Guide to Securing Legacy IEEE 802.11 Wireless Networks: Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800-48 Revision 1)

Guide to Securing Legacy IEEE 802.11 Wireless Networks: Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800-48 Revision 1) Review

Wireless local area networks (WLAN) are groups of wireless networking nodes within a limited geographic area, such as an office building or building campus, that are capable of radio communication. WLANs are usually implemented as extensions to existing wired local area networks (LAN) to provide enhanced user mobility and network access. The most widely implemented WLAN technologies are based on the IEEE 802.11 standard and its amendments. This document discusses the security of legacy IEEE 802.11 technologies—those that are not capable of using the IEEE 802.11i security standard. Organizations employing legacy IEEE 802.11 WLANs should be aware of the limited and weak security controls available to protect communications. Legacy WLANs are particularly susceptible to loss of confidentiality, integrity, and availability. Unauthorized users have access to well-documented security flaws and exploits that can easily compromise an organization’s systems and information, corrupt the organization’s data, consume network bandwidth, degrade network performance, launch attacks that prevent authorized users from accessing the network, or use the organization’s resources to launch attacks on other networks. The National Institute of Standards and Technology (NIST) recommends that organizations with existing legacy IEEE 802.11 implementations develop and implement migration strategies to move to IEEE 802.11i-based security because of its superior capabilities. IEEE 802.11i addresses the security flaws in the original IEEE 802.11 standard with built-in features providing robust wireless communications security, including support for Federal Information Processing Standard (FIPS) validated cryptographic algorithms. While legacy IEEE 802.11 networks are still in use, organizations should follow the recommendations in this publication to compensate for the security weaknesses inherent in legacy WLANs. Organizations that are planning a migration from legacy WLANs to IEEE 802.11i or are considering the deployment of new WLANs should evaluate IEEE 802.11i-based products and follow the recommendations in NIST Special Publication (SP) 800-97, Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i,1 for the new WLANs. Organizations should implement the following recommendations to improve the security of their legacy IEEE 802.11 implementations.