1.In your post review section 3 Security and Access Management and discuss a suitable wireless security configuration from Figure 3 that can provide authentication, authorisation and encryption for the Wireless LAN in a large school.
As can be seen from the given figure 3, whether providing identity authentication, authorization or encryption will not be disclosed in public places.
Equipment certification provides a secure online environment during school use. This gives students the right to access the network. However, the device is authenticated using WPA2-PSK.
In addition, many schools encounter tips such as remembering passwords or sharing passwords during the process of accessing the network. Although this method is relatively convenient and easy to operate. But if there are loopholes or other viruses. Will reveal passwords and threaten the network environment
Many medium or large learning programs use WPA2 Enterprise. Mainly through user authentication and authorization and using 802.1x / EAP for authentication. The benefit of this is that it can improve security.
Support for TLS and MS-CHAP will provide users with PKI and improve network security.
Small schools should have WPA2 with PSK and update their passwords regularly. The benefit of doing so saves time by configuring relative content. And can also provide a good internet environment
For large and medium schools. Especially users who have applied BYOD. The problem they have is that they must be authenticated. This is why 802.1x/ EAP WPAS2 Enterprise will be the best approach. The methods used by different types of schools are different. Should choose the most appropriate method to reduce time and cost but achieve the purpose of improving safety performance
2. In your post discuss common Wireless LAN security practices and issues for a large school. See, for example, section 6.1-6.3 Common Security Issues and Management.
For the large school network, we must first pay attention to a few points. First, what can lead to network security threats, vulnerabilities, risks, etc.
First, in the network of large schools. Most students have their own devices such as cell phones, laptops and more. If the network is not secure, the student’s personal information will be leaked. This is one of the main threats. Therefore, we can use WPA2 Enterprise with user authentication. This is suitable for use in large school networks. Using this feature will ensure that students can use the network to securely access and surf the Internet.
We can also use it with WPA2 Enterprise by using AP hardware. It can play a dual protection role in the verification of identity. This can reduce network risk to a large extent.
An AP is a so-called wireless access point that is used for wireless switches in wireless networks and is also the core of wireless networks. From this perspective. AP is not very easy to detect. It is used in some building locations to ensure that there is a good signal to cover the desired area. For example, in some shopping malls or on airplanes, there are schools.
Silver 