A common vulnerability in wireless networks is in their ability to create unexpected connections that can result in security gaps. Here are five common wireless security bandits to watch out for:

1.   The rogue access point (AP). A rogue access point is an unauthorized access point connected to your wired network, generally connected by someone in your organization trying to set up do-it-yourself wireless service. Although rogue access points are usually installed innocently enough, they can provide an unsecured gateway right into the heart of your network.

2.   The ad-hoc client. Ad-hoc mode is the ability of wireless devices to connect directly with other wireless devices without accessing an access point. If a computer on your wired network sets up an ad-hoc wireless connection to another computer, that other computer can gain access to your network through the ad-hoc computer.

3.   The out-of-compliance access point. Older access points that have not been updated to the latest firmware release may open your network to hackers. Keeping all the equipment on your network up to date with firmware releases will protect your network from attack to known vulnerabilities. Not doing this can weaken security and reduce network performance. Out-of-compliance access points tend to be a problem in organizations that do not have a security policy that addresses keeping all equipment up to date on their firmware releases.

4. The mis-associated client. This is a problem, not with your wireless network, but with nearby wireless networks. When a wireless client has more than one wireless network to choose from, it may accidentally connect to the wrong network. This kind of mis-association, especially if it’s by a laptop also connected to your wired network, creates a security breach. Although mis-association is usually accidental, a hacker may deliberately create a decoy wireless network that looks like yours in order to fool users into logging on. This connection then allows the hacker to steal passwords and attack your wired network.

5. The non-traditional wireless device. It’s easy to focus on laptop computers and forget about other wireless clients such as personal Bluetooth® devices, cell phones, bar-code readers, and printers that may also use your wireless network. All these devices are vulnerable to cracking and may present an entry to your network to an enterprising hacker.

Your best defense against these common security bandits is a cohesive security strategy that includes network access control, regular site surveys, and a consistent, up-to-date security policy. A centrally managed wireless system makes planning and enforcing network security far more efficient than in “traditional” wireless networks with autonomous access points. Managed systems can often be set to independently handle tasks such as network access control and rogue mitigation, making life far easier for time-stressed IT managers.

Once you’ve chosen your cabinet, whether it be customized Elite or an energy-saving ClimateCab, it’s time to add accessories for even more function.

Cabinets have two sets of rails, front and back, where you can mount shelves, trays, cable managers, and power strips.

Shelves

Cabinet shelves are an easy solution for storing things that aren’t rackmountable. The shelves attach to the rails; servers or other equipment sits on the shelves. Make sure the shelf has the weight capacity you need—some can hold hundreds of pounds. For easy access to components in your cabinet, choose a sliding shelf. There are also vented shelves that improve air circulation within the cabinet.

Although most shelves fit 19” rails, there are shelves that go on the less-common 23” rails. There are also brackets that can adapt many devices intended for 19” mount to 23” rails.

Keyboard Trays

Keyboard trays are space-saving solutions that also keep your data center organized. They slide neatly into your cabinet or rack—and out of your way—when not in use. And they usually fit into only 1U of rack space.

KVM Trays

Further reduce clutter in your server room by using KVM trays that are 1-or 2U high mounted in your cabinet. Special features of many KVM trays include rock-solid construction, LEDs on the front panel for easy location in a darkened data center, and integrated KVM switching.

Front-panel controls enable you to use the buttons on a monitor bezel without pulling out the keyboard. Some trays have USB ports for access.

Cable Managers

Cabinets usually have built-in troughs for cable routing, knockouts for cable pass-throughs, and tie-off points for cable management. You can also add horizontal or vertical cable managers to the cabinet’s rails to manage and route cables more efficiently. Cable managers control bend radius to protect cables from hidden crushes, inks, and snags, and reduce maintenance time by keeping your cabinet neat and organized. Plus, properly managed cables help to improve airflow.

SpaceGAIN

If you have no room to spare in your cabinet, think SpaceGAIN. You might not think of a patch panel as an “accessory,” but SpaceGAIN angled-port and angled path panels are not your average panels. They free up valuable space and eliminate the need for horizontal cable managers. You save time and money by routing cables directly into ports. And SpaceGAIN high-density feed-through patch panels enable you to fit 48 ports into only 1U of rack space, with no punchdowns needed.

To save even more space, use SpaceGAIN 90° Right-Angle CAT5e/CAT6 cables. Their up, down, left, or right angles save up to 4” of space in crowded cabinets.

PDUs and UPSs

Control the distribution of power in your cabinet with a power distribution unit. A PDU can be basic or “intelligent,” with surge protection, remote management, or power and environmental monitoring. Integrate a PDU directly into an uninterruptible power supply (UPS) for extra reliability.

Security

Most cabinets come with a lock and key, but more advanced options are available to provide a higher level of security. Keyless options include combination locks and biometric locks that read fingerprints.

Fans and Blowers

Ventilation in your cabinets is critical for keeping vital equipment cool.

An enclosure blower draws cool air from a raised floor at the bottom of the cabinet and delivers it right across the front of servers or other network components. It fits on standard 19” rails and uses only 2U of mounting space. This high level of ventilation lowers the temperature of cabinet hot spots by up to 15° F. Lowering temperature protects your electronics against failure caused by overheating, which may enable you to install more equipment.

Fan panels or fan trays direct maximum airflow with very little noise to heat-sensitive rackmounted equipment. Position them in your cabinet wherever you need them the most.

Most network devices take in air through their front panels and expel it out the back. Filler panels in unused rack spaces help keep cool air in the front of the cabinet where it can be used by the equipment.

For more information on effective cooling techniques, read our blog post on efficient cooling in the data center.

Every network administrator is faced with this dilemma: The Internet can be a risky thing for your network, but your network needs to be connected to  it.

Attacks are surprisingly common. We’re just hearing more about it these days (Hi there Epsilon and Sony)  because they’re now affecting larger companies and millions of people. Before, outbreaks may have gone unreported, except at the Web sites of  antivirus software vendors.

What makes you want to pull your hair out even more is that every time you learn to defend against one kind of attack, hackers seem to come up with new and more creative ways to send spam. And if hackers on the Internet aren’t enough to worry about, you also have to worry about your own network users deliberately or inadvertently causing damage.

Although this perpetual onslaught can overwhelm you and make you feel like you’re fighting a losing battle, the reality is that with some basic precautions, you can defend your network against the vast majority of threats.

Have a plan

Start by making a security plan. Generally, the larger the network you’re administering, the more formalized the plan should be.

Your security plan should include:

• Education — Teach network users how to avoid threats.
• Access policies — Control physical access to the network through lock and key or password protection.
• Software   — This includes the software required to protect your network and the scheduling of regular updates of both antivirus software and patches issued by software vendors.
• Firewall   — If a firewall is needed, consider what kind of a firewall is needed and schedule regular reviews of firewall policies.
• Backups — In case your network does fail, you should be ready to repair the damage and restore lost data.

Education

Keep on top of the latest hoaxes and viruses and make sure your network users know about them. Teach your network users to be suspicious of and report anything that doesn’t look “right.”

This may seem like common sense, but common sense isn’t always common place. Be sure network users know never to reply to or forward spam. Hoaxes and scams run rampant across the Internet. Any e-mail that promises money, asks for personal information, asks you to forward or respond to something, or tells you something bad will happen if you don’t respond should always be deleted.

Warn your network users about bad neighborhoods on the Internet. If they start poking around on sites that offer pornography, gambling, and too-good-to-be true (It just fell off the back of a truck, really?) deals, they’re more likely to be exposed to viruses and scams. Although you can use a firewall to deny users access to dubious sites, it’s virtually impossible to filter out all of them so network users should be aware that dangerous sites are out there.

Access policies

Be aware that security breaches happen “at home,” too. Anyone with network access can steal or damage your data or networking devices. Take the time to look at who has access to what, keep essential network devices under lock and key, and implement password access to sensitive data.

Software protection

An important line of defense for your network is antivirus software. Buy a well-known brand and update it often. There are two major types of antivirus software: scanners and checksummers.

Scanners, the most popular variety of antivirus software, scan your hard drive or scan each file in real time as it’s accessed. Scanners work by comparing files to known viruses. They’re easy to use but must be kept up-to-date with the latest virus information to remain effective.

Because viruses change files, checksummers look for these changes to find signs of infection. They have the advantage of detecting unknown viruses that a scanner can’t detect; however, they also have trouble distinguishing between legitimate change and a virus infection. Another marked disadvantage of checksummers is that they can only detect infection after it happens-they’re useless for virus prevention. There is no such thing as ideal antivirus software, and different products have different strengths and weaknesses. For the most effective protection, it’s a good idea to use more than one antivirus program.

In addition to using antivirus software, it’s also wise to always install software patches as they’re issued. Modern software is very complex, making it difficult to thoroughly test for security holes. Often these holes are discovered after software has been out for a while. At this point, the vendor will release a software patch, usually available on its Web site. Many computer break-ins can be prevented simply by keeping your software patches up-to-date. Regularly schedule a check of software patches issued by your software vendors and use them where needed. Do NOT install software patches that arrive unsolicited through your e-mail, as many viruses masquerade as software patches.

Firewalls

Hackers probe computer networks for open ports looking for a way in. Your goal is to make sure that unused ports are blocked and that your network only accepts legitimate requests for service. This is where a firewall comes in.

The firewall blocks unwanted traffic while letting through the traffic you want. It makes decisions that allow or deny access to services and ports on your firewall. A firewall enforces your access control policy, but it’s up to you to decide what that access control policy is. You can block whole ranges of ports-everything that you do not require to be open.

Firewalls generally come preconfigured to deny all access to all ports. It’s then up to you to instruct your firewall to allow network traffic through to specific ports on specific PCs in your network. When a request for a service is made, the firewall inspects the request to make sure the type of request matches an available port.

Backup and recovery

Back up your files on a regular basis so if your network is invaded, you can replace corrupt or infected files with your backup copies. With regular nightly backups, even the worst disaster will never cause the loss of more than a day’s data. Backup copies should always be stored on hard media in a separate location-NOT on a server connected to the network.

Do you have a plan to cover an unexpected disaster?

Understand attack methodologies and develop a more proactive approach to defense.

Most network breaches come from malware. Learn about the many  ways  it can invade your network and why traditional countermeasures all   fail. Then learn what to do about it. This white paper shows you how to dramatically reduce your risk of a  network breach  from malware by defending against threats, detecting  vulnerabilities,  and controlling your assets. Discover how increasing  employee awareness  and training, setting up strong encryption, using  physical and network  access control, and implementing a host-based  intrusion prevention  system are all part of a smart security plan.