To defend themselves against "war driving," users can simply turn on the WEP encryption that is already built in, and most war drivers will just move on to one of the many wireless LANs that isn't protected, Sundaralingam said. Going to the next step, users can implement user authentication and dynamic WEP, with keys that change, to protect themselves from "script kiddies," teenagers who use packaged hacking tools to infiltrate systems. Those authentication systems could include EAP-TLS (Extensible Authentication Protocol-Transport Level Security), PEAP (Protected EAP) or Cisco's LEAP (Lightweight EAP), which Cisco introduced as part of an effort to boost its own products' security beyond WEP for demanding enterprise customers.
For protection against professional hackers, Sundaralingam recommended going the next step to strong encryption systems such as TKIP (Temporal Key Integrity Protocol), which will be used in WPA and 802.11i, or CKIP (Cisco Key Integrity Protocol), a proprietary implementation of the 802.11i recommendations that Cisco developed as a stop-gap measure.
As stronger industry-standard security mechanisms become available, Cisco will offer them but also continue to support its own protocols for some time to serve customers that want to use them, Sundaralingam said.
"As a company, we're really happy to see (WPA) gain wide momentum, and very soon it's going to be supported by multiple vendors," he said.