×
Search TQA Weekly
×
Log into your TQA Weekly

Securing your Wired and Wireless Networks

Restricting and controlling access to gateways using media access controller address identification.

Steve Smith, host of your Technology Questions Answered, explains how to restrict access to your internet and network gateway using the media access controller address of all devices capable of network access regardless of connectivity.

Episode #1-43 released on July 24, 2011

This is Technology Questions Answered, and for those who don't know who I am, I'm Steve Smith, aka Zed Axis, the host of the show. My personal mission is to bring new concepts, tools and knowledge to those who will greatly benefit these, and I do this by using the internet to showcase my weekly show, available through YouTube, iTunes, Feedburner, and numerous other syndication services.

This week, I tackle issues that arise when unauthorized computer connection through gateways like routers, and offer a simple solution that may be a little time intensive at the beginning, but increases overall network security, prohibits access to all unregistered machines connected wirelessly or connected physically to your gateways, and reduces the total overall abuse of internet bandwidth from external sources. This prevents all access to networks from employees using their own equipment like laptops, net books, tablets, cellphones, etc...

This will prevent virus and malware infections, keep employees from downloading illicit materials, reduce bandwidth traffic, and prevent unauthorized file transfers. If you want to deploy an authorized connection policy for employees, you can also control which devices can connect legitimately on the network.

This also allows you the ability to accurately define the traffic type, and log computer traffic accurately by knowing which devices are abusive on the internet.

Want to know what I am talking about? I am referring to media access controller address filtration, also known as MAC Address Lock, or network filtering, depending on which company you use for your gateway needs.

The positives of this technology are:

  • Blocks all wired and wireless traffic from unauthorized machines.
  • Prevents all unwanted leeching of traffic and bandwidth.
  • Saves money on bandwidth if your constantly surpassing your bandwidth caps.
  • May already by included in your gateway's firmware.
  • Will prevent networked data from being downloaded to unauthorized computers, and does help prevent commercial espionage.
  • Will prevent visitors from hijacking your network.
  • Lowers the risk of viral and malware infections comprising the network security.

The Negatives of this technology are:

  • Blocks all unregistered, authorized machines, even those with correct credentials.
  • Requires manual acceptance of all new machines.
  • Encryption is still required to protect data in the air.
  • Costs more to implement in the short run only.

Now to deploy this method only requires that you have:

  • A list of authorized MAC addresses
  • A gateway capable of MAC address filtration

To deploy within the gateway, if all the machines, and only the machines you want, are connected and online, you usually can select them, and add them almost automatically the first time, this may require that you define static IP addresses for each machine, which is great for logs, but not really required. If you want to use this to monitor traffic loads, defining static IP addresses will make everything easier.

Now, you can also verify a machine's MAC address by visiting each of the computers, and verifying the network connection status, under the support tab, select details, and take note of the physical address, also know as the MAC Address. Then, you may enter each MAC address, manually, as well.

The majority of gateway routers will have an option called network filter, MAC address lock or MAC address filtering. This is where you will enter the information of each authorized machine to start filtering your network traffic and keep the unauthorized users out.

Now, you only have a few precautions to follow:

  • Always make backups of the gateway settings
  • Always use a strong password
  • When deploying wireless connections, use encryption to avoid hackers from sniffing traffic and spoofing MAC addresses of valid devices, and use a really strong password that contains no words, just multiple case letters, numbers, and special characters.
  • Keep a list of users and device MAC addresses to verify logs against, if you deploy logging on your gateway.

Now, if you followed all my suggestions, you should enjoy a faster, more reliable network environment where bandwidth usage shall be easier to monitor, and savings in costs should be on your way. This applies not just to businesses, but also to family and co-operative home situations.

As of this week, my online store now contains all our available gear and apparel, as well as, all the custom designs all in one store, you can head over to www.cafepress.ca/zedaxis.

To get yourself counted, and your opinions heard, you can complete our listener survey, which you can do anonymously, and that will allow me to take into account what you think about the show, the content and the overall show feel. The link is available on my homepage at www.zedaxis.net.

And, finally, you can now go to http://tqaweekly.com to submit your stories, questions, comments and suggestions for Technology Questions Answered.

Next week, I'll be talking about protecting the emails you send out from prying eyes by using PGP E-mail encryption. I'll even present you to a free PGP E-mail Certificate service to get you on your way to safer and private e-mail conversing.

So, until next week, have a great day, if you like the show, subscribe to our weekly podcast, stay safe and online.

Host : Steve Smith | Music : Jonny Lee Hart | Editor : Steve Smith | Producer : Zed Axis Productions