So far, the evolution of firewalls for the mobile Internet has entered its third generation. The first generation of firewall security policy is placed on top of the port, the second generation is placed on the mobile user, and the third generation is placed on the user and the handheld terminal, combined with the tasks performed by the APPS in the implementation of these three aspects together to give a firewall authority. In the era of mobile Internet, firewalls are already second or third generation, Aruba provides currently provides the use of WiFi firewall third generation. For the third generation, broadband is authorized, specifically to identify the user's identity, such as which APPS are being executed with Android, which resources are provided, and bandwidth in the enterprise is also limited, so the second and third generation firewall policy is based on the user plus the end device, as well as the APPS of the end device to install.
The second solution is to identify illegal APs (Access Points).
In fact, there are a lot of illegal APs and malicious APs in the system, so if you want to ensure the security of the network environment? It is to find and locate all these illegal APs, and then you can do some blocking action. Even if someone is carrying out malicious attacks and damage, can also be located and resolved. For example, there is an intrusion detection system in the wired network, and wireless networks also have such a term. As wireless network attacks are becoming more sophisticated, industries such as schools, hotels, and healthcare have to face up to the problem. Enterprises to mobile applications through the wireless network, in the end, who in the wireless network inside the hands, who in the wireless network inside the theft of information, the enterprise must know. So must do a good job of wireless network intrusion detection system.
The third solution is to detect WiFi devices.
WiFi-related devices have been heavily used today, and the WiFi that everyone uses, whether it's provided in the home or in the enterprise, interferes with the WiFi band. Even the wireless phones and projectors in a company can interfere with the WiFi band, so these devices need to be evaluated and tested. Detecting which devices inside the organization interfere with WiFi is a necessary thing, for example, microwave ovens, wireless cameras in what place will interfere with what frequency band. Only when you know the health of WiFi usage inside the company, you can design and plan a good stable and efficient wireless network.
After these three solutions, you basically start doing protection through four steps. These four protection steps are
(1) First protect the user. Second generation firewalls and third generation firewalls can protect the privileges of each user.
(2) is to protect the user link, to protect the network smooth.
(3) for the information content to do encryption processing, identity authentication. This encryption is absolutely private, as a way to protect the data in the network.
(4) Security detection: WiFi is invisible and intangible like the air, and it's not easy to detect when someone steals information from it and destroys the network, so it's important to use a demon-detecting mirror to see what's wrong with the air, and that's what security detection is all about. All of the above protection process is done, you can ensure the security of the company's wireless LAN.