Wireless Network Security Appliances - Essay Example

Running head: Wireless network security appliances Student name: Student number: Course title: Lecturer: Date: Abstract With the advent of many wireless technologies, there are many attacks that are geared towards wireless networks. There has been the need to have security in the wireless networks with the increase in the wireless devices which have been introduced into the market. With the advent of mobile devices, there are many phones which can perfectly provide wireless connectivity to their environs and they are becoming a threat to the security. There are standards that have been developed to address this issue of security so that any developers of wireless connectivity follow this standard. One of the standards is WEP which is a security standard that addresses the wireless routers and their connectivity. Setting standards has been one of the most difficult tasks where there is a movement worldwide to open up the connections towards the wireless connectivity. There are individuals who have made the search for wireless networks to be their hobby and this is called war driving or war walking. These people walk around looking for wireless networks and when they find a wireless network, they advertise to the users of that network; this normally causes the administrators of these wireless networks to re-examine their networks to see if there are some loopholes that have been taken advantage of by these war walkers. There are wireless appliances that have been brought to the market which are used to prevent wireless attacks from occurring. These wireless devices have been used to successfully block any wireless connection which is not authorized from gaining access to the network. These devices have varying strengths and weaknesses. This paper will look into the strengths and weaknesses of these devices and how they can be used effectively to achieve security in a wireless network. Wireless security appliances DFL-CPG310 Wireless firewall/VPN security appliance DFL-CPG310 provides security to the network by acting as a Firewall to the network, so that packets do not intrude into the network. The beauty of it is the fact that it is cost-effective and provides equally efficient services to the network. It has been devised in such a way that it uses the technology of D-Link devices where the unwanted packets are denied access to the network. Due to the need for the clients and the network users to have their own privacy, this device has this integrated into their circuitry. Many companies have opted for this device because of its reliability and long-life. What is more, the administrators have fewer headaches with the use of this device given its capabilities that will require fewer configurations (Akin, 2003). DFL-CPG310, also known as NetDefend, uses the technology from Check Point, Stateful Inspection technology which is normally patented. Check Point technologies are designed to provide firewall services and it has become a security device of choice for many companies around the world. It is therefore a trusted device which provides assured security to wireless networks. The Stateful Technology works in such a way that it monitors and blocks attacks which are directed at the network. INSPECT technology is also used in this technology; in this technology, protection is provided by implementing rules and policies that will determine whether to give or allow access to it. It has been argued by technocrats that the technology that this device uses is more effective than those used by NAT technologies (D-Link Corporation, 2010). Whereas the NAT technologies examine the packets when they are already in the network, this technology does the examination before they are allowed to the network. With this, the network is assured of ultimate protection. They therefore determine whether the communication is allowed or it is another form of attack; this way, it brings assurance to The other beauty of this device is the fact that its use of Check Point technology allows to keep at bay the attacks that emanate from denial of service (DoS). They also are in a position to check and correct the anomalies that may be found in the protocols. There are anomalies that are normally found in protocols and they can pose great damage to the network if they are not well taken care of. There are also other applications which carry malicious data; these are blocked or limited in the network. With these measures put in place by this device, the use of Internet services like Instant Messaging, Peer-to-Peer FTP and map services are secured. This also ensures that the packets which are questionable are cleared of these doubts by either blocking them completely or ensuring that they are limited in the network. They also ensure that the bandwidth is used effectively and in the most secure way. This device, with the Check Point technology, also block antivirus within the perimeter of the network. With this service, they are capable of assuring that there is no virus which is able to penetrate to the network this is possible and is an advantage over the traditional way of keeping the viruses off the network where the antivirus is installed in the gateway. A simple policy for the anti-virus is that they should be set in such a way that they are able to determine which device is being scanned. With the attacks which are smarter by the day, there should be smarter counter-measures put in place so that they are able to counter the attacks before they are allowed to operate within perimeter of the network (Akin, 2003). This is safer than the case where the anti-virus is first allowed to enter the network and then prevented. Generally, this device is good for preventing attacks in the network by use of the latest technologies. With the attackers being smarter everyday, this technology is the surest way to counter the new attacks that are being realized everyday. With its proper implementation in the network, it is able to prevent the attacks from getting access to the network DCEs and DTEs. What is more, this device also has IPSec technology which allows the telecommuters to have access to the LAN remotely without exposing the network to outside attacks. Eli Broadband Internet Security Appliance This is a wireless device that is used to implement security in a wireless network. It is set once without the need of the network administrator setting it subsequent times. It has protections for preventing viruses that can be spread on a network, phishing and spam protection. The difference with the other wireless devices is the fact that this device has no protection for the wireless network. For total protection from outside users, the administrator must configure the device so that it has filters that can protect the unwanted URLs from accessing the network (Kaven, 2006). This is more manageable because after malicious sites are blocked, they have no other way that they can access the site again. This does not guarantee that the security software cannot be installed in the host computers; they have to be installed so that when the wireless security device fails, they will help to protect the host machine. Malware could be got when one accesses a device like a laptop which is accessing the wireless network though it might not be having the protection itself. The unit function is quite well because it is able to protect all the malware that is thrown at it. One disadvantage, though, of this device is the fact that it is not possible to configure a quality of service in them; this is a blow to the people who like playing computer games. ZyWall appliance This is a security appliance that is used in the wireless networks. It provides the wireless networks with firewall protection and has an IPSec functionality which allows the private networks to have a safe e-business connection. The use of this device comes with its advantages where the users save on the expenses and maintenance. It is relatively cheap to purchase and easier in their maintenance. It provides quality networking environment. It has good solution that will help to come up with a good security to the network (Akin, 2003). It has good setting guidelines which are simple to follow. It follows all the security policies of any wireless network that is put in place. ZyWall provide the users options of what they will offer to the network without having to impose a full range of products that the customers might not want. They give the clients a choice of what to have in the network. This devices also has a management system that web based. It enables the administrators to implement security more easily when compared to other wireless devices. There are three wireless security policies, high, medium and low. The user will choose which policy they want implemented in their network. This implemented in the network. The administrators will have to follow easy steps that are built into the firmware of this wireless appliance so that they keep the attacks to the network at bay. The rules that are defined in the device are flexible. They can be changed at any given time. The technology that is used in this device enables the administrator to control the traffic at any given time. The technology that is used to achieve this is Shaper which is a smart technology that has helped the administrators know the bottlenecks in the network and take the precautionary measures. Comparison The comparison between the three devices shows that both the DFL-CPG310 series and ZyWall have firewalls which are used to determine the packets that come into the network. Unlike ZyWall devices, the DFL-CPG310 series device has the capability of using the IPSec security to protect the network from further attack. This wireless device has more capability to keep attacks at bay. They both use IPSec technology to make protect the network that is at the perimeter of the wireless network. The Eli series of wireless security devices have the capability of filtering the URLs that are susceptible of the attacks. It is good because it is easier to set when compared to the other devices. Conclusion The degree of the network usage greatly determines the type of device that can be used in the network. Most companies prefer devices that offer protection through the checking of packets before they enter the network. With the assurance of this would recommend the use of DFL-CPG310 series of devices to be used in wireless networks. My choice for this is based on the fact that the device uses a variety of technologies. What is more, these devices are easy to get in the market. When they are compared to other devices, they prove to be easy in their use and the availability in the market. With the increase devices which can access wireless networks today, there is need to have. Another reason for my recommendation is the fact that this device uses one of the most advanced wireless security protocol, IPSec. It assures better network protection. Wireless networks also have a tendency to change the network settings, this requires that the devices that control the wireless network should have control mechanisms that will make sure that the packets that gain access to the network are tested and proven to be clean. The device that I have proposed, DFL-CPG310 series has most of the security features that is desired in any network. There are other features that are being developed to make sure that new threats that are experienced in the network, especially with the introduction of mobile devices in the market, makes this device one of the best in the market and the us of will bring no regret whatsoever. References: Akin, Devin (2003). CWSP: Certified wireless security professional: official study guide. Chicago: McGraw-Hill Professional. D-Link Corporation (2010). DFL-CPG310 wireless firewall/VPN security appliance. Retrieved on 27th August 2010 from http://www.dlink.com/products/?pid=480 Kaven, Oliver (2006). Eli broadband and Internet security appliance. Retrieved on 27th August 2010 from http://www.pcmag.com/article2/0,2817,2032322,00.asp Read More