In the last decade, wireless networks have gone from ‘nice-to-have’ to business-critical infrastructure. Performance and security are expected to be equivalent to the wired network, despite the fact that such radio-based networks are broadcast beyond the physical perimeter of an organisation. This is a big ask, and the many ways that such networks are secured are often poorly understood. Consequently, many wireless networks are found lacking.
Sometimes wireless networks were set up in haste, grew organically and had little planning. Others were implemented with basic security whose protocols have long been compromisable, and some networks simply have too few or poorly placed access points leading to congestion, poor signal to noise ratios and coverage blackspots.
And why do I need one?
A wireless network assessment consists of two parts. In some situations, carrying out one of the two is sufficient.
- Infrastructure assessment: A wireless security and best practice check-up to ensure network stability, integrity and resilience.
- Wireless surveys: Desktop or on-site radio frequency (RF) surveys for new and existing wireless networks. Helping to achieve optimal wireless coverage and eradicate ‘dead-spots’.
What a wireless network must provide these days are:
- Pervasive and seamless coverage.
- High speed and easy access to the network.
- Data encrypted in transit, mutual authentication of both clients and network.
- The ability to prove to customers and stakeholders that their information is secure on your network.
Wireless network assessment
A wireless assessment may be made up of one or both of the following components:
- Wireless Infrastructure Assessment
- Wireless Survey
Customers may have specific requirements from this process, so a Nomios consultant will always conduct a kick-off meeting to understand the expectations. During this meeting:
- Access to the wireless controller is supplied by the customer
- If an RF survey is being conducted, the customer will provide building plans for areas covered by the wireless network
- Any areas of concern or focus for the customer are noted for inclusion in the assessment.
Following the kick-off meeting, the work can begin on the wireless infrastructure assessment, and would typically include:
- Checking of client-to-AP density, and uplink bandwidth
- Analysis of the security of authentication methods
- Checking for network spoofing and rogue APs
- Search for illegitimate APs on the wired network
- Guest access checks
- Are audit trails created?
- Is guest access temporary?
- What can guests reach once authenticated?
- Is guest access restricted?
- Corporate access checks
- What encryption is used?
- Check that no preshared key access is used
- Check certificate validity
- Check self-signed certificates are not being used
- Understand certificate renewal process
- Verify that IT staff know the renewal dates of certificates
- How are the controller and APs protected?
- Software and hardware end-of-life checks
Optionally, a wireless survey can be conducted to determine the RF coverage of the network. This shows where dead-spots are, and where sources of interference exist that may be giving network users a poor quality of experience. A survey can take two forms:
- A desktop survey using Ekahau software and the customer’s CAD diagrams of the areas covered. This uses prediction to determine probable coverage.
- A full on-site survey using Ekahau equipment to determine actual coverage and interference from neighbouring networks.
A wireless infrastructure assessment (without including a survey) is usually a 3-day task. At the end of the assessment, the Nomios consultant presents their findings. These would include industry best-practice recommendations to improve security, analysis of the logs and rogue AP history from the wireless network itself and recommendations for any changes on associated systems (for example the RADIUS servers).
When a wireless survey has been conducted, coverage heatmaps would be presented along with recommendations for:
- Changes to AP locations, channels and density to improve coverage
- Sources of microwave interference that could be mitigated or removed
- Neighbouring networks
Note: the time taken to complete a wireless survey is very variable, depending on whether it is desktop-based or on-site, and of course, how many buildings and floors are to be covered.
Ensure your business growth and success
Our goal at Nomios is to help implement best practices and supportable networks to ensure your business growth and success. A Nomios wireless network assessment will give you the confidence to evolve your IT infrastructure, safe in the knowledge that the architecture can cope with the demands made of it.
Latest news and blog posts
SOC security trends in 2023
A security operations centre (SOC) offers the security tools and knowledge that you need to keep your IT environment safe. Read all about the SOC security trends of 2023.
Allan van Leeuwen
Trends and expectations for OT security in 2023
The traditional gap between IT and OT is gradually disappearing. This article explores what this means for OT security and looks at the major OT security trends for 2023.
Juniper Networks Leader in Gartner's MQ for enterprise wired and wireless LAN infrastructure
We are proud to say that our partner Juniper Networks is positioned furthest in both ability to execute and completeness of vision in the MQ for enterprise wired and wireless LAN infrastructure.