Would you rather have something for free or pay for it?
Dumb question right? A free ticket to watch the Seahawks pummel I mean battle the Broncos in Super Bowl XLVIII beats paying $2,100 per ticket any day – unfortunately, not a choice you or I will likely have to grapple with anytime soon.
However, when it comes to wireless networking, this is a question we face all the time. Do I jump on the coffee shop’s complementary network after ordering my quadriginoctuple-frap, or do I use my provider’s network and eat into my data plan?
I would hazard to guess that most of us choose the free option – especially if we are going sit there and nurse that beverage all day – a choice that is repeated every day at coffee shops all around the world. In fact, we have gotten so used to making this choice as customers that we expect Wi-Fi access everywhere, including at work.
And, while an increasing demand for wireless networking may not be breaking news, many organizations still struggle when it comes to successfully deploying wireless networks in a secure manner.
So, in the spirit of the Super Bowl example above (nice work Hawks), I would like to present what coaches often call the fundamentals – only here I’ll talk about five fundamentals of securing your wireless network.
And, I’ll use roman numerals.
But no X’s or O’s.
I. Have a Plan
If you rush out, buy a couple of wireless access points and chuck them on your network, you’ll likely just make things worse. Instead, take time to understand your goals and consider some important pre-deployment questions such as:
It’s also a good idea to draft a network usage policy and have users sign it as this can help to encourage self-enforcement.
II. Implement Access Controls
Segmenting the WLAN (e.g. by VLAN), creating security policies for different SSIDs, enabling station separation, enforcing MAC control lists and user authentication can all help to ensure WLAN users, devices and traffic are only allowed to access intended resources.
III. Synchronize Wired and Wireless Networks
Make sure your wired and wireless security policies don’t conflict. If an access policy is being enforced on your wired network, ensure you are not circumventing it with your WLAN policy.
IV. Use Strong Passwords
Create strong WLAN access passwords and change them regularly. Some strong password creation tips can be found here.
V. Monitor, Adjust, Repeat
Regularly use monitoring tools and review traffic logs to see what’s happening on your network. This will help to ensure policies are being enforced as expected, identify new traffic types and applications to allow/restrict and recognize emerging threats.
To learn more about how WatchGuard can help you to deploy a robust and secure WLAN, check out our wireless page here.
When a tornado tore through Walker School District’s data center in 2011, the devastation took 95% of the district’s technology infrastructure. Turning tragedy into opportunity, the administrators worked to rebuild and support the district’s commitment to creating amazing educational opportunities for their students. This meant technology that could support key educational resources, and provide access to online and internal applications, while keeping students and staff secure.
In regard to key applications, the school has partnered with NASA to bring online a lunar observatory at its Science and Technology Center, where students can use and learn from NASA technology. In addition, to teach students about sustainable food growth, Walker Schools has created a ground breaking k-12 aquaponics program, the first curriculum of its kind in a U.S. school system.
In order to meet the technical demands of the district’s 11,000 users, Walker Schools deployed WatchGuard XTM 2520, WatchGuard XTM 1050 and WatchGuard XTM 525 integrated security platforms to power its network.
The key element for the Walker administrators was being able to implement a system within a tight budget, yet still deliver speed, easy administration, and cutting-edge security, which they found in WatchGuard.
This commitment to providing a solid technology backbone for the various programs the district offers has resulted in the district achieving higher test scores since implementing WatchGuard’s solutions. In fact, the improved student performance have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.
Investing in WatchGuard’s unified security solution ensures Walker Schools will receive tremendous long-term value through high-quality hardware. Walker Schools has seen a vast increase in speed and bandwidth capability as well as a reduction in malware and virus outbreaks. The new solution has been able to handle heavy network traffic seamlessly, increasing response time within the student information system. Choosing WatchGuard is predicted to benefit the district with continued use for the next five to ten years.
The district has assured its students a solid platform to build their futures and WatchGuard is pleased to be a part of that growth and development.
Just like Principals and Superintendents, school district Network Administrators are facing the challenges of having to do more with less. Many school districts only have a small handful of IT personnel to begin with, their budgets are being reduced and they’re dealing with challenges to network security management. On top of all this, new challenges are putting a strain on networks, including:
These are challenges that, just like corporations, require smart network security solutions that do more than just stop spam or encrypt email. The Cascade School District just outside of Salem, Oregon has five campuses throughout rural Willamette Valley that serve 2300 students with a staff of 300. According to Michael King, their Network Administrator, things were getting a bit out-of-hand:
The IT department employed a mix of point solutions, each with its own management needs. “We were using ISA 2006, Windows Server, Websense for web filtering, and Barracuda for anti-spam and load-balancing, and there were big expenses for each. Yet, we still couldn’t even do things like HTTPS, which is incredibly important these days with Facebook, Google, et cetera. And, it kind of defeats the purpose to even have a web filter in place if the students can bypass it.”
Cascade School District today is leveraging most of the best-of-breed UTM security services on our XTM Next-Generation Security Platform, which includes URL Filtering, Application Control, AntiSpam, AntiVirus, DLP and IPS. This allows their IT team to meet emerging security challenges mentioned above and faced by their district (explosion of mobile device usage by students and staff, application access control to key educational and online resources, and streamlining remote access for staff). Application access control also gives them a new tool to proactively prevent cyber bullying by controlling access to popular bullying platforms such as Facebook, SnapChat or Kik Messenger. They also are able to monitor traffic on its wireless networks and throttle down users who start to bog down the network.
In addition to meeting all the challenges to network security management, the school district is projected to save approximately $24,000 in fees and maintenance and a boat load of time by consolidating these numerous point solutions into one UTM security appliance.
As we coast into the Nation Retail Federation’s (NRF) big annual show in New York City next week businesses of all types face the daunting task of securing their business network from outside threats. Perhaps it’s fitting that online retailers in particular are concerned with the growing number of advanced persistent threats that are poised to make 2013 a potentially busy year in data loss prevention.
So with the NRF just around the corner, here are three network security roadblocks that threaten the success of online retail organizations of all types:
There are many other roadblocks that can hinder growth and expose data, and we’ll certainly be blogging about them in the days and weeks ahead, but these three are certainly important and worth consideration. For online retailers, customer data security is the foundation for success.
If you’re at the NRF Show in New York, swing by booth # 1681 and say hello. We’d love to see you!