Alpha Omega Wireless Blog

Is Wireless Secure? - The 5 Misconceptions - Part 3

Posted by Joe Wargo on Sun, Feb 21, 2010 @ 09:30 PM

After a decade of designing, selling, and installing outdoor wireless bridge systems I consistently come across five reoccurring questions that all clients ask and their misconceptions. Each week I'll present one of the five questions and answer them in plain English and put the misconceptions rest.

Question 3: Is it secure?

Probably the number one question we receive from those that have never truly used wireless for their back haul is if it's secure. The main driver for this is either because a person has had no experience using wireless backhaul, they have read some negative press online about Wi-Fi being hacked, or they have tried to install wireless using SOHO (small office - home office) grade equipment.

The answer is "Yes!" outdoor wireless backhaul is extremely secure. Provided that the equipment is designed for outdoor wireless backhaul, it is installed properly, and it is configured correctly. Most outdoor wireless bridge systems can meet DOD (Department of Defense) specifications for security and HIPPA compliance.

True outdoor wireless bridge systems (e.g. licensed microwave links, point to multipoint wireless, WiMax, wireless mesh, etc.) are designed for secure outdoor radio signal propagation. Most all systems, both Consumer grade and Carrier/Industrial grade, have multiple levels of internal and inherent security.

For instance, most systems allow for encryption to be set at 128-bit to 256-bit AES or equivalent, MAC address or serial number filtering, and/or network security naming conventions. Also, many times systems are paired and only allow communications with a known partnered radio. Many of the Carrier/Industrial grade wireless have their own proprietary encryption built in and use various protocols not found in consumer electronic components. Meaning someone can't just buy something off the shelf that can even receive the signal and/or frequency. As is the case with most licensed microwave systems.

Inherent with properly designed and installed outdoor microwave wireless systems is the fact they they are typically set up as a point to point wireless backhaul system. This means the radios use directional antennas utilizing extremely narrow beam widths (typical under 3 degrees). The radio signal is also transmitted in a particular polarization plane (e.g. vertically or horizontally) which provides around 25dBm of signal separation. For someone to intercept such a signal they would have to place a receiving antenna directly or extremely close to the path of the original signal. Hard to do if they don't have access to a tower or roof top where the signal has originated from or in the direct path.

Wi-Fi systems, because they are broadcasted in an omnidirectional fashion and are typically set up by non-industry professionals, have been victims of hacking attacks. Plus the fact that most all portable electronic computing devices and mobile phones have built in Wi-Fi makes it easy for one to have all the equipment they need to find and identify the wireless source (access point). Still if Wi-Fi is installed and configured properly, using best practices, it too can be fully secure. Also, encryption standards continue to increase.

Outdoor wireless bridge systems are completely different that their Wi-Fi partners (provided that one isn't using Wi-Fi radios for outdoor wireless bridging). Outdoor wireless backhaul has been used by the telecommunication companies and the military for decades. System continue to provide increased levels of security.

In comparison to traditional land line circuits, wireless backhaul systems can provide a higher level of security. It is not difficult to gain access to a buildings telecommunications MPOE (main point of entry) wiring closet or access to outdoor, ground level, telecommunication vaults. These locations can allow someone to easily tap onto an organizations internal network. I've had clients tell me how they are completely secure on their WAN/LAN networks and wouldn't trust anything but their copper and fiber connections. They often forget that someone can easily plug their laptop into a data jack in their lobby, gain access to their cable infrastructure from neighboring ceiling crawlspace, or jump on their WAN infrastructure from an outdoor telecommunication cabinet (which if locked at all can be easily broken into). Note: even with physical land line infrastructure one should use best practices for encryption and security. I'm not saying that WAN/LAN infrastructures are not secure, but in many cases people forget to completely secure their networks. What I am saying is that wireless systems can be just as, if not more, secure than traditional wire/fiber networks.


Tags: General, Wireless 101