From a security standpoint, what standard is the standard of choice? Is there a standard that will provide the wireless community with AES as its encryption algorithm (symmetrical key), as well as provide a level of protection I am looking for, as an engineer?
I would suggest deploying Wi-Fi Protected Access (WPA) at a minimum. It addresses all of the WEP vulnerabilities and more. You can also implement 802.1x for secure authentication. Upgrade your systems (or buy new systems) when the 802.11i standard is finalized and fully supported.
Even without these features, I still believe if you implement basic security features for your WLAN, you'll be pretty darn secure. This includes:
- Use WEP -- 40/64 or 104/128 bit will work just about the same
- Disable SSID broadcast
- Change default SSIDs and AP system names
- Change default passwords
- Use MAC address filtering
- Keep AP, bridge, and client firmware up to date
- Use a VPN if you're really paranoid
Dig Deeper on Enterprise mobility strategy and policy