There is a local credit union that currently has two locations; a headquarters office downtown and a branch office on the east side of town.
The headquarters has the following equipment:
- Ten Windows XP and ten Windows 7 workstations, connected to a Windows Server2008 R2 file server
- One Windows Server 2008 R2 RRAS server accessed by home workers after hour
- One Windows Server 2008 R2 print server
- One Linux database server
- One Apache Web server for members to check their account balances online
- One firewall where the network connects to the credit union’s ISP via a T3 dedicated link
The east-side office has five Windows 7 workstations, connected to the headquarters office Windows Server 2008 R2 server through a Tl link. At the headquarters, the servers reside in a locked room that admits authorized users with an electronic badge access system. Both locations have numerous security cameras, including cameras in the computer room. The company has a security policy that all employees are required to read and sign when they become employees. Wireless components have been recently added to the network, including an access point at each of its two locations. These access points allow employees to connect with the LAN and another access point at each of its locations designated for customer access. The manager is unsure if wireless security measures have been implemented, much less whether any measures that might have been implemented are as secure as possible.
Create a checklist of items on this network that should be evaluated for security. Describe any entry points (physical or data transmission related) or situations that constitute potential security risks. In addition, explain how to better train employees to understand network security.
Describe at least three separate techniques that could be used to improve wireless LAN security. Among these, which do you recommend for the employee WLANs at each location and which do you recommend for the customer WLANs? Why might the two types of WLANs differ in the method of secure transmission they use? Finally, how can the credit union’s network administrators ensure that customers who bring their smartphones or laptops into the bank can access the customer WLAN but cannot access the employee WLAN?