Auditing WLAN (Wireless Local Area Network) and mobile devices involve evaluating the wireless network’s security and performance and the devices that connect to it. This includes checking for potential security threats, such as unauthorized access, rogue access points, or weak encryption, and verifying that the network and devices meet established security policies and standards. Auditing aims to identify and address any issues that could impact the security and performance of the network and ensure that it operates optimally and securely.
The scope of an audit of WLAN and mobile devices typically includes:
- Network Architecture: Evaluating the design and architecture of the wireless network, including the placement of access points, the use of firewalls, and the use of VLANs.
- Device Configuration: Reviewing the configuration of mobile devices, such as smartphones, tablets, and laptops, to ensure they meet the established security policies and standards.
- Wireless Security: Checking the security of the wireless network, including the encryption methods used, the use of strong passwords, and the presence of firewalls.
- Rogue Devices: Identifying any unauthorized wireless devices that may have connected to the network, including rogue access points or malicious wireless devices.
- Network Performance: Evaluating the performance of the wireless network, including the speed and reliability of the connection, and identifying any issues that may impact performance.
- Policy Compliance: Verifying that the network and devices comply with relevant laws, regulations, and organizational policies, such as data privacy and data retention policies.
Tools for conducting an audit of WLAN and mobile devices, including:
| Tools | Website |
|---|---|
| NetStumbler | www.netstumbler.com |
| kismet | www.kismetwireless.net |
| Wi-Fi Planet | www.wi-fiplanet.com |
| WirelessDefence.org | www.wirelessdefence.org |
| Aircrack-ng | www.aircrack-ng.org |
| TamoSoft | www.tamos.com |
| BackTrack Virtual Machine | www.backtrack-linux.org |
| Xirrus WiFi Inspector | www.xirrus.com/library/wifitools.php |
| AirMagnet | www.airmagnet.com |
| metageek and inSSIDertool | www.metageek.net |
| Wardriving tools | www.wardrive.net/wardriving/tools |
| Sybase Mobile Enterprise | www.sybase.com/products/mobileenterprise |
| GoodLink | www.good.com |
| Research in Motion (RIM) | www.blackberry.com |
| Mobile Device Manager | www.microsoft.com/systemcenter/mobile/default.mspx |
| Paraben | www.paraben-forensics.com |
Steps to perform this Audit:
- Define the scope of the audit: Determine the specific areas of the wireless network and mobile devices that will be evaluated, including the devices, the network architecture, and security measures.
- Plan the audit: Determine the resources required for the audit, including the tools and personnel needed, and develop a timeline for the audit.
- Collect data: Collect data on the wireless network and mobile devices, including device configurations, network logs, and performance data.
- Evaluate security: Evaluate the security of the wireless network and mobile devices, including the use of encryption, the presence of firewalls, and the security of device configurations.
- Identify vulnerabilities: Identify any potential security threats or vulnerabilities in the wireless network and mobile devices.
- Evaluate compliance: Verify that the network and devices comply with relevant laws, regulations, and organizational policies, such as data privacy and data retention policies.
- Report findings: Prepare a report detailing the findings of the audit, including any potential security threats, vulnerabilities, or policy violations, and recommend remediation steps.
- Implement remediation: Implement any necessary remediation steps to address any issues identified during the audit, and monitor the network and devices to ensure they continue to operate securely and optimally.
Checklist for Auditing Wireless LANs
- Ensure that access points are running the latest approved software.
- Evaluate the use and controls around centralized WLAN management.
- Verify that your mobile clients are running protective software.
- Evaluate the security of the chosen authentication method.
- Evaluate the security of the chosen communications method.
- Evaluate the use of security monitoring software and processes.
- Verify that rogue access points are not used on the network.
- Evaluate procedures in place for tracking end-user trouble tickets.
- Ensure that appropriate security policies are in place for your WLAN.
- Evaluate disaster-recovery processes in place to restore wireless access should a disaster occur.
- Evaluate whether effective change-management processes exist
Checklist for Auditing Mobile Devices:
- Ensure that mobile device gateways are running the latest approved software and patches.
- Verify that mobile clients have protective features enabled if they are required by your mobile device security policy.
- Determine the effectiveness of device security controls around protecting data when a hacker has physical access to a device.
- Evaluate the use of security monitoring software and processes.
- Verify that unmanaged devices are not used on the network. Evaluate controls over unmanaged devices.
- Evaluate procedures in place for tracking end-user trouble tickets.
- Ensure that appropriate security policies are in place for your mobile devices.
- Evaluate disaster recovery processes in place to restore mobile device access should a disaster happen.
- Evaluate whether effective change management processes exist.
- Evaluate controls in place to manage the service life cycle of personally-owned and company-owned devices and any associated accounts used for the gateway.
Conclusion:
In conclusion, auditing WLAN and mobile devices is a crucial step in ensuring the security and performance of the wireless network and the devices that connect to it. The purpose of the audit is to identify and address any potential security threats or vulnerabilities, verify compliance with relevant laws, regulations, and organizational policies, and ensure that the network and devices operate optimally and securely. Regular audits, using a combination of tools and best practices, can help organizations to maintain a secure and efficient wireless network and mobile device environment.