RadioLAN Broadband Wireless


Learn more about RadioLAN RadioLAN Product Catalog Get help with your RadioLAN Products Download Datasheets, Manuals and other Collaterals Reseller Pages Contact RadioLAN, our Resellers, Installers or Distributors

Homepage

 
Network Computing Magazine - Editors Choice Award - 5/1/2000
Network Computing Magazine - First Look - 11/26/2001


Content and Design © 2006 - RadioLAN
All Rights Reserved - Worldwide

  

BridgeLINK Security

Wireless devices provide freedom and flexibility to mobile and stationary users alike.  Unfortunately, the very characteristics that create these benefits make wireless devices vulnerable.  This puts the onus on IT Managers to secure the network infrastructure in a way that is not required in a wired network.

Wireless Security Needs

Since it is not practical to confine a wireless signal to a "physically" secure environment, wireless networks are susceptible to unauthorized access.  Strong encryption is a smart and necessary precaution against network compromise, but it protects only as well as passwords are implemented and secured.  Procedures such as policy management, VPNs, authentication, and data encryption are also an important part of a sensible security strategy.

Whether wired or wireless, there is no such thing as a completely secure digital link. One can only define a comparative measure of security in terms of a time and effort to compromise the link.  Generally a secure link can be thought of as any link to which the cost of a compromise (in time or other resources) is significantly greater than the value of the contained data or the facility provided by such a compromise.

Exposure of the encrypted data is the single biggest weakness of a wireless security system as it significantly reduces the cost of compromise.  Exposing the encryption of a data stream to all comers provides the opportunity for an interloper to work quietly and undetected on ways to crack the encryption, including dictionary or brute force attacks.  Many of well-documented WEP (Wired Equivalency Protocol) problems derive from the ease with which packets can be sniffed from the network and analyzed independently of authentication and encryption. The ability to sniff packets is inherently dangerous.

“If an uninvited user can’t see packets, they can’t even begin the process of cracking the encryption system.”

Managing the Risk

Managing the risk of a security hole comes down to answering the two basic questions:

  1. How difficult is it to participate in the packet flow?


  2. How long will it take to crack the encryption, assuming an eavesdropper can obtain access the wireless LAN?

At RadioLAN, we believe that the best approach to security is to address both these issues, that is, to provide maximum coverage at minimal cost of complexity.  If an uninvited user can’t see packets, they can’t even begin the process of cracking the encryption system.

RadioLAN Security
  1. RadioLAN is fully compliant with all IEEE 802.3 specifications, assuring our users of privacy and security with features such as Guaranteed Delivery and Workgroup Pairing.  These Layer 2 specifications allow the network manager to maintain  authorization tables and workgroup identification.


  2. There is a logical ‘password’ called the Subnet ID, which will prevent inadvertent eavesdropping.  Only those network devices that share a Subnet ID can exchange packets.  Setting a common Subnet ID is the bare-minimum security policy one should employ for a RadioLAN wireless link.


  3. RadioLAN bridges implement MAC address filtering to only allow a specific MAC address to associate with it's peer.  This technique allows an IT manager to control the valid MAC address(es) allowed to associate with any given bridge.


  4. There are no public domain drivers for RadioLAN products.  No drivers will pass radio subnet information or encrypted packets unless they are on the same subnet or the private key is known.  This provides a first barrier to entry for the would-be hacker, as they would first need to write a driver for a product about which there is no public information.


  5. When these two mechanisms are combined with either 128-bit encryption and user authentication via the industry proven RADIUS authentication protocol, you have sufficiently robust protection against even the most determined intruders.

In summary, an effective wireless security policy must go beyond simply encrypting data and should include physically securing the data link itself.

RadioLAN's BridgeLINK products are used in applications that span Home-LAN user to secure military applications.  RadioLAN is committed to providing our users with the best-of-breed security solutions.

BridgeLINK…
...the easy way to network your networks.