Wireless LANs transmit RF signals beyond the walls that surround them and are vulnerable to signals from outside. These issues can potentially present security risks and efficiency problems. To protect the system and improve operations, RF shielding methods should be considered.
Fundamentals of Shielding
RF shielding inhibit the passage of RF signals through a building’s walls and windows. Wireless LAN product manufacturers have been creating specialized rooms with Faraday cages for years for testing purposes. While these designs do an excellent job at blocking signals, their walls have to be built from the ground up. As result, this solution isn’t practical for use outside of product testing.
When RF shielding is necessary at a facility, RF window films and shielding paint are often used. A wide selection of both products offers varying levels of protection between 40 and 80dB, the frequencies used by wireless LANs. After application of paint to walls and film to windows, a building has a good level of protection for security and performance purposes.
RF Shielding Benefits
The use of 80dB shielding greatly reduces the chances of connections or even detections occurring from outside. In a normal LAN setup, signals may have their access point located near an unshielded exterior wall. When this is the case, signals directly outside may be approximately -50dBm, which makes connections very possible for client devices. This is a serious security risk as any person nearby the building will be able to detect and potentially attack the network.
If the same exterior wall is painted with 80dB RF shielding paint, outside signals will only be around -130dBm. Normal Wi-Fi client devices will be unable to receive this connection, so security is vastly improved. This simple skin of paint, applied on the inside walls of a facility, is a valuable addition to encryption, authentication and other security methods.
RF shielding paint also block interference from exterior signals. If a building contains a wireless network, an unshielded building next door might receive as much as -40dBm. The use of 80dB paint will cause the same signal interference to drop to about -120dBm, a level that is below what might cause interference. As a result, an LAN network can operate at a higher level of performance, and DoS attacks are prevented.
Using RF Shielding
If you’re considering the use of RF shielding for an entire building or just a room, here are a few tips:
1. Determine security needs
RF shielding paint can be a significant investment, so carefully consider whether it’s required for your purposes. Look at whether people outside the building can detect and connect to your wireless network. Encryption and authentication are both strong contributors to LAN security, but they may not stop experienced hackers. Assess your building’s security, especially in terms of penetration, to decide whether outside attacks are an issue.
2. Assess RF Interference Levels
If performance is a major concern, you might want to invest in shielding to stop outside interference. Use a spectrum analyzer to measure incoming signals. To make an accurate assessment, use capacity testing to compare signals with expected interference and without it. Remember that internal RF interference can also cause problems. Even then, RF shielding can be an important investment for preventing DoS attacks.
3. Look at Shielding Costs
If you opt for RF shielding paint, you might pay as much as $450 for a gallon. While a single gallon can cover approximately 600 square feet, you may need multiple coats for the best protection. Consider whether this size of investment is worthwhile for your purposes.
4. Apply the RF shielding
Shielding paint and window film aren’t difficult to apply. Painting is the same as with any other bucket paint, and window film is simply peeled off of backing and stuck onto windows as necessary. To ensure that you get the expected benefit, be sure to follow instructions closely during application.
After you’ve applied all of the shielding, test it inside and out to be sure that you’re seeing benefits in your wireless security and performance. Finally, you’re ready to use penetration tests again to confirm that the building is completely protected.