White Papers for Federal Financial Institutions Examination Council (FFIEC)

Protecting Wi-Fi Networks from Hidden Layer 1 Security Threats

Cognio

As Wi-Fi becomes common in enterprises, the industry has matured to a standard 3-step process of building out Wi-Fi infrastructure. First, conduct a site survey to determine the optimal number and position of access points for a particular site. Second, deploy the access points and other Wi-Fi gear and fine-tune the network for optimal performance. Third, continually monitor the network using a variety of security solutions, such as special wireless intrusion detection system (IDS) or intrusion prevention system (IPS). Many think that doing these things ensures a successful and secure Wi-Fi roll out. But, that belief can be a critical mistake. What the traditional deployment process and Wi-Fi security products overlook is the physical layer, layer 1 in the OSI stack. In a wired network, layer 1 consists of physical media, such as cables, for carrying traffic. In a Wi-Fi network, layer 1 consists of the spectrum of radio waves. Security solutions such as IDS, IPS, and NAC work at layers 2 and above. They ignore layer 1 entirely. But layer 1 is the foundation of the Wi-Fi network. And, because it is the foundation, an attack at the physical layer can be more devastating than attacks at the higher layers.

View the White Paper

Share or bookmarklet this web page at: