zagandesign - Fotolia
Wi-Fi Protected Access, or WPA, is a security standard for wireless LANs that encrypts data packets as they are transported or received across the Wi-Fi network.
Currently, WPA has three iterations. Most organizations today use the second generation of the standard, WPA2, to secure their Wi-Fi networks. However, WPA2 is now well over a decade old, and a discovered vulnerability has shown some weaknesses that give security administrators reason for concern. That's why many enterprises are looking at the latest version -- WPA3 -- to help close any vulnerability holes found in previous releases.
The WPA2-WPA3 migration path, however, isn't a clear one. Indeed, the answer to whether your current WPA2 wireless LAN (WLAN) can be upgraded to WPA3 depends on several factors -- and a few potential drawbacks.
Moving from WPA2 to WPA3: Consider these factors
For one, understand that WPA3 has only been around for a couple of years. Since that time, researchers have found flaws in the latest standard. Thus, more vulnerabilities may come out, including defects that may be more damaging than what's been found in WPA2.
Secondly, and perhaps more importantly, WPA3 won't run on just any wireless hardware and software. The standard relies on Protected Management Frames, which often require users to update their hardware with chips engineered to support the technology.
Thus, depending on the type of WLAN you have deployed, migrating from WPA2 to WPA3 may or may not be possible without a hardware refresh. Additionally, not every major WLAN vendor supports WPA3. For example, Aruba Networks does, but Cisco Meraki does not. To that end, be sure to verify your preferred vendor supports the WPA3 standard.
Finally, Wi-Fi-capable endpoints must also be able to run WPA3. Most PCs, tablets, smartphones and Wi-Fi-enabled IoT devices you have deployed today probably do not support WPA3. It will take time to upgrade older hardware to gear capable of running the newer wireless security standard.
In the meantime, users considering WPA2 and WPA3 will have to rely on a WPA2-WPA3 mixed-mode strategy. Fortunately, most WLANs that can run WPA3 also support the older standard. This enables end devices that are WPA3-compatible to use the more advanced security standard, while all other devices can continue to connect to the Wi-Fi network with WPA2 protection.
Dig Deeper on Network Infrastructure
Related Q&A from Andrew Froehlich
The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the top six business ... Continue Reading
Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks ... Continue Reading