I recently installed a wireless network so I can use my laptop in other areas of my house. I’m a little confused regarding its security. Should I enable encryption or is my firewall enough? I understand from what I have read that encryption will slow down the network.
There are some exceptions, but more often than not, yes, you need encryption.
A firewall gives you certain type of very important protection – but not against the types of issues that a wireless network opens up.
Your firewall is protecting you from intruders up to the point that the firewall lives. For example if you’re using a router as your firewall, then it’s preventing certain types of attacks from the internet from ever reaching the machines on your local area network. If you’re using a software firewall, such as ZoneAlarm, it’s doing the same kind of thing, at your machine’s network connection. It’s preventing machines from exploiting vulnerabilities on your system to infect or otherwise compromise your system.
That’s very different than encrypting your wireless connection. There are two issues that remain unresolved: wireless access could allow anyone to connect to your network, and even worse, once on your local network they can start looking at the data you’re sending out on the net.
Even with a firewall, if your wireless connection is not encrypted, you’re operating the equivalent of a free public-access hotspot. Anyone within range could start using your internet connection without your permission. In fact, anything they chose to do could look like it was coming from your IP address.
What’s worse, is that anyone in range who’s connected to your network can run freely available software that can monitor your network activity. They can see your unencrypted data go back and forth – often including your account names and passwords. While your “https” connections are probably safe – they’re separately encrypted – your email and email login, for example, probably isn’t.
Unless you encrypt. Encryption using WEP or WPA prevents people without the password from attaching to your network.
Now I said there are exceptions. I can think of two.
You might actually, intentionally, want to set up a free open access Wi-Fi hotspot. Then, indeed, you probably don’t want encryption on the wireless connection because you want anyone in range to be able to connect. Each individual using the network will have to do the right things themselves to make sure that they are safe. This is exactly the danger of a free Wi-Fi hotspot.
Note that I keep saying “anyone in range” – that’s the second exception – if you can ensure that no one can actually get in range, then there’s no real need to encrypt. Perhaps you live in the middle of a multi-acre parcel of property. The only way someone could get in range (typically within 100 meters) is to actually come on to your property where you’d notice them.
And one last thing: while encryption does, technically, probably slow things down a little, I’d be shocked if you noticed any difference. And besides, the security is more improtant.