides central management and overall better Wi-Fi security.

"Instead of loading the encryption keys onto computers where employees and other users can recover them, each user logs into the network with their own account when using the Enterprise mode. You can easily change or revoke access when needed. This is especially useful when employees leave the company or a laptop is stolen. If you're using the Personal mode, you'd have to manually change the encryption keys on all the computers and access points (APs)."

Complete Story

Related Stories:

• Use FreeRADIUS for Wi-Fi Authentication (Part 2)(Sep 02, 2009)
• Useful Wireless Networking Connection Commands - Ubuntu/Debian Linux(Aug 21, 2009)
• Ask the Wi-Fi Guru: Extending Range, Upgrading to Linux Firmware(Aug 14, 2009)
• Ten top wireless connection tools for Linux(Aug 14, 2009)
• Use FreeRADIUS for Wi-Fi Authentication(Aug 12, 2009)
• Setting Up A FreeRadius Based AAA Server With MySQL & Management With Daloradius(Aug 21, 2008)
• EnterpriseNetworkingPlanet: FreeRADIUS and Linux Secure Your WLAN(Oct 19, 2005)