When we look at the 802.11 security basic, we talk about the below basic components 👉 Data privacy, we call it encryption 👉AAA Authentication who you are, authorization what you can do, and accounting what you did) 👉 Monitoring Wireless LAN should be monitored actively, one of the main things is the performance, but also the intrusion. An intrusion is the introduction of an unknown guest, unknown machine, or unknown access point. Using WLC, you can monitor it without touching the APs, just looking at the logs. The WLC is able to work with the APs and tell you if interference has occurred, which is also a type of intrusion, meaning somebody attempted to block your signal. 👉 Segmentation By incorporating VLANs, resource access can be controlled from the WLAN. An example, a guest VLAN prevents guests from accessing local resources when they are connected to the guest SSID. 👉 Policy There are regulations about WLAN security in many countries, such as those in the following example NIST (National Institute of standards and technology) collaborates with industry to develop, deploy, and promote emerging technologies and standards that will improve wireless network operations and use. Corporate Policy Our policy prohibits employees from sharing passwords. Educating them about security issues. #cisco #cisconetworking #networkengineer #wireless #802.11 #secuirty #frankfurt