4 Tips to keep your wireless network secure

Because wireless networks are particularly vulnerable to attacks, security is a primary concern. Wireless networks can be hacked by “war drivers“—who cruise around looking for a wireless signal to exploit. Usually war drivers are just looking for free Internet access, but sometimes they’re looking for confidential information such as credit card numbers.

Although a wireless network can never be totally secure, there are important steps you can take to minimize the risk:

1. Know how far your signal extends.
When you install a wireless network near public areas, it’s very important to know where your signal is going. If it’s easily picked up outside your business—perhaps from a parked car across the street or from the building next door—then you’ve got a security problem. If you send a strong wireless signal into the coffee house next door to your business, chances are someone is going to try to take advantage of it.

A wireless analyzer can help you map exactly where your access points are sending their signals. This can help you arrange the access points in your network in order to minimize signals in public areas and maximize signals to your users. A wireless analyzer can also spot unauthorized wireless access points attached to your network as well as other wireless networks broadcasting in your area. A wireless analyzer may be a freestanding application or may be part of a wireless management suite. Newer wireless mesh products often feature cloud-based management that includes wireless analysis.

2. Separate your wired network from your wireless network.
To add a layer of security to your wireless network, separate it from your wired network by gathering all your wireless access points into a separate LAN connected to the DMZ port of your firewall. This makes the wireless network accessible, yet safely outside of your main wired LAN. Once you separate the wireless from the wired network, insist that anything that needs to be kept secure stay on the wired network. This includes confidential data such as credit card numbers, sensitive financial data, or corporate secrets of any kind. You can, however, freely use the wireless network for less-sensitive applications such as notebook computers for taking notes at meetings, PCs for temporary workers, computer hookups for trade show booths, and bar-code readers for inventory.

3. Use encryption to lock out unauthorized users.
Any wireless signal, no matter how heavily encrypted, can be broken into eventually. Encryption isn’t perfect, but it can go a long way towards discouraging the casual hacker—the trick is to make breaking into your network so difficult that the hackers don’t bother. Be sure to use encryption and, rather than easily hacked WEP, use higher-level encryption schemes such as Extensible Authentication Protocol-Transport Layer Security (EAP-TLS).

4. Have a security plan and implement it. Seriously.
With a wireless network, as in any other network, it’s important to have a security plan and then implement it. The biggest security problem with wireless security is that network administrators often fail to take even the simplest of steps to ensure security, do not activate encryption at all, or fail to change the default passwords. When you fail to take these basic precautions, you leave your wireless network extremely vulnerable to casual hacking.

Yes, a wireless network is less secure than a wired network, but if you pay attention to your wireless network and implement a sensible security plan, you won’t find yourself blindsided by its vulnerabilities.

What to look for in a channel solution

Channel solution. You hear the term a lot these days to describe complete copper or fiber cabling systems. But what exactly is a channel solution and what are its benefits?

A definition.
A channel solution is a cabling system from the data center to the desktop where every cable, jack, and patch panel is designed to work together and give you consistent end-to-end performance when compared with the EIA/TIA requirements.

Its benefits.
A channel solution is beneficial because you have some assurance that your cabling components will perform as specified. Without that assurance, one part may not be doing its job, so your entire system may not be performing up to standard, which is a problem — especially if you rely on bandwidth-heavy links for video and voice.

What to look for.
There are a lot of channel solutions advertised on the Internet and elsewhere. So what exactly should you be looking for?

For one, make sure it’s a fully tested, guaranteed channel solution. The facts show an inferior cabling system can cause up to 70% of network downtime — even though it usually represents only 5% of an initial network investment. So don’t risk widespread failure by skimping on a system that doesn’t offer guaranteed channel performance. You need to make sure the products are engineered to meet or go beyond the key measurements for CAT5e or CAT6 performance.

Sure, they may be designed to work together, but does the supplier absolutely guarantee how well they perform as part of a channel — end to end? Don’t just rely on what the supplier says. They may claim their products meet CAT5e or CAT6 requirements, but the proof is in the performance. Start by asking if the channel solution is independently tested and certified by a reputable third party. There are a lot of suppliers out there who don’t have the trademarked ETL approval logo, for example.

What ETL Verified means.
The ETL logo certifies that a channel solution has been found to be in compliance with recognized standards. To ensure consistent top quality, we participate in independent third-party testing by Intertek Testing Services/ETL Semko, Inc. Once a quarter, an Intertek inspector visits us and randomly selects cable and cabling products for testing.

The GigaTrue® CAT6 and GigaBase® CAT5e Solid Bulk Cable are ETL Verified at the component level to verify that they conform to the applicable industry standards. The GigaTrue® CAT6 and GigaBase® CAT5e Channels, consisting of bulk cable, patch cable, jacks, patch panels, and wiring blocks, are tested and verified according to industry standards in a LAN environment under Intertek’s Cabling System Channel Verification Program.

For the latest test results, contact our FREE Tech Support at 1-877-877-2269. For more on what to look for in your cabling system, read  our previous blog post: Cheap cable in no bargain!

Media Converters: Do you rent an apartment or buy a house?

Media converters interconnect different cable types such as twisted pair, fiber, and coax within an existing network. They are often used to connect newer Ethernet equipment to legacy cabling. They can also be used in pairs to insert a fiber segment into copper networks to increase cabling distances and enhance immunity to electromagnetic interference (EMI).

Traditional media converters are purely Layer 1 devices that only convert electrical signals and physical media. They don’t do anything to the data coming through the link so they’re totally transparent to data. These converters have two ports—one port for each media type. Layer 1 media converters only operate at one speed and cannot, for instance, support both 10-Mbps and 100-Mbps Ethernet.

Some media converters are more advanced Layer 2 Ethernet devices that, like traditional media converters, provide Layer 1 electrical and physical conversion. But, unlike traditional media converters, they also provide Layer 2 services—in other words, they’re really switches. This kind of media converter often has more than two ports, enabling you to, for instance, extend two or more copper links across a single fiber link. They also often feature autosensing ports on the copper side, making them useful for linking segments operating at different speeds.

Media converters are often used to connect newer 100-Mbps, Gigabit Ethernet, or ATM equipment to existing networks, which are generally 10BASE-T, 100BASE-T, or a mixture of both. They can also be used in pairs to insert a fiber segment into copper networks to increase cabling distances and enhance immunity to electromagnetic interference.

Media converters are available in standalone models that convert between two different media types and in chassis-based models that connect many different media types in a single housing.

Rent an apartment
Standalone converters convert between two media. But, like a small apartment, they can be outgrown. Consider your current and future applications before selecting a media converter. Standalone converters are available in many configurations, including 10BASE-T to multimode or single-mode fiber, 10BASE-T to Thin coax (ThinNet), 10BASE-T to thick coax (standard Ethernet), CDDI to FDDI, and Thin coax to fiber. 100BASE-T and 100BASE-FX models that connect UTP to single- or multimode fiber are also available. With the development of Gigabit Ethernet (1000 Mbps), media converters have been created to make the transition to high-speed networks easier.

…or buy a house.
Chassis-based or modular media converters are normally rackmountable and have slots that house media converter modules. Like a well-planned house, the chassis gives you room to grow. These are used when many Ethernet segments of different media types need to be connected in a central location. Modules are available for the same conversions performed by the standalone converters, and 10BASE-T, 100BASE-TX, 100BASE-FX, and Gigabit modules may also be mixed. Although enterprise-level, chassis-based systems generally have modules that can only be used in a chassis; many midrange systems feature modules that can be used individually or in a chassis as well.

Still on the fence about renting or buying? Call us at 724-746-5500 or e-mail techsupport@blackbox.com and we’ll help you decide. Or, check out our Media Converters Selector.