Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Wireless LANs A Windows Server 2003 Certificate Services Solution Ian Hellen – Principal Consultant Stirling Goetz – Principal Consultant.

Published byKyle Holden Modified over 10 years ago

Similar presentations

Presentation on theme: "Securing Wireless LANs A Windows Server 2003 Certificate Services Solution Ian Hellen – Principal Consultant Stirling Goetz – Principal Consultant."— Presentation transcript:

1 Securing Wireless LANs A Windows Server 2003 Certificate Services Solution Ian Hellen – Principal Consultant Stirling Goetz – Principal Consultant

2 Agenda Introduction to Solutions for Security Introduction to Solutions for Security Wireless LAN Security – selecting the right option Wireless LAN Security – selecting the right option Solution Architecture Solution Architecture RADIUS Design RADIUS Design PKI Design PKI Design Solution Guidance Solution Guidance

3 Trustworthy Computing Microsoft is committed to Trustworthy Computing: Microsoft is committed to Trustworthy Computing: Security Security Privacy Privacy Reliability Reliability Business Integrity Business Integrity Trustworthy computing can only be achieved through partnership & teamwork Trustworthy computing can only be achieved through partnership & teamwork Trustworthy Computing is a journey with a long term vision and highlights and obstacles along the road Trustworthy Computing is a journey with a long term vision and highlights and obstacles along the road

4 Trustworthy Computing Security Privacy Reliability Business Integrity Resilient to attack Protects confidentiality, integrity, availability and data Dependable Available when needed Performs at expected levels Individuals control personal data Products and Online Services adhere to fair information principles Vendors provide quality products Product support is appropriate

5 Microsoft Solutions for Security (MSS) Aimed at complex or difficult problem areas Aimed at complex or difficult problem areas Prescriptive guidance – one good way Prescriptive guidance – one good way Based on experience in field and from MS internal deployments Based on experience in field and from MS internal deployments Built and Tested in MS Labs Built and Tested in MS Labs Modular (PKI and RADIUS) Modular (PKI and RADIUS)

6 Wireless LANs Benefits of WLANs Benefits of WLANs Increased staff productivity Increased staff productivity Mobility and flexible working Mobility and flexible working Information access with lower cost Information access with lower cost Problems Problems Early security standards had issues Early security standards had issues Some people dont even take basic precautions Some people dont even take basic precautions Proliferation of solutions cause confusion Proliferation of solutions cause confusion

7 Solution Options 802.1X with WLAN protection 802.1X with WLAN protection The native route The native route VPN or IPsec VPN or IPsec Dont deploy WLANs Dont deploy WLANs But prepare for rogue WLANs But prepare for rogue WLANs Use basic 802.11 security Use basic 802.11 security …and hope for the best …and hope for the best

8 802.1X with WLAN protection 802.1X 802.1X Ratified by the IEEE Ratified by the IEEE Embraced by the WLAN vendor community Embraced by the WLAN vendor community EAP-TLS EAP-TLS Strong credentials Strong credentials Mutual authentication Mutual authentication WLAN encryption key generation WLAN encryption key generation WLAN security WLAN security WEP (128 bit) and WPA (TKIP) WEP (128 bit) and WPA (TKIP) Pending: TGi work on RSN (802.11i) Pending: TGi work on RSN (802.11i)

9 WLAN Solution Architecture RADIUS Infrastructure Services PKI

10 Head Office Branch Office Solution Design

11 Scaling & Extension Scale Up Scale Down VPN Wired 802.1X

12 RADIUS Architecture Scale up or out

13 RADIUS Placement

14 PKI Architecture

15 Securing Wireless LANs Guidance Planning guide Planning guide Build guide Build guide Operations guide Operations guide Test guide Test guide Delivery guide Delivery guide Tools and Templates Tools and Templates

16 More Information… Download Securing Wireless LANs from: Download Securing Wireless LANs from:http://go.microsoft.com/fwlink/?LinkId=14843 Microsoft Solutions: Microsoft Solutions:http://www.microsoft.com/business/solutions/ For a copy of this presentation visit: For a copy of this presentation visit:http://www.microsoft.com/uk/security For regular information subscribe at: For regular information subscribe at: http://register.microsoft.com/subscription/ subscribeMe.asp?lcid=1033&id=155 For the MS security resource toolkit visit: For the MS security resource toolkit visit: http://www.microsoft.com/uk/security http://www.microsoft.com/uk/security

17 Additional URLs www.microsoft.com/management/ www.microsoft.com/management/ www.microsoft.com/windows2000/windowsupdate/sus www.microsoft.com/windows2000/windowsupdate/sus www.microsoft.com/solutions/msm www.microsoft.com/solutions/msm http://www.microsoft.com/technet/treeview/default.asp ?url=/technet/itsolutions/msm/swdist/pmsmsog.asp http://www.microsoft.com/technet/treeview/default.asp ?url=/technet/itsolutions/msm/swdist/pmsmsog.asp

18 Microsoft - Stand 670 Firewall and VPN Firewall and VPN Identity Management Identity Management Securing Windows Securing Windows Windows Server 2003 Security Windows Server 2003 Security Wireless LAN Security Wireless LAN Security

19 Microsoft Security Seminars

20 Call to action 1. For a copy of this presentation visit: www.microsoft.com/uk/security 2. For regular information subscribe at: register.microsoft.com/subscription/subscribeMe.asp?lcid=1033&id=155 3. For the Microsoft security resource toolkit visit: www.microsoft.com/uk/security

21 Questions? Visit the Microsoft stand. Well be there for 1 hour after this session. Thank You!

22 Trustworthy Computing Stirling Goetz – Principal Consultant Ian Hellen – Principal Consultant

Download ppt "Securing Wireless LANs A Windows Server 2003 Certificate Services Solution Ian Hellen – Principal Consultant Stirling Goetz – Principal Consultant."

Similar presentations

Implementing Network Security – Wireless Security Segway! Steve Lamb Technical Security Advisor

Implementing Network Security – Wireless Security Segway! Steve Lamb Technical Security Advisor
Securing Your Wireless Network

Securing Your Wireless Network
Security Features in Microsoft® Windows® XP James Noyce, Senior Consultant Security Solutions Team, Business Critical Services Microsoft Security Solutions,

Security Features in Microsoft® Windows® XP James Noyce, Senior Consultant Security Solutions Team, Business Critical Services Microsoft Security Solutions,
Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Network Security.

Network Security.
Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.

Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.
Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.

Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June 22 2005 Licia Florio.

Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
Wireless LAN  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD  Securing.

Wireless LAN  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD  Securing.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – 802.11b  Security Mechanisms in 802.11b  Security Problems in 802.11b  Solutions for 802.11b.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
Implementing Security for Wireless Networks Presenter Name Job Title Company.

Implementing Security for Wireless Networks Presenter Name Job Title Company.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Wireless Security without a VPN! Stirling Goetz, Microsoft Consulting Services.

Wireless Security without a VPN! Stirling Goetz, Microsoft Consulting Services.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
802.1x EAP Authentication Protocols

802.1x EAP Authentication Protocols
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Mobile and Wireless Security INF245 Guest lecture 17.10.2007 by Bjorn Jager Molde University College.

Mobile and Wireless Security INF245 Guest lecture by Bjorn Jager Molde University College.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Similar presentations

Ads by Google