- Do not use WEP at all
- Use RADIUS servers for greater security
- Client isolation setting
- What not to do when deploying WIFI
What you should and should not do when deploying a WIFI network for your business.
Do not use WEP at all
The WEP security used by older Wireless LAN networks can be cracked in three seconds using a 1.7 Gigahertz Pentium M CPU. This was discovered by German researchers and shows why you should never use this level of protection on your WIFI network.
https://www.computerworld.com/article/2544215/don-t-use-wep-for-wi-fi-security–researchers-say.html.
The default password on the hardware must be changed to secure the device. This must be a very complex and hard to guess string that is ideally composed of a random string of characters.
This password:
fefgneruighjeruihgeruiut849u8y945uy95b4m05ug5t84bb95rug48ube890g8uub57gu5uuy87hb5yuduggu8898y4it3*^&%^^^^T RADIUS servers may be used for further wireless authentication. This operates on the application layer and uses UDP as transport. The RADIUS server is a background process that runs on either a UNIX/Linux or Windows server machine. This consists of network gateways that communicate with the RADIUS server to determine whether the client attempting to connect has an account. This may be integrated with Active Directory to further increase security. This would negate the risk of MAC address spoofing as they would need an account on the Active Directory Domain anyway, and they would be denied access. The connection requests are sent via a Remote Access Server to gain access to remote resources using the access credentials. This is passed using the link-layer protocol. RADIUS does not send the username and password in plain-text; this enhances security. Use VLAN`s to separate the WIFI from the main wired network if possible Adding the wireless network as a VLAN allows the WIFI to be separate from the main wired network. This enhances the security of the whole enterprise network. This prevents clients from seeing each other on the network, but they can still access the Internet. This is a setting available on WIFI routers. This allows the network to allow clients to connect, but not to see each other. This enhances security on the network and stops the clients leeching files to-from each other. This will enhance security and productivity. This drops all packets that are not intended to travel to and fro from the client to the router and vice versa.
^>G&G h8ru5 b9bp5u4b5bhu59bhb58b58b5uuj9p%3wDWh1~7t67J>If+wK2OKa7)L4%_5)’1:*-j-
!k58)w7Hi10#$0*xpkDRd#6pk
|/3xm^>7{pG3m45Im*@>.R5@=”x#/zm+]$,5S3@6&#W]!_>,{y8;@9S5[.43-
g/681H3gZ%2/9>l04_2{7$@b[;x)+8~!V]~l*/0l7+8E64599>238505$1358YH560BB+4df5″’97H370u5h45w4RjT12MIN36Rh0+a83
412j 318l12fz2547>M623232(784m3Gj47;07YClient isolation setting
What not to do when deploying WIFI