Worthing Borough Council Shores up Wireless LAN Security

Worthing Borough Council wanted to give its users access to email and data whilst away from their desks, allowing flexibility and increasing efficiency. This case study examines how Operations manager Simon Park installed Neutrino Wireless Intrusion Protection System to be the eyes and ears for the council’s wireless network.

The Case for Wireless Networks

Worthing Borough Council is piloting PDA-based access to email and Internet

With a population of around 100,000, Worthing is one of the largest towns in West Sussex, England. A bustling commercial centre, it was identified by Experian, as most profitable town in Britain in 2000 and 2001. With miles of palm tree lined seafront, it nestles between the rolling hills of the South Downs and the shoreline.

Employing around 750 people in total throughout the Authority, Worthing Borough Council’s varied sites are spread over a number of locations. Inevitably, this leads to some authority staff having to move between buildings during their working day. With increased demands on staff to produce more with less, information and communication is very important in assisting users to deliver their duties and services efficiently. In response to such needs, Operations Manager Simon Park wanted to give his users access, in meetings, to previous minutes or relevant data. There were also number of other considerations; namely that the authority is a heavy email user and many staff rely upon accessing the system when away from their desk; and additionally, with most newer laptops now supplied with wireless cards installed and increased use of PDAs, the risk of ad-hoc networks was increased anyway despite procedures already in place to restrict use. The obvious solution was to install a wireless network together with a security system, minimising risk whilst allowing wireless access to email and other data, which would enable staff to continue to be productive!

Simon Park, Operations Manager explains;

"Enabling users to access data when away from their desks will offer real benefits in increased efficiency, allowing them to remain attached to the network longer having information to hand. A wireless network doesn’t require additional cabling, something which can be difficult in our Town Hall which is a listed building. Low cost and easy to install, it does not require major changes to the existing wired infrastructure."

Wireless Security Issues

Aware of current issues surrounding wireless security, Simon knew that if he took the correct precautions now, his wireless security would be perfectly adequate. With this in mind, as an integral part of the initial rollout, he contacted network management and security specialists, OPENXTRA to install the Neutrino Wireless Intrusion Protection System.

The Neutrino Wireless Intrusion Protection System, manufactured by US company Network Chemistry is a system of hardware sensors placed at points around a building to give total monitoring across channels which is then managed by a central Fusion Management Console. The system runs 24/7 and will alert to rogue Access Points and Clients; ad-hoc networks; a series of attacks by well known toolsets such as AirSnort, Fatajack; in addition to Denial of Service attacks and RF jamming etc. The System also provides operational parameters such as low signal strength, failing access points and so on. Worthing Borough Council viewed installation as a common sense first step in installing wireless, providing them with a background security overview and a tool to aid optimum design.

The Neutrino Wireless Intrusion Protection System

Worthing Borough Council’s Network infrastructure is an Ethernet (gigabit) network running over Cat6 cabling; a switched 3Com network for 450 users over two main sites, together with a number of remote locations such as theatres and Leisure Centres which are linked with a variety of technologies from SDSL to LES2 circuits.

Installation of the Neutrino Intrusion Protection System was simple. Installing the Fusion Management Console was trouble free and sensors were configured locally with the IP addresses of the remote sites. Discovery of the Sensors was straightforward.

Immediately, the Neutrino Wireless Protection System spotted some rogue devices from neighbouring buildings and companies, some of these using the same subnet values as Worthing Borough Council. Although not presenting a threat, this information is useful for trying to avoid interference, addressing conflicts, and for planning the siting of access points.

The Neutrino Wireless Intrusion Protection System will be used to alert on a series of vulnerabilities, intrusion attempts, unauthorised activity and for operational parameters. Any unauthorised activity that is detected by the system will then be counteracted by changing the encryption keys and following up with further investigation. With an open architecture, the Neutrino Wireless Intrusion Protection System can be easily integrated with existing network management systems but Simon Park will use Packetyzer, an open source protocol analyser based on Ethereal core technology to capture and decode any suspicious traffic.

A Common Sense Approach to Wireless Security

Simon believes that good use of encryption, regular changing of keys, careful protection of vulnerable areas using VPN technologies, and the correct choice of equipment will result in a workable solution. The growing use of mobile devices and PDAs in organisations will result in even more pressure to install wireless solutions in the future.

So why did Simon Park decide to install wireless when some organisations, because of security implications, simply ban it? He knows that wireless is a security risk, but believes that like any risk, this must be managed. There is always a balance between security and usability and demands for wireless can be delivered if a number of measures are used;

"We restrict the devices and ports reachable with firewalls and take simple measures like disabling broadcast SSID, MAC Filtering to encryption, VLANS, firewalling and IPSec VPN, changing keys regularly or sooner if the Neutrino System detects an increased risk. We take common sense precautions, for instance, shutting down the units out of hours. Risk management is a way of life - when was the last time you changed the door code to your computer room?"

The Future for Wireless at Worthing Borough Council

What does the future hold for Worthing Borough Council in terms of Wireless? Currently they are piloting PDA access to email and intranet services and are bringing in greater wireless use of laptops shortly. Looking forward, they will provide access for staff roaming the Borough, or working from other sites to avoid unnecessary returns to the Town Centre site. One particular project planned is to investigate the collation of information on inspections of Leisure Centre safety issues utilising handheld devices, increasing both efficiency and accuracy. Simon Park comments:

"Having the Neutrino Wireless Intrusion Protection System as a prerequisite, give us eyes and ears to detect who or what is using our wireless. Above all, a robust procedure is essential to tie in all these aspects to ensure our infrastructure is not compromised as we grow our wireless LAN."

"Every week I see examples of ignorance to risks in use of wireless and this perpetuates the myth that there is a WarDriver on every corner waiting to steal all your personal data. Yes, there is a serious risk but education is the key, understanding the risk and designing it out. Even if you don’t implement a wireless LAN, can you be sure your users haven’t done it for you?"