Wireless Security White Paper
28
Figure 12 (next page) illustrates a corporate network with firewalls.
Figure 12: Corporate Network with Firewalls
"On its own, a firewall is a particularly dangerous single point of failure for network protection.
Intrusion Detection Systems (IDS) provides an effective secondary protection measure to prevent
security policy failure. IDS technology is also useful in detecting some types of malicious
behavior by insiders. IDS can be both network based and host based."
7
Application and Data Servers
The fifth and final key juncture in the pipe, after mobile access devices, wireless networking
technologies, access points, and firewalls, centers on the application and data servers that reside
inside corporate firewalls. The security vulnerabilities associated with using data servers,
desktops with hard drives containing data, and application security are the same for wired and
wireless access. Therefore, no attempt is made here to explore the security issues associated with
internal data control. It is important, however, to recognize this end of the pipe as a point of entry
to data that is being transmitted wirelessly. Corporations are continuously exploring ways to
secure data on users’ internal machines in multiple ways: for example, by implementing locked
door policies and by multi-factor authentication requirements.
7
Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success
. See this technical guide for more
information on firewalls.