Introduction to WiFi Security

WiFi Security RADIUS

WiFi networks are clearly the network norm in virtually all of today’s organizations. While the convenience and flexibility of WiFi have been game changing, concerns continue to abound about WiFi security. In this article, we’ll provide an introduction to WiFi security.

The Advent of WiFi

WiFiTo deeply understand WiFi security, we need to take a step back in time to fully understand the wired world. Wired networks often relied on physical security in addition to network based security. If an attacker could not connect to a wired connection inside the organization, then it was unlikely they could bypass all of the perimeter security. For many organizations, this meant that the wired internal network was usually open, although you still needed to authenticate to have services. An attacker, though, could see what was going on in the network by simply having a conduit to the network.

The result was that a generation of port-level security emerged called 802.1x to take wired security to the next level. This adoption meant that not only did users need to authenticate to the network, but they also weren’t allowed past the port until they were validated. Attackers couldn’t freely sniff the network, if you will.

On a WiFi network, the span and range of the signal can be quite wide, enabling attackers to connect to the network from the parking lot, the office next door, or even the next building. The concept of security through physical presence no longer worked. Even more so, connecting to the network only required a shared set of credentials which in most offices was pretty easy to obtain. This approach to WiFi has been quite standard and also scary to most IT admins and MSPs.

Improving WiFi Security

RADIUS-as-a-ServiceThe result has been a focus on stepping up WiFi security. The most significant step actually goes back to a concept that 802.1x pioneered on wired networks: individual authentication to access the network. By integrating this concept through a cloud RADIUS server, individuals looking to access the network must uniquely authenticate with their personal credentials. Those credentials are checked against (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 318 posts and counting.See all posts by zach-demeyer