Before wireless LANs (WLANs) became popular, the only way viruses and worms could reach an organization's computers was through portable media, such as floppy disks, or through the network perimeter, which was secured by an increasingly complex battery of defenses, including firewalls, e-mail filters and antivirus engines. The use of floppies and other portable media is declining. E-mail attachments have become the preferred channel for transferring files. As a result, on a wired network, just about all potentially malicious data enters an enterprise through the network perimeter, where it will likely be detected and blocked.
WLANs undermine perimeter defenses. Wireless users are mobile. They take their computers to other networks. Some of these networks are se cure and well managed; others are not. Computers on these networks may become infected without their users knowing it.
When these users reconnect to the enterprise network-inside the perimeter-they bring their viruses and worms with them. Once loose on the network, viruses and worms can launch attacks against internal IT systems and the network itself, bypassing the network's perimeter defenses.
Viruses and worms typically use TCP/IP traffic to replicate themselves on a network and to unleash their attacks. Many send flurries of Internet control message protocol messages to locate other local devices that may be vulnerable to attack. Standard WLAN infrastructures (access points, network cards, RADIUS servers) have no means of identifying and stopping this traffic; wireless traffic, malicious or not, from authenticated users is simply passed through to the wired network.