hello..i have a lot of questions regarding the
access point (AP)...below are the list of some
checklist that i found in order to be taken into
consideration in the wireless technology..i juz want
to know how those checklist can be implemented and
what kind of software could be used to do
that..thanx for ur help..
i) Perform comprehensive security assessments at regular
intervals (including
validating that rogue APs do not exist in the
802.11 WLAN) to fully understand
the wireless network security posture
ii) Deploy physical access controls to the building
and other secure areas (e.g., photo ID, card badge
readers).
iii) Complete a site survey to measure and
establish the AP coverage for the Organization
iv) Take a complete inventory of all APs and
802.11 wireless devices.
v) Empirically test AP range boundaries to determine
the precise extent of the wireless coverage
vi) Ensure AP channels are at least five channels
different from any other nearby wireless networks to
prevent interference.
vii) Locate APs on the interior of buildings versus
near exterior walls and windows.
viii) Place APs in secured areas to prevent
unauthorized physical access and user manipulation.
viv) Make sure that APs are turned off during
all hours during they are not used.
x) Make sure the reset function on APs is being
used only when needed and is only invoked by
an authorized group of people.
xi) Restore the APs to the latest security settings
when the reset functions are used.
xii) Change the default SSID in the APs.
xiii) Disable the “broadcast SSID” feature so that
the client SSID must match that of
the AP.
xiv) Disable the broadcast beacon of the APs.
xv) Disable all insecure and nonessential management
protocols on the APs.
xvi) Install a properly configured firewall between
the wired infrastructure and the wireless network (AP
or hub to APs).
xvii) Consider installation of Layer 2 switches in
lieu of hubs for AP connectivity.
xviii) Ensure all APs have strong administrative
passwords.
xviv) Enable user authentication mechanisms for the
management interfaces of the AP.
xx) Ensure management traffic destined for APs is
on a dedicated wired subnet.
xxi) Make sure adequately robust community strings are
used for SNMP management traffic on the APs.
xxii) Configure SNMP settings on APs for least
privilege (i.e., read only). Disable SNMP if it is
not used.
xxiii) Enhance AP management traffic security by using
SNMPv3 or equivalent cryptographically protected
protocol.
xxiv) Use a local serial port interface for AP
configuration to minimize the exposure of sensitive
management information.
