Securing Wireless LANs with Certificate Services
Published: November 10, 2004 | Updated: November 24, 2004
Download this Solution Accelerator
Click here to download Securing Wireless LANs with Certificate Services from the Microsoft Download Center.
About This Solution Accelerator
Securing Wireless LANs with Certificate Services is prescriptive guidance that addresses vulnerabilities in today’s wireless networks.
This guidance provides information for IT professionals about how to design, implement, and operate a wireless security infrastructure built with 802.1X and WLAN encryption, RADIUS, and a public key infrastructure (PKI).
.gif "Figure 1 Overview of Securing Wireless LANs with Certificate Services")
Like the previously released Securing Wireless LANs with PEAP and Passwords Accelerator, this guidance addresses vulnerabilities in today’s wireless networks and is for organizations that want to deploy WLAN technology with a high degree of confidence in its security. However, this guidance is intended for organizations from several hundred to many thousands of wireless network users. It is based on the WLAN deployment at Microsoft.
The Securing Wireless LANs with Certificate Services Accelerator includes the following components:
- Securing Wireless LANs Tools and Templates
- Baseline Test Cases.xls
- Functional and Operational Test Cases.xls
Securing Wireless LANs with Certificate Services is organized into a series of guides—Planning, Build, Operations, and Test—for each of the different life cycle phases of implementing a WLAN security solution. (A delivery guide outline also is included in an appendix.) A set of tools accompanies the documentation, including sample project and risk plans; scripts and configuration files for automating implementation and operations tasks; and a detailed set of test cases that you can use to verify the functionality of the solution as you build it in your own environment.
Planning Guide
The Planning Guide provides the following information for IT architects:
- Business and technical reasons for implementing wireless security.
- Strategies for wireless security.
- Detailed discussion of the design decisions that affect the solution as a whole and the individual solution components.
In addition, the design chapters include extended discussions of technical topics and other background information to help you customize the design if required.
Build Guide
The Build Guide provides IT implementers with step-by-step instructions for implementing all of the components of the solution: a PKI based on Microsoft Windows Server 2003 Certificate Services, a RADIUS infrastructure based on Microsoft Internet Authentication Service (IAS), and information about how to configure wireless access points (AP) and clients. Each chapter contains detailed procedures for installing and securing the operating system, configuring software components, and then integrating them into the solution. All major steps are linked to verification procedures to help minimize errors.
Operations Guide
The Operations Guide outlines procedures for the long-term maintenance of the solution components. Based on Microsoft Solutions for Management (MSM), this guide provides a comprehensive set of tasks and instructions for operating, monitoring, changing, and supporting the Certificate Services and IAS components. Information is included about setup tasks to implement the management system and daily and weekly operations tasks. Health-checking and monitoring scripts, backup and recovery procedures, and troubleshooting techniques and tools are also provided.
Test Guide
The Test Guide explains the overall test strategy that Microsoft used to validate this solution and describes the primary test cases that you can use to validate the solution in your own labs. The complete set of test cases for the guidance is included with the solution.
Related Resources
Other resources that you might find helpful include:
- Wi-Fi page of the Microsoft Windows Server 2003 Web site
- WiFi Alliance
- IEEE 802 LAN/MAN Standards Committee
- Security Solution Accelerators site
Community and Feedback
- Want to know what’s coming up next? Check out our Security Guidance Blog.
- E-mail your feedback to the following address: SecWish@microsoft.com
About Solution Accelerators
Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.
Register to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as
- Communication & Collaboration
- Security, Data Protection, & Recovery
- Deployment
- Operations & Management
Download This Accelerator
Click here to download Securing Wireless LANs with Certificate Services from the Microsoft Download Center.