Wireless LANs: design & security | ACMA

Wireless LANs: design & security

The operation of wireless local area network (WLAN) equipment is authorised by class licence under the Radiocommunications Act 1992.

Equipment covered by a class licence is often described as operating in a 'public park', because all users operate in the same radiofrequency band and are subject to the same limits. Under the public park concept, use within the same frequency band is 'uncoordinated' and interference is avoided by the design of the equipment and by restricting power when operating the equipment.

Designing your WLAN

When designing your WLAN to operate in this 'public park' frequency band, there are things you can do to avoid interference:

  • Choice of the type and location of antennas used in your WLAN will help efficient functioning of your network.

  • Installation of WLAN systems with different antennas to those supplied by the manufacturer should be carried out by qualified radiocommunications technicians.

There are two sorts of antennas:

  • Directional antennas transmit power in one direction

  • omni-directional antennas transmit in all directions

WLANs are usually supplied with an omni-directional antenna installed. However, it is possible to attach an external directional antenna to some commercially available equipment (see diagram).

 

wlan_antennas_1 jpg

  wlan_antennas_2 jpg

Using an external antenna to focus the radiated energy will increase the power and range of your WLAN equipment, but you may not transmit more power than allowed under the class licence.

Some general guidelines are:

  • limit leakage by pointing your directional antenna towards other users of your WLAN;

  • use natural barriers, such as walls, buildings and hills to limit leakage; and

  • remember that the higher the increase in power of an antenna the narrower the beam of energy is going to be.

The Wi-Fi Alliance was established to ensure equipment made by different manufacturers is compatible.

Look for the Wi-Fi logo when buying WLAN 802.11a, 802.11b, 802.11g and 802.11n equipment.

IEEE 802.11 equipment and security

Most IEEE802.11 equipment uses the following security protocol:

  • Wi-Fi Protected Access (WPA)

  • Wi-Fi Protected Access 2 (WPA2)

Both WPA and WPA2 overcome known weaknesses in their predecessor security protocol known as wireless equivalent privacy (WEP).

It is important to consider overall network set-up and security procedures and not rely on built-in security measures.

Secure deployment should include dealing with such things as:

  • proving who users are

  • controlling what users can do

  • auditing actions

  • determining and managing how addresses are issued

  • watching for anomalous behaviour

  • restricting access to sensitive portions of the network

  • ensuring confidential information is properly encrypted in transit

  • configuring systems to offer only the minimum set of services

  • encrypting data end-to-end not just over the air interface.

Last updated: 25 February 2014