Mobile and Wireless Security Essay Example | Topics and Well Written Essays - 1250 words

Mobile and Wireless Security - Essay Example and Dasgupta, P., 2003). An attacker can easily connect to the wireless network using wireless media and create a separate access point for provisioning of service to the network users. Users are forced to route traffic through the rogue access point where the attacker can either sniff information or even alter or destroy it (Godber, A. and Dasgupta, P., 2003). The attacker can attach viruses to downloads and infect the user devices. Thus the wireless networks are required to be secured from such attacks. A2. Increased usage of mobile devices by the work forces in corporate calls for implantation of security measures in wireless networks. The vulnerabilities of a wireless network are required to be overcome to prevent attacks in the form of eavesdropping, spoofing etc, resulting in loss or compromise of sensitive data. Thus there exists a requirement to formulate and implement a wireless security policy to disallow unauthorized access to the corporate networks using wireless media and allow only approved and authenticated users to be connected. IPsec VPN provides an easy and robust solution by incorporating tunneling, strong authentication and encryption procedures. The aim of the policy is to lay down standards for establishment of wireless connection from remote location to the XYZ corporate intranet. The policy also gives out detailed system requirements to be in place before the remote user is actually allowed access to the corporate resources. This remote access policy is designed to prevent damage to the corporate network or computer systems and to prevent compromise or loss of data. The policy details are as under:- The remote user shall connect using virtual private networking (VPN). VPN is a private network providing services to selected or authorized group. The network is 'virtual' as it builds on public physical networks by tunneling through it (Qu, Wie and Srinivas, S., 2002). VPN services are classified as LAN interconnect, dial-up and extranet (Venkateswaran, R., 2001). VPNs can be implemented at network or data link layer. Client Check The wireless network should be segregated from the intranet by employing a front-end firewall with the intranet. Firewall restricts broadcast traffic and saves STAs and APs from the intranet users. Anti-virus software must be installed and operational. Ensure that the client satisfies the set criteria else deny access or allow only limited access to the extent that he can access required software to meet the requirement. Connection Type. STAs should get connected to the corporate protected intranet through APs after IPsec VPN authentication (Weber, Chris and Bahadur, Gary, 2002) (For wireless IPsec VPN, the basic components are wireless clients or stations (STA) and a wireless access point (AP). APs act like hubs that connect to the STAs and provide pathway from wireless network to other existing network.). Authentication. IPsec authentication between STA and intranet should be done using Kerberos or client