1. Always Use the max key size supported by AP for encryption
– If the key size is large enough, then it takes more time to crack the key by the attacker. Also it is recommended to change the encryption key frequently so that it makes difficult for the cracker to break the key.
2. Change the default username and password of access point.
– Most of the users do not change the default passwords while configuring the AP, but it is recommended to keep a strong password, as this default password information can be known form product manufactures.
3. Disable DHCP Service.
– When the no of users accessing the AP is less, it is recommended to disable the DHCP Service, As this may make the attackers or hackers easy to connect to your network once they get associated with your Access point.
4. Do not make the SSID Information public.
– SSID (Service Set Identifier) information is used to identify a access point in the network and also the wireless clients connected to the network using this information, hence in order to allow authorized users to connect to the network, the information should not be provided in public.
5. Always use strong password for encryption.
– A Strong Password should have at least 15 characters, uppercase letters, lowercase letters, numbers and a symbol. Also it is recommended to change the encryption key frequently so that it makes difficult for the cracker to break the encryption key and do not use WEP(Wired equivalent privacy) key for encryption, rather use WPA/WPA2.
6. Isolate the wireless network from wired network with a firewall and a antivirus gateway.
– Do not connect the access point directly to the wired network. As there is a chance of compromised wireless client in turn effecting the systems in the wired network, a firewall and an antivirus gateway should be placed between the access point and the wired network.
7. Restrict access to the access point based on MAC Address.
– In order to allow authorized users to connect to the access point, wireless clients should be provided access based on MAC address.
8. Shutdown the access point when not in use.
– Hackers try to brute force the password to break the keys, so it is good practice to turn off the AP during extended periods of Non-use.
9. Always maintain a updated firmware.
– Updating the firmware of AP is recommended, as it will reduce the no of security loop holes in the access point.
10. Use VPN or IPSEC for protecting communication.
– When the information flowing from wireless client to wired network receiver is critical, then it is recommended to use VPN or IPSEC based communication so that the information is protected from sniffers in the network.