Chapter 10. Gateway Security
Until very recently, a firewall has been the frontline security device in most networks. Attacks have historically been launched against layer 3 or above. Firewalls have advanced over the years, evolving from glorified IP access lists to stateful, application aware security devices. With the wide-scale deployment of wireless networks, suddenly layer 1 and layer 2 security has become a hot topic. A wireless access point and wireless client must be able to defend themselves and their resources in an attempt to retain the integrity of the network.
This does not mean that firewalls have become less important in the bounds of a wireless network. Quite the contrary, a firewall, serving as a layer 3 gateway, is a critical piece of a wireless network. Not only must it defend against conventional attacks over the Internet, it must also protect itself and the networks it controls from unauthorized access originating from a hostile wireless network. A gateway is the first line of defense from an attacker who has complete physical and logical access.
Gateway Architecture
The first thing to consider when deploying a gateway that will face a wireless network is how it will fit into your overall network architecture. It is tempting to simply plug an access point into an existing wired network and use your existing firewall to secure it. This is a recipe for trouble. By placing your access point in the same broadcast domain as your other critical services, you give ...
Get 802.11 Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.