To analyze the "Guidelines for Securing WLANS and Networks of ‘Things’"

1. IS 3868 Nicole Gaehle
Assignment 2
Analysis: Guidelines for Securing WLANS and Networks of ‘Things’
There are securityconcernsthatorganizationsshouldconsiderwhensecuringlocal area
networksandespecially,wirelesslocal areanetworks.“Organizationsshouldhave standardizedsecurity
configurationsfortheircommonWLAN components,suchasclientdevicesandAPs.A standardized
configurationprovidesabase level of security,reducingvulnerabilitiesandlesseningthe impactof
successful attacks.Standardizedconfigurationuse improvesthe consistencyandpredictabilityof
security,inconjunctionwithusertrainingandawarenessactivitiesandothersupportingsecurity
controls.”(Souppaya&Scarfone,2012) Local AreaNetworksare wirednetworksthatcanbe easily
accessedif someone onthe WirelessLocal AreaNetworkfoundabackdoorto getintoit. For example,
UMSL has a Local AreaNetworkoncampus that iswiredbuttheyalsohave the WirelessLocal Area
Networkthatistiedoff the Local AreaNetwork.UMSL wouldhave hadto take into considerationon
whatto do whentheyfirst setup theirinternetwhenfirstbeingbuilt.The components of the network
wouldhave hadto be standardizedtoallow studentsbe able togaininternetaccessbutwouldnotallow
themto sneakintothe backdoorof the networktoput a virusonto the network.ThroughoutUMSL
campusthere are APs(AccessPoints) thatwouldhave beenconfiguredtoallow certainpacketsof data
inand to blockcertainpacketsof data tobe clearedorviewedbeforebeingable tobe used.The
standardizationsecuritywasused campus-wide tobe able toallow studentsandprofessorstogetinto
the network.“Before designingaWLAN securityarchitecture orWLAN componentsecurity
configurations,anorganizationshouldgatherinformationonneeds,particularlyoperational and
securityones.”(Souppaya&Scarfone,2012) The IT networkteamof UMSL wouldhave neededto
gatheras much entail aspossible tobe able todetermine whatkindof architecture theyare needingto
buildfortheirlocal areanetworkandwirelesslocal areanetwork.Particularlythe wirelesslocal area
networkbecause thatisthe most commonuse forsuch a large campus. “WhenplanningWLAN security,
configurationdesignersshouldconsiderthe securitynotonlyof the WLAN itself butalsohow itmay
affectothernetworksthatare accessible throughit,suchas internal wirednetworksreachable fromthe
WLAN.An importantprincipleof WLAN securityistoseparate WLANswithdifferentsecurityprofiles.”
(Souppaya&Scarfone,2012) UMSLs configurationdesignersintheirnetworkteamwouldhave needed
to come up witha designthatwouldworkand implementagoodnetworkstrengthfortheirstudents
and facultytobe able touse LANs andWLANs.Most campuscomputersare wiredbuttheyalsoneeded
the wirelesslocal areanetworksofacultyandstudentswhouse theirowncomputerscouldconnectto
the internet.UMSL needs tomeetthe needsof all studentsandfacultysotheycan use the internetfor
classesbeingtaughtortakenfor a degree.The securityneededneedstobe a standardized
configurationforLANsandWLANs.
LANsand WLANsare technicallypartof Networksof ‘Things’.“’Things’canoccur inphysical
space or virtual space.”(Voas,2016) Physical andvirtual space islike anygeneral commonknowledge
that youcan thinkof. So physical isconsideredtobe like humans,vehicles,computers,etc.Virtual is
consideredtobe like software,cloudservice,files,social medialikeFacebook,etc.“The primitivesof a
NoT are:1) sensor,2) aggregator,3) communicationchannel,4) eUtility,and5) decisiontrigger.There
may be some NoTsthat doesnot containall of these,butthat will be rare.” (Voas,2016) For instance,
we all have primitivesthatmake us be whowe are. We are similartocomputers,software,andsocial
media.“Sensorisanelectronicutility thatmeasuresphysical propertiessuchastemperature,
acceleration,weight,sound,location,presence,identity,etc.” (Voas,2016) We all have a physical

2. IS 3868 Nicole Gaehle
appearance thatsomeone canassume weight,temperature (anger/sad), where we are,andhow we
presentourselves.However, the temperature canbe anythinglike how madwe are,how sad we are,or
evenourphysical temperature totell how sickwe are.“Aggregatorisa software implementationbased
on mathematical function(s) thattransformsgroupsof raw data intointermediate,aggregateddata.”
(Voas,2016) Inhis instance,ahumanis nota greatexample. Instead,thinkof acalculatorona computer
or a regularcalculator.Forsomeone touse a calculatorit ismade of functionslikeadding,subtracting,
dividing,square rooting,squaring,etc.A calculatorisa software-baseddevicethattakesfunctionsand
takesraw data that we inputandcalculatesan answerforus.For example,2plus8 divided by2would
getyou the answerof 2. “CommunicationChannel isamediumbywhichdataistransmitted(e.g.,
physical USB,wireless,wired,verbal,etc.).” (Voas,2016) We all have to communicate toa computer
somehowaswell as to anotherindividual.Toprocessthe communicationtoa computeristo inputa
USB to pull up filesortoenterwords(as I am usinghere) butthe computerisrecognizingthisasbinary
(bytes) data. “AneUtility(external utility) isasoftware orhardware productor service.”(Voas,2016) A
computerisa piece of hardware thatprovidesaservice toeducatorsandemployerstobe able to
communicate topeople.“A decisiontriggercreatesthe final result(s) neededtosatisfythe purpose,
specification,andrequirementsof aspecificNoT.” (Voas,2016) A specificNoT(Networkof ‘Things’)
wouldbe a computer.Thisdocumentisan example of adecisiontrigger.Thisisdue tothat fact that the
software inmycomputeriscomputingdata andallowingme tosee the endresult(final result) of the
paper.Withouta computer,we wouldneedtouse a standardtypewriterthatmakesyouphysically
move to the nextrowon the piece of paper.Thissoftware onthe eUtilityallowsustoeliminate the
original typewriterandallowsof acommandto go the nextline of the document. “NoTscanbe open,
closed,orsomewhere inbetween.” (Voas,2016) For example,acomputerhashundredsof sensors,
numerousharddrives,aCPU or more,wiredcommunication,databases,andwithoutanywired
connectiontoa network.Thiswouldbe consideredan in-betweenstate of openandclosed.
In conclusion,NoTsandWLANsare similartoone another.Theyneed tobe configuredtobe
secure to the usersof those services.Thiscanbe anywhere yougo.It can be at a restaurant,yourhouse,
the library,a car shop,schools,etc.A standardizedsecurityconfigurationisbestusednomatterwhere
yougo.
Bibliography
Dawson,M., & Omar, M. (2015). NewThreats and Countermeasurein Digital Crime and CyberTerrorism.
Hershey:InformationScience Reference (animprintof IGIGlobal).
Souppaya,M., & Scarfone,K.(2012). GuidlinesforSecuringWirelessLocal AreaNetworks(WLANs). NIST
Special Publication 800-153.
Voas,J. (2016). Networksof 'Things'. NISTSpecial Publication 800-183.