A wireless access point (WAP) is a networking device that allows Wi-Fi devices to connect to a wired network. The WAP usually connects to a router (via a wired network) as a standalone device, but it can also be an integral component of the router itself. WAPs have a crucial role in the world of cybersecurity, as they are often the gateway through which devices access a network, making them a potential point of vulnerability.
In this comprehensive glossary entry, we will delve into the intricate details of wireless access points, exploring their functions, types, the security measures associated with them, and their role in the broader context of cybersecurity. We will also discuss the various protocols and standards related to WAPs, and how they influence the performance and security of your network.
Function of a wireless access point
The primary function of a wireless access point is to extend the range of a wired network, enabling wireless devices to connect to it. It serves as a central transmitter and receiver of wireless radio signals. Devices such as laptops, smartphones, and tablets can connect to a WAP to access the network, and through it, the internet.
WAPs are particularly useful in large spaces where a single router's signal may not reach all areas. By strategically placing WAPs throughout the space, you can ensure that all areas have network coverage. This is especially important in commercial settings like offices, hotels, and universities, where network access is needed over large areas.
How a WAP Works
A WAP connects to the router via an Ethernet cable. It receives data from the router, converts it into a radio signal, and then transmits this signal wirelessly. Your wireless devices pick up this signal, allowing them to access the network. When these devices send data back to the network, the process is reversed.
It's important to note that while a WAP provides a wireless connection to a network, it does not provide internet service. The internet service is provided by the router it's connected to. The WAP merely extends the reach of the router's network to wireless devices.
Types of wireless access points
There are several types of wireless access points, each designed for specific use cases. The most common types are standalone access points, controller-based access points, and consumer-grade access points.
Standalone access points are independent devices that connect to a router or switch. They are typically used in small to medium-sized networks. Controller-based access points are part of a larger network managed by a central controller. These are used in large networks where multiple access points are needed. Consumer-grade access points are often combined with routers in home networking equipment.
Standalone Access Points
Standalone access points are typically used in small to medium-sized businesses. They are simple to set up and manage, as each one operates independently. However, if you have multiple standalone access points, you will need to manage each one separately, which can become time-consuming.
Standalone access points are often used in scenarios where a single WAP can cover the entire area, such as in small offices or retail outlets. They offer a cost-effective way to provide network access in these settings.
Controller-based access points
Controller-based access points are used in larger networks where multiple access points are needed. These access points are managed by a central controller, which simplifies network management. The controller can manage settings across all access points, ensuring consistent network performance and security.
Controller-based access points are often used in large commercial settings like hotels, universities, and large offices. They offer a scalable solution for providing network access across large areas.
Wireless Access Point Protocols and Standards
Wireless access points operate according to certain protocols and standards. These determine the speed, range, and security of the WAP. The most common standards are the 802.11 series, developed by the Institute of Electrical and Electronics Engineers (IEEE).
The 802.11 standards include 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac. Each standard offers different speeds and ranges, and operates on different frequency bands. The most recent standard, 802.11ac, offers the fastest speeds and operates on the 5 GHz frequency band.
802.11n and 802.11ac
The 802.11n standard, also known as Wi-Fi 4, was a significant improvement over the previous standards. It introduced multiple-input multiple-output (MIMO) technology, which allows for multiple antennas to send and receive data, significantly increasing the speed and range of the WAP.
The 802.11ac standard, or Wi-Fi 5, further improved on this by introducing beamforming technology. Beamforming allows the WAP to focus its signal towards specific devices, rather than broadcasting in all directions. This improves signal strength and reduces interference.
Security measures for wireless access points
Security is a crucial aspect of wireless access points. As they are often the gateway for devices to access a network, they can be a target for cyberattacks. Therefore, it's important to implement strong security measures for your WAPs.
The most common security measure is encryption, which scrambles the data sent over the network so that it can't be read by unauthorized users. The most common encryption protocols for WAPs are WEP, WPA, and WPA2. Of these, WPA2 is the most secure.
WEP, WPA, and WPA2
WEP (Wired Equivalent Privacy) was the first encryption protocol for WAPs. However, it has significant security flaws and is now considered obsolete.
WPA (Wi-Fi Protected Access) was introduced as a replacement for WEP. It introduced a new method of encryption, TKIP, which was more secure than WEP. However, TKIP has since been found to have its own security flaws.
WPA2, the successor to WPA, introduced a new encryption method, AES, which is currently the most secure. It is now the standard encryption protocol for WAPs. A newer protocol, WPA3, has been introduced, but it is not yet widely adopted.
wireless access points and cybersecurity
Wireless access points play a crucial role in cybersecurity. As the gateway for devices to access a network, they can be a target for cyberattacks. Therefore, securing your WAPs is a crucial part of protecting your network.
There are several strategies for securing your WAPs. These include using strong encryption, changing the default login credentials, disabling remote management, and regularly updating the firmware.
Securing your WAPs
Using strong encryption is the first step in securing your WAPs. As mentioned earlier, WPA2 is currently the most secure encryption protocol for WAPs. Ensure that all your WAPs are using WPA2 encryption.
Changing the default login credentials is another important step. Many WAPs come with default usernames and passwords, which are often easy for attackers to guess. Change these to something unique and complex to prevent unauthorized access.
Regular firmware updates
Regularly updating the firmware of your WAPs is crucial for security. Firmware updates often include security patches for known vulnerabilities. By keeping your firmware up to date, you can protect your WAPs from these vulnerabilities.
Some WAPs offer automatic firmware updates, which can simplify this process. If your WAPs do not offer this feature, you will need to manually check for and install updates.
Conclusion
Wireless access points are a crucial component of any network, providing a gateway for wireless devices to access the network. Understanding how they work, the different types, the protocols and standards they operate on, and the security measures associated with them is crucial for anyone involved in network management or cybersecurity.
By implementing strong security measures and regularly updating your WAPs, you can protect your network from potential cyberattacks. As the world becomes increasingly connected, the role of WAPs in cybersecurity will only continue to grow.
About the author
Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.