zagandesign - Fotolia
Wi-Fi Protected Access, or WPA, is a security standard for wireless LANs that encrypts data packets as they are transported or received across the Wi-Fi network.
Currently, WPA has three iterations. Most organizations today use the second generation of the standard, WPA2, to secure their Wi-Fi networks. However, WPA2 is now well over a decade old, and a discovered vulnerability has shown some weaknesses that give security administrators reason for concern. That's why many enterprises are looking at the latest version -- WPA3 -- to help close any vulnerability holes found in previous releases.
The WPA2-WPA3 migration path, however, isn't a clear one. Indeed, the answer to whether your current WPA2 wireless LAN (WLAN) can be upgraded to WPA3 depends on several factors -- and a few potential drawbacks.
Moving from WPA2 to WPA3: Consider these factors
For one, understand that WPA3 has only been around for a couple of years. Since that time, researchers have found flaws in the latest standard. Thus, more vulnerabilities may come out, including defects that may be more damaging than what's been found in WPA2.
Secondly, and perhaps more importantly, WPA3 won't run on just any wireless hardware and software. The standard relies on Protected Management Frames, which often require users to update their hardware with chips engineered to support the technology.
Thus, depending on the type of WLAN you have deployed, migrating from WPA2 to WPA3 may or may not be possible without a hardware refresh. Additionally, not every major WLAN vendor supports WPA3. For example, Aruba Networks does, but Cisco Meraki does not. To that end, be sure to verify your preferred vendor supports the WPA3 standard.
Finally, Wi-Fi-capable endpoints must also be able to run WPA3. Most PCs, tablets, smartphones and Wi-Fi-enabled IoT devices you have deployed today probably do not support WPA3. It will take time to upgrade older hardware to gear capable of running the newer wireless security standard.
In the meantime, users considering WPA2 and WPA3 will have to rely on a WPA2-WPA3 mixed-mode strategy. Fortunately, most WLANs that can run WPA3 also support the older standard. This enables end devices that are WPA3-compatible to use the more advanced security standard, while all other devices can continue to connect to the Wi-Fi network with WPA2 protection.
Dig Deeper on Wireless LAN (WLAN)
Related Q&A from Andrew Froehlich
An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that ... Continue Reading
The network edge is where an enterprise network connects to third-party network services. Edge computing is a distributed architecture that processes... Continue Reading
PAP uses a two-way handshake to authenticate client sessions, while CHAP uses a three-way handshake. Both authentication processes are common, but ... Continue Reading