Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
732
Views
0
Helpful
3
Replies

How to Make a Secure Wi-Fi Network (encryption of WIRELESS traffic)

Go to solution
incognito
Level 1
Level 1

‎02-15-2019 03:49 AM

Hello, folks

How can I secure my company's wifi traffic from sniffing by others? In other words, is there "data privacy" functionality over WiFi - regardless of higher layer protocols? 

For WPA+WPA2 Parameters i use WPA2 Policy and WPA2 Encryption (AES) 

For Authentication Key Management I use PSK.

 

 

We don't have any authenticating server.

 

We're using cisco wlc 2504 and several access points. 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to incognito

‎02-17-2019 09:55 PM

Yes.  Traffic from the wireless client to the controller (and vice versa) is encrypted.  

One other thing:  There will be times when the encryption can be broken.  Back in 2017, the KRACK vulnerability was announced.  If the wireless AP or controller isn't patched then someone can sniff out the traffic. 

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎02-15-2019 03:45 PM - edited ‎02-15-2019 03:46 PM

@incognito  wrote:

For Authentication Key Management I use PSK.

AES encryption is still good and widely used.  

The weakest link in this chain is PSK.  

  1. How many knows the PSK key?
  2. How robust (length & combinations) is the key?
  3. How often is it rotated?

Not having an authentication server is not a valid excuse either.  The "smallest" authentication server I've seen is FreeRADIUS and hosted in a humble Raspberry Pi that one can purchase for US$<100.  There are even some cheap SOHO NAS that can load FreeRADIUS application.  

0 Helpful

Go to solution
incognito
Level 1
Level 1
In response to Leo Laohoo

‎02-17-2019 06:06 AM

Thank you so much, Leo

I understand your point of view.

 

Ok, if I will have authenticating server for example.  Can existence of a server provide a secure wireless connection?

How can I achieve 100% encrypted traffic in wireless connection? Is it possible? If yes then what is the way of configuration/parameters?

 

 

 

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to incognito

‎02-17-2019 09:55 PM

Yes.  Traffic from the wireless client to the controller (and vice versa) is encrypted.  

One other thing:  There will be times when the encryption can be broken.  Back in 2017, the KRACK vulnerability was announced.  If the wireless AP or controller isn't patched then someone can sniff out the traffic. 

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

0 Helpful
Customers Also Viewed These Support Documents