News

NIST Issues Wireless LAN Security Recommendations

Wireless LANs lag on security compared with wired networks, the National Institute of Standards and Technology advises, in a new Guide.

"Unfortunately, WLANs are typically less secure than their wired counterparts for several reasons, including the ease of access to the WLAN and the weak security configurations often used for WLANs (to favor convenience over security)," NIST says in newly released guidelines for securing wireless networks.

Draft Special Publication 800-153, "Guidelines for Securing Wireless Local Area Networks" provides recommendations for improving the security configuration and monitoring of wireless networks and the devices connecting to them.

The document focuses on the most commonly used type of WLAN, based on the IEEE 802.11 family of Wi-Fi standards.

Wi-Fi security concerns are nothing new. In 2002, NIST famously pronounced that wireless access points are "the logical equivalent of an Ethernet port in the parking lot." The principal caveat offered by NIST then still applies: All the vulnerabilities found in conventional wired networks also can be found in wireless technologies, along with a host of others associated with radio communications and mobile clients.

Wi-Fi security has evolved since approval of the initial 802.11 standard in 1997. Wired Equivalent Privacy was added and then replaced when flaws were found. Eventually Wi-Fi Protected Access was adopted, and in 2004 WPA2 was introduced with interoperability with the 802.11i security standard. In 2009, the 802.11w-2009 standard was ratified, increasing security with additional encryption security features to help prevent denial-of-service attacks against WLANs.

SP 800-153 is part of a suite of NIST wireless security publications. It complements but does not replace SP 800-97, "Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i," released in 2007, or SP 800-48 revision 1, "A Guide to Security Legacy 802.11 Wireless Networks," revised in 2008. The new publication consolidates and strengthens recommendations made in the earlier documents and, while it does not replace them, it does take precedence when recommendations conflict.

SP 800-153 emphasizes the importance of having a standardized WLAN security configuration built into the wireless network from the beginning of the design phase and maintained throughout the life cycle, and the need for continuous security monitoring of the network, along with periodic assessments.

Comments on draft SP 800-153 should be sent by Oct. 28 to 800-153comments@nist.gov, with "Comments SP 800-153" in the subject line.

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • Cloud Services Use on the Rise But Security Concerns Remain

    A recently published industry report suggested that use of public cloud services by organizations may nearly double in the next two years.

  • OneDrive Users To Get Storage Options, Plus New Personal Vault

    Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.