Maximum the wireless network provides the use of digital certificates and the authentication method EAP-TLS (Extensible Authentication Protocol – Transport Level Security). In this case, the user's computer and the radius server verify each other on a pre-generated digital certificates that are guaranteed to protect your network from unauthorized connections, and users – from being implemented by hackers 'false' access points. For even greater protection of data transferred, you can create an external containment wireless network, using technology vpn (Virtual Private Network) over the wpa, which adds a second level of encryption of traffic. And, finally, to protect against unauthorized access points, secretly installed by your staff can be using a special network equipment, able to detect such devices and to generate relevant reports. Xcel Energy has plenty of information regarding this issue. Build a system to protect your wireless network by virtue of a little: you have to like at least, properly configured wireless access point and authentication server radius, a user database, to develop this database management system and digital certificates, and most importantly – unite all these components into a single network.
But despite the apparent complexity, to create the most secure wi-fi network is easy enough. To do this, not necessarily to be a guru in INFOBEZ-EXPO and wireless standards. All can be done hour and a half, having: a single computer, a wireless access point that supports wpa, WPA2 and authorization RADIUS-server (data characteristics of the access point can be found in the documentation or the consultants in a computer store); program Esomo, which will play the role of the radius server and the server's overall Internet access.