ccna 9.2.2.6

ccna 9.2.2.6.6.4.3 Wireless Security Solutions6.4.3.1 History of Wireless TechnologyThe first wireless LANs appeared in 1990. These WLANs were completely open and did not require authentication or encryption. The first security option for WLANs was the Service Set Identifier (SSID). Further later implementations of WLANs began to use SSIDs, but APs did not broadcast SSIDsoThe IEEE802.11b standard defines the Wired Peer-to-Peer Encryption (WEP) security protocol for encrypting data between wireless terminals. Over the next few years, the implementation of WEP became the only means of protecting WLANs. The flaws in WEP led to the development of new technologies based on Temporal KeyIntegrity Protocol (TKIP) and ciphers such as Advanced Encryption Standard (AES). Wi-Fi Protected Access (WPA) implements TKIP and is much more secure than WEP. WPA2 implements AES and is much more secure than WPA. WPA2, an interoperable implementation of 802.11i, is now widely deployed in wireless security. The encryption algorithm implemented in WPA2 is also more secure. The AES-CBC (Cyber-Block Chaining) implementation of AES is considered "acceptable" by Cisco, while AES-GCM (Galois/CounterMode), as an authenticated encryption type, is treated as "next generation encryption" by Cisco. o IEEE 802.1H-2004 is a wireless security standard approved in 2004, which was originally defined as WPA2oThroughout its development, authentication has been an additional option to protect WLANs and is now a fundamental part of today's enterprise wireless policies. The 802.1H architecture specifies 802.IX for authentication, which requires the use of an EAP and an authentication server.174 Chapter 6 Protecting the Local Area Network 6.4.32 Wireless Security GuidelinesWhen designing and using wireless networks, a good approach for network security professionals is to properly grade intrusions. For hackers, wireless networks are quite attractive. Fortunately, if precautions are taken, network administrators can reduce the risk to wireless users. Network administrators must have a number of security issues in mind.Wireless networks that use WEP or WPA/TKIP are not very secure and are very vulnerable to hacking. Wireless networks that use WPA2/AES should have a password phrase of at least 21 characters.If IPSec VPN is available, then use it in any public wireless LAN. If wireless access is not required, disable the wireless device or wireless card. As a network security professional, deploying a wireless solution absolutely requires WPA2/AES and authentication to work together. Work together. Authentication must be done by a central authenticationThe server will handle this. Note: Wireless security technology tends to change more rapidly than other communications technologies, so it is important for an enterprise organization to select the right network administrator for the wireless security role.