In one system (company, newsroom) all computers, printers, storage devices (storage servers or mini data centres), mail servers, routers and other components are connected to the internal, local network, physically (by cable) and/or wirelessly (Wi-Fi). These networks are usually based on the so-called client-server architecture. A client or user is a computer or other hardware component in everyday use, while a server is a special computer that allows clients to use the resources stored on it. These can be applications, web pages, files, emails, databases, etc. There are different types of servers: web server, file server, mail server, database server, etc. Due to the high concentration of sensitive data in this network, special protection measures are applied to it.

A wireless network may have different physical bands depending on the strength of the transmitted signal. Indoors, this range averages about twenty metres around the router, which often means that this network is available outside the room. Routers that emit a wireless signal have several layers of protection, the configuration of which is the task of the administrator, including setting up adequate protection measures.

The most common protection measures for wireless networks:

• Wireless security mode: It is recommended to use WPA2 (Wi-Fi Protected Access 2) protection which has two possible applications. PSK (Pre-Shared-Key) is set easily, by setting a password, while Enterprise requires a slightly more complicated setup and an additional RADIUS (Remote Authentication Dial In User Server) server. In most cases, the PSK method is good enough as a protection mechanism for small and medium organisations, if the password meets the standards. Many routers also support WPS (Wi-Fi Protected Setup), a system that allows you to log in to a wireless network using a button on the router, without entering a password. This system has serious security flaws, so it is recommended that it be turned off on the router;
• MAC filtering: MAC address is the physical address of the device that connects to the network. The router can be configured to allow access only to addresses that are on its list. This method will not stop advanced attackers, who can detect the list of MAC addresses from the router and download some of the associated addresses for their device. It will also prevent people, including staff, from connecting new devices to the network (such as new phones), which can be inconvenient;
• Hiding SSID (service set identifier): SSID is the name of a network that is usually public. Similar to the MAC filter, hiding the SSID will not stop advanced hackers, but it will prevent some less capable attackers from playing with someone else's network;
• Using multiple wireless networks is recommended when there are at least two categories of people for whom the network is intended, for example employees and guests. Modern wireless routers usually have the option to create a separate guest network.