SPECIAL FOCUS: WIRELESS

From the October 2005  issue of Communications News

Hot spots can burn you

Most mobile users do not realize that once connected to a wireless hot spot they are a member of a connected community of users–most or all of whom are strangers. There is often little or no control of what can pass from user to user via a wireless access point, and that can have disastrous consequences. A cafe Web surfer can easily become infected with a virus or worm that has been picked up by a neighboring user.

The real damage occurs, however, when the newly infected user returns to work and connects to the corporation’s wireless access point. The worm picked up during the coffee break now races into the user’s corporate network.

There are many security risks associated with wireless hot spots, from content-based attacks, such as viruses and worms, to network attacks, such as passive eavesdropping, session-hijacking or rogue access points. Wireless security standards have advanced within the last couple of years, with such standards as 802.11i, but despite the advances in authentication security, the issue of computer viruses and worms has not been addressed. That is why multilayered content security measures should be deployed at the network edge, in the fabric of virtual private networks, at all wireless access points, and at the host end point.

A wireless security platform should be like any effective, enterprise-class security system–multilayered. Corporate networks should deploy more than a simple access point with 802.11i. With the constant threat of content-based attacks, wireless unified threat-management (UTM) security appliances can provide a combination of security functionality, including antivirus scanning, intrusion prevention and a complete content inspection firewall on a single platform with wireless access.

Before connecting, users should authenticate to the network and authenticate the network itself, preferably in a way that is seamless for employees, thus allowing firewall policies to govern network traffic traversing the access point. Antivirus scanning and intrusion prevention can scan all inbound and outbound traffic for content-based threats like viruses and worms. The wireless security appliance should also provide rogue access point detection, which can help monitor the airwaves for rogue access points.

Enterprise organizations need to protect mobile users by deploying end point security software on mobile devices that provide antivirus/worm scanning, a personal firewall and spyware blocking. End points are quickly becoming a key
part of a comprehensive wireless security strategy to protect not only those end points, but also the corporate network when the user plugs back into the corporate office.

UTM security appliances with wireless access points offer security functionality and wireless access to protect enterprise companies from the most damaging content-based attacks. Securing end point devices against security threats is paramount when mobile workers do not have the benefit of connecting behind corporate security systems.

There are some simple, practical steps to take to ensure that your computing environment runs trouble free:

  • Work with your administrator (or technical person) to evaluate monitoring tools for your computers, or systems in general. Many security devices deployed at gateways in network scenarios can include network-monitoring tools for the administrator. In addition, there are several reputable vendors of scanning tools that can monitor your computer for infections of malware and system slowdowns. Report any slowdowns or trouble signs immediately to your administrator.

  • Be current on major virus outbreaks, network hacks and problems. Any computer user who has progressed beyond basic use should be aware of the security landscape as a whole by being current on news from the industry, major network outbreaks or other malware problems.

  • Be aware of the security policies, and ask about the sorts of security tools at the establishments you are frequenting that have Wi-Fi hot spots. Some major chains of businesses, such as cafes, offer these sorts of services and evaluate Wi-Fi security carefully for their customers.

For more information from Fortinet:
www.rsleads.com/510cn-254

This article was provided by Leo R. Versola, director, consulting systems engineering worldwide, for Fortinet, Sunnyvale, Calif.