‘Tis the season to be wary…

By Josh Stephens, Head Geek at SolarWinds

As all good geeks know, 'tis the season for new and cool 802.11 enabled gadgets. But since these can bring certain perils, ‘tis also the season to be wary.

Whether you have house guests jumping on your network with laptops, iPads and smart phones, or employees showing up at work with their newly acquired Wi-Fi capable iPhones, tablets and MacBooks, you need a few best practices to help keep those networks safe and secure.

First make sure that these devices are patched and running the correct software versions. I won't go into detail on this point, but at work this should be pretty easy to police. At home?  Well, my vote is to enforce it there too. Yes, it'll make you seem even geekier to your friends and family, but that's a good thing, right?

When it comes to protecting corporate or ‘work’ networks from personally owned wireless devices, some organisations use the ‘just say no’ policy. Some of my friends run networks for a large government department and this is usually their policy. However, for many of us this isn't an option. In these cases, best practice is to establish a ‘guest’ wireless network and allow personally owned Wi-Fi devices access to only this network. The guest network should have Internet access (though you may want to throttle it) but should be blocked by a firewall from accessing your corporate LANs.

Traffic from this network to your corporate network should be scrutinised as any other inbound, off-network traffic would. Also be sure to lock down the peer-to-peer or LAN connectivity within the wireless network. Even though these are non-company assets accessing a guest network, if your boss's new tablet catches some sort of virus from the smart phone that the new guy in accounting brought in, you may just find yourself trying to resolve the issue.

At home you have a little more control over whether or not to allow guests and their new, Random Array of Personal Wireless Devices (RAPWD - yeah, I just made that up) to access your 802.11 network. Personally, when I'm visiting someone and they won't allow me to access their wireless network I consider it on par with not allowing me to access their bathroom. One will most likely result in their shrubs dying, and the other will most likely result in all of the passwords on their wireless devices changing to ‘bite me’ written in hex or binary, depending on how upset I really am.

My recommendation is to allow your guests access to your home network. Make it easy -- hand out little printed cards with the SSID and password, your mailing address and any other info that may be helpful. However, make sure these devices are patched and I recommend having a guest network at home, too. Chances are that your 802.11 router at home doesn't support a guest network option but picking up a second Wi-Fi router and configuring it as a guest network in your DMZ is cheap and easy.

If you're like me, you're the geekiest person in the family and you may even be the one gifting people with new wireless devices. If you're doing this and you're not willing to cough up network access - well, you're a mean one, Mr. Grinch.

About SolarWinds’ Head Geek

Josh Stephens is officially the Head Geek at SolarWinds. His full title is VP of Technology and Head Geek.  He is a decorated veteran of the U.S. Air Force, where he helped to design, deploy and manage several large-scale classified and unclassified networks. Some of his processes and protocols are still in use. Today Josh is the chief blogger on SolarWinds’ online community site thwack (www.thwack.com), boasting 55,000 members.  And he hosts the company’s Geek Speak webcasts. 

SolarWinds (NYSE: SWI) provides IT management software to more than 97,000 customers worldwide – from Fortune 500 enterprises to small businesses.  The focus is on network and application management, storage and virtualisation. 

Contact

David Frost,

PR Deadlines Pty Ltd, for SolarWinds

Phone:  +61.2.4341 5021

Email:    davidf@prdeadlines.com.au