Security always starts with the physical. If you can touch my stuff,
you can get into it. I might be able to get better and better locks,
but if you can touch them, you can break them. Wireless can be touched
from anywhere (within a particular radius) and by people you don't know
who or where they are. For this simple reason, copper connections are
more secure (physically) than wireless, just as fiber is more secure
(physically) than copper.
I run a wireless network for non-sensitive data, but, even if it is
non-sensitive data, I always have a doubt in the back of my head as to
whether or not someone has cracked the security and is trying to use my
equipment for their own purposes. Firewalls and IDS/IPS are much, much
more important in a wireless environment.
-----Original Message-----
From: Phillip Lay [mailto:phillip.l@pacificdata.net.au]
Sent: Wednesday, September 28, 2005 7:43 PM
To: security-management@securityfocus.com
Subject: Key concerns when seeking Wireless IPS/IDS solutions?
Hi all,
As the regional rep of wireless security (AirDefense) in the
A/NZ region I am very keen to better understand why companies
do not go wireless?
Many, if not all research reports (including our own client
visits) point the finger at "security" as the #1 inhibitor of WLANs.
However since there is a growing number of available wireless
security solutions that can safeguard Wireless networks- some
even argue being able to secure wireless networks better than
the wired side I am wondering from your "expert" point of
view, how would/should/could we better present WIDS/WIPS info
aka technical advantages and capabilities or the business
benefits of WLAN?
Is it fair to say that the leading info source for WLAN Sec
Best Practices is the NIST Wireless Security Checklist based
on ISO 17799?
Sincerely,
Phillip Lay
AirDefense Australia & New Zealand
