Cisco Cisco WAP4410N Wireless-N Access Point - PoE Advanced Security 관리 매뉴얼
Planning Your Wireless Network
Protecting Your Network
WAP4410N Wireless-N Access Point with Power Over Internet Administration Guide
11
2
Protecting Your Network
Wireless networks are easy to find. Hackers know that to join a wireless network,
wireless networking products first listen for “beacon messages.” These messages
can be easily decrypted and contain much of the network’s information, such as
the network’s SSID (Service Set Identifier).
wireless networking products first listen for “beacon messages.” These messages
can be easily decrypted and contain much of the network’s information, such as
the network’s SSID (Service Set Identifier).
Here are steps you can take to protect your network:
Change the administrator’s password regularly
Every wireless networking device stores network settings (for example, SSID and
WEP keys) in its firmware.
WEP keys) in its firmware.
Your network administrator is the only person who can change network settings. If
a hacker discovers the administrator’s password, then the hacker too can change
those settings.
a hacker discovers the administrator’s password, then the hacker too can change
those settings.
Protect your SSID
•
Disable SSID broadcasting. Most wireless networking devices give you the
option of broadcasting the SSID. While this option may be more convenient,
it allows anyone to log into your wireless network. This includes hackers.
So, don’t broadcast the SSID.
option of broadcasting the SSID. While this option may be more convenient,
it allows anyone to log into your wireless network. This includes hackers.
So, don’t broadcast the SSID.
•
Make the SSID unique. Wireless networking products come with a default
SSID set by the factory. Hackers know these defaults and can check them
against your network. Change your SSID to something unique and not
something related to your company or the networking products you use.
SSID set by the factory. Hackers know these defaults and can check them
against your network. Change your SSID to something unique and not
something related to your company or the networking products you use.
•
Change the SSID often. Change your SSID regularly so that hackers who
gain access to your wireless network will have to begin again.
gain access to your wireless network will have to begin again.
Enable MAC Address Filtering
MAC address filtering allows you to provide access to only those wireless nodes
with certain MAC addresses. Filtering makes it harder for a hacker to access your
network with a random MAC address.
with certain MAC addresses. Filtering makes it harder for a hacker to access your
network with a random MAC address.
Secure Your Network
•
WEP—WEP is often looked upon as a cure-all for wireless security
concerns. This is overstating WEP’s ability. Again, this can only provide
enough security to make a hacker’s job more difficult.
concerns. This is overstating WEP’s ability. Again, this can only provide
enough security to make a hacker’s job more difficult.
There are several ways that WEP can be maximized:
-
Use the highest level of encryption possible.