如何使公共wifi安全

David Fortini

May 14, 2019

City wifi networks need to handle a lot of device connections, which can affect data security. 以下是如何使公共wifi安全.

Government networks exchange large quantities of data including smart city solutions that track energy use, 交通密度监测仪, 公共建筑的安全摄像头, 数码政府解决方案. And every new app, personal device, or IoT deployment creates a new gateway for a potential cyber-attack on your network. The 政府火狐体育手机 accounted for 13.占2018年数据泄露的9%.*

We explored 如何使公共wi-fi更快. 但是如何保证公共Wi-Fi的安全呢? Securing mission-critical city infrastructure requires a layered security framework that combines both proactive and reactive defense mechanisms.

Get IoT-ready

到2025年，物联网连接预计将翻一番. And, 因为它们都依赖于公共Wi-Fi网络, IoT adoption is only a matter of time for government networks. Superior IoT security means optimizing your infrastructure and beefing up granular control, including the ability to “containerize” your existing network.

IoT containment technology helps public sector organizations deploy a significantly more secure network architecture to protect against cybercrime. In this safe, 简单的分布式环境, separate contained network areas can be created that are only accessible by compliant devices. For example, different departments are on separate networks. Connected devices and security systems can be kept on separate networks too, in case of compromise. This segmentation facilitates enforcement of security policies and limits the damage in the event of a security breach.

Choose automation to lower risks related to human errors

与手动配置相关的风险, often the main source of vulnerabilities are reduced by the automation mechanisms. The creation of "containers" in the network separates data exchanges, for example, servers and cameras communicate on separate network segments. As a result, an attack on a connected object affects only a small portion of the network, 这样可以避免意外的服务中断.

设置强大的访问控制

Access controls are crucial for network defense and they are becoming more prevalent each day. A stronger need to authorize users and devices is growing, to guarantee that the network is secure.

Here are some ways to securely configure and manage access controls:

• Passwords: make them complex and renew frequently

•证书:获取X.509 certificates “for mutual authentication between the IOT device and the server.” They are also commonly known for being used for Network Admission Control (NAC)

• Encryption: a highly recommended secure protocol is Transport Layer Security (TLS), 在管理设备时应该使用哪个.

• Switch access and login information: Users’ login information should be stored on an external server such as Radius or LDAP. 外部服务器也有记账的目的, which would allow access to statistics about user sessions.

拒绝服务(DoS)过滤

Lastly, it is important to mention the filtering of Denial of Service (DoS). Alcatel-Lucent OmniSwitch® automatically filters denial of service (DoS) attacks. Some DoS attacks aim at system bugs or vulnerability, while other types of attacks involve generating large volumes of traffic so that legitimate network users are denied access to the network service.

Alcatel-Lucent OmniAccess® Stellar WLAN for government was designed to enable automatic on-boarding of smart and IoT devices to enhance the connected government experience across the spectrum of public sector services. Features include: 

• Automated deployment and integrated with Alcatel-Lucent OmniSwitch®

•基于策略的Bonjour/UPnP管理

•发现服务设备

• Rules created based on: Location, user group and identity

• Automatic and secure configuration into the correct network profile acros wireless and wired networks

Looking for a public wi-fi solution for your city or community? 探索不同的解决方案 厂商比较工具. 

*基于风险的安全报告