Network designers and security experts realize that just fixing the
weaknesses of WEP is not enough. Figure
shows some of
the requirements and solutions for secure WLANs. Real wireless security
requires more than just making WEP keys dynamic or enhancing WEP. True wireless
security must be able to authenticate users, not just devices, as Figure
illustrates.
Organizations must decide how much security is required and
include this in the wireless security policy. Some networks will rely on
existing VPN solutions to provide additional security. Other networks will
implement the access control and fixes to WEP, which are included in Wi-Fi
Protected Access (WPA). WPA uses elements of 802.11i, a longer-term
standardized security solution, to secure WLANs. WPA is also called Simple
Secure Networking (SSN). Some network administrators may decide to wait for
802.11i before deploying WLANs. The next few sections will discuss what is
wrong with WEP security and what is missing.