Configuring Basic WLAN Security
Monitoring WLAN equipment

Event logging via SNMP or Syslog is very important in the overall security process. As shown in Figure , event notification levels can be defined for SNMP and Syslog. A Syslog server must be defined in order to send Syslog messages to a central monitoring server . Syslog and SNMP configuration will be covered in detail in Module 11.

Simple Network Management Protocol (SNMP)
SNMP allows network management programs to view and change settings of equipment. SNMP can be used to view settings using a Get request. SNMP can also be used to change settings using a Set request. Finally, SNMP devices can send alerts to management stations using the Trap function. SNMP uses a non-encrypted secret called a community string or name. Read-Only community names allow only Get requests, while Read-Write community names allow Get and Set requests. SNMP versions 1 and 2 are insecure, because the community name can be seen in the requests. SNMP version 3 adds adequate security, but it is not yet widely used or supported. Never use public or private, which are the defaults, as community names. Use a community name that will meet secure password guidelines .

Remember that ongoing monitoring is a part of security procedures. Most network monitoring is done with a combination of ICMP and SNMP. SNMP and event logging are covered in greater detail in Module 11.