Navigating this Book and Chapter Contexts

This book focuses primarily on the security of WLANs; hence, all the chapters are directly and indirectly related to the various aspects of WLAN security. This book is virtually divided into two parts: Chapters 1 through 8 cover the underpinnings and concepts, and Chapters 9 through 13 cover the design, best practices, configuration, and deployment.

Figure 1-2 shows some of the chapters that cover the basic concepts. You might wonder about the utility of reading rigorously through the sometimes dry standards and protocol choreography materials. Some of you might be in the habit of skipping the chapters dealing with standards because they are opaque and more difficult to read. Hopefully, you are motivated to read through the standards chapters in this book. As one of the reviewers pointed out, in this case, because of rapid evolution, an understanding of the standards represents new technology that improves the operation and management of wireless networks. In many cases, such as with EAP-FAST, implementing a secure infrastructure requires the basics of authentication protocols such as EAP. Furthermore, the domain of WLAN is evolving at a fast pace?it has advanced at least two generations since we started this book! So the only defense against becoming out of date is to keep up with the fundamentals.

Chapter 2, "Basic Security Mechanics and Mechanisms," contains the concise and basic background material for cryptography and various security-related protocols and methods.

Chapter 3, "WLAN Standards," might seem dry, but it is a good introduction to various standards. When you need more information on a particular standard, you can refer to the standard directly. A basic perspective on the major IEEE and IETF standards is essential to comprehend and improve on the WLAN security space. Chapter 4, "WLAN Fundamentals," details the WLAN basics in even more depth.

A deep knowledge of the vulnerabilities of existing implementations will prevent you from repeating mistakes. In this regard, understanding the "classic" WEP implementation in Chapter 5, "WLAN Basic Authentication and Privacy Methods," is a good approach. Then dig deeper into the security aspects in Chapter 6, "Wireless Vulnerabilities." Finally, as mentioned previously, you need an understanding of protocols to implement a secure infrastructure. Chapter 7, "EAP Authentication Protocols for WLANs," and Chapter 8, "WLAN Encryption and Data Integrity Protocols," provide this requirement.

Chapters 9 through 13 address the most interesting aspects?the design, configuration, and deployment of WLAN. Chapter 9, "SWAN: End-to-End Security Deployment," covers the Cisco Structured Wireless Aware Network (SWAN), which enables scalability, manageability, reliability, and ease of deployment for small, medium, and large enterprise and vertical networks. Chapter 10, "Design Guidelines for Secure WLAN," and Chapter 11, "Operational and Design Considerations for Secure WLANs," provide an excellent opportunity to transcend the technological underpinnings to design guidelines and operational best practices. Chapter 12, "WLAN Security Configuration Guidelines and Examples," covers configuration for Cisco products, which come in handy when working with the Aironet products. Chapter 13, "WLAN Deployment Examples," is an opportunity to understand and gain a comprehensive knowledge of deployment patterns that you can extend to real-world implementations.

This book was conceived and written to be read sequentially from Chapter 1 to the end. The various concepts are introduced and discussed with minimum requirement for prior knowledge. In addition, the topics are elaborated on in a progressive manner so that you do not encounter a new concept technology without proper introduction.