© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Security, Management & Mobility of Wireless Networks (WLANs) Issues Approaches Solutions.

Slides:



Advertisements
Similar presentations
Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
Advertisements

Encrypting Wireless Data with VPN Techniques
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Guide to Network Defense and Countermeasures Second Edition
What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.
USRobotics Professional Access Point  Yosi Rafael.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
Wireless Insecurity.
Internet Protocol Security (IPSec)
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless LANs A Case Study of Baylor University’s Wireless Network Copyright Bob Hartland 2002 This work is the intellectual property of the author. Permission.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
Barracuda Networks Steve Scheidegger Commercial Account Manager
Norman SecureSurf Protect your users when surfing the Internet.
Windows 2003 and 802.1x Secure Wireless Deployments.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Presence Applications in the Real World Patrick Ferriter VP of Product Marketing.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Telecommunication Networks Group Technical University Berlin Secure WLAN Operation and Deployment in Home and Small to Medium Size Office Environments.
WIRELESS SECURITY ASHIMA SOOD PEYTON GREENE. OVERVIEW History Introduction to Wireless Networking Wireless Network Security Methods Securing Wireless.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
Dartmouth’s Wireless Network May 16, 2005 David W. Bourque.
High Performance, Easy to Deploy Wireless. Agenda Foundry Key Differentiators Business Value Product Overview Questions.
InterScan Gateway Security Appliance 1.0 Filip Demianiuk Sales Engineer Eastern Europe
Cyberoam - Unified Threat Management Unified Threat Management Cyberoam Copyright (C) 2010 Elitecore Technologies Ltd. All rights reserved. Privacy Policy.
WIRELESS LAN SECURITY Using
© 2004 Bluesocket, Inc. Secure Mobility ™ Wireless Security: Issues and Solutions Mike Brockney Bluesocket
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
1 © 2004 Cisco Systems, Inc. All rights reserved. Rich Gore Case Study: Cisco Global Wireless LAN Software Migration Cisco Information.
CAEN Wireless Network College of Engineering University of Michigan October 16, 2003 Dan Maletta.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
March 2003 Slide Security (Again, Sorry) Darrin Miller
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
SonicWALL SSL-VPN Series Easy Secure Remote Access Cafferata Cristiano SE Italia.
Wireless and Mobile Security
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.
IS3220 Information Technology Infrastructure Security
Equipping Your Mobile Workforce for a Seamless Customer Experience in an Unsecured Wireless World Dr. Simon Blake-Wilson Chief Security Advisor.
There is a lot to talk about if we think of the advantages of a wireless connection, the most important of its aspects is mobility and everything that.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Total Enterprise Mobility Comprehensive Management and Security
IS4680 Security Auditing for Compliance
Virtual Private Network
Configure a Wireless Router
By Markus Kriechhammer
LM 5. Wireless Network Security
Presentation transcript:

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Security, Management & Mobility of Wireless Networks (WLANs) Issues Approaches Solutions Mike Brockney, Sr. Sales Engineer, Bluesocket

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Agenda  Benefits of Wireless Local Area Networks (WLANs)  What new problems do WLANs create?  WLAN pain points  How do you solve these WLAN customer pain points?  Bluesocket Wireless Gateway Overview  Rutgers University Examples  Questions and Answers

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. The Benefits of Wireless LANs  Work where you choose-- at home, the airport, as well as your workplace  Rapidly dropping prices  Ease of deployment  Compelling technology: –High productivity gains –Reduced support and network management costs  STILL, worries remain…

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Wireless Worries Dampen The Dream CIOs: Network Managers:Network End-Users: Fear: Is IT safe? Is my privacy ensured? Can my information be manipulated? Vulnerability Lost intellectual property Compromised assets Can Crackers Get My Info? Is it worth the possible risk? Fear: Is IT safe? Network Vulnerability Network Unsecurity Virtual break-ins: War Driving Sensitive customer information Loss of control? Will it work today and tomorrow? Which vendors to choose? I’ll get the blame! Fear: Is IT Safe? Threats from the unknown Are we prepared? Cyber Attacks Legal ramifications Compromised assets? Missed-management What’s the right investment? How do I prevent obsolescence?

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. “Network security violations on the upswing. Almost 35,000 such incidents in Q ” Unsecured WLANs Create Problems “WEP fails to provide for the access control and authorization needs of enterprise wireless networks.” “By year-end 2002, 30 percent of enterprises will suffer serious security exposures from deploying WLANs.” “Deploying LAN based VPNs is not simple or inexpensive. Major problems include…the lack of ubiquitous client support, limited roaming and the loss of management control.”

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Wireless LANs: The Unfulfilled Promise  WLAN benefits are clear: rapid deployment, user convenience, productivity, low TCO but….  To meet your requirements, key issues must be resolved with wireless LANs: –Security –Compatibility and Simplicity –Quality of Service and Bandwidth Management –Cost –Mobility  Your “pain points” must be addressed and removed

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #1 War Driving – The Uninvited Guest

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address Pain Point #1 War Driving  Have a professional wireless site survey performed –Access point placement, power output, antenna selection can help prevent “leakage” outside your buildings  Do not broadcast SSIDs (wireless network names)  Install a solution that only allows access to the network for authenticated users  Use some form of encryption if air privacy and protecting your data is important  At a minimum use WEP –There are other more secure options

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #2 Layer 2 Wireless LAN Weaknesses No Bandwidth Management Stop or Go - Same Access For All Visitor or Employee or Contractor Weak Security “Bandwidth Hog”

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address Pain Point #2 Layer 2 Wireless LAN Weaknesses  Deploy a solution that allows you to control access to your network. –Guest, Contractor, Employee/Staff/Student –Even registered users may need access control  Role based access/authorization –Control access to network resources –Require encryption or no encryption –Set policies based on location and time of day –Limit bandwidth for visitors, guests, etc. –Prioritize data

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #3 WEP ‘Security ’ is Fatally Flawed  A series of academic papers exposed serious flaws in WEP– the security system built into the b standard.  Rapid passive attack was first described in July 2001 by Fluhrer, Mantin & Shamir.  AT&T Labs team successfully implemented the attack and concluded that WEP is “totally insecure”.  In August 2001, the Airsnort program was released as open source code. Airsnort allows users to decode the WEP key

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address Pain Point #3 WEP ‘Security ’ is Fatally Flawed  802.1x for keeping unregistered users from associating to access points –Many choices, each with pros and cons: TLS, LEAP, etc.  Use layer 3 encryption to ensure air privacy –PPTP, IPSec, AES –Same encryption used in most VPNs  Only require encryption for those users that need air privacy –Guests and visitors may not need to run encryption  Use a combination of encryption and authentication

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy a b f i e 802.1x g EAP-LEAP EAP-PEAP EAP-MD5 EAP-TLS EAP-TTLS EAP-SRPEAP-GSM EAP-SIM h WLAN Customer Pain #4 Supporting Emerging Standards and Vendor Implementations

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address Pain Point #4 Supporting Emerging Standards and Vendor Implementations  Choose a security and management solution that will work with most or all standards.  Solution should be agnostic to all air protocols –802.11b, a, g  Your environment will dictate the right solution –Can you control all wireless devices and operating systems on the WLAN? –Will there be a mix of WLAN devices?

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #5 Supporting A Plethora of Mobile Devices

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address WLAN Customer Pain #5 Supporting A Plethora of Mobile Devices  Choose a security and management solution that will work with all devices –PC, Mac, Linux, PDA, scanners, etc.  End-user experience needs to be simple and secure –Logins, encryption  Support common methods of authentication –Windows Domain, Browser based authentication using SSL  Use VLANs for different device types –Ex: WLAN IP phones may need to be on their own VLAN

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #6 Cost and Complexity

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address WLAN Customer Pain #6 Cost and Complexity  Choose an integrated solution –One device that support multiple security and management functions –Authentication, Encryption/VPN, Firewall, QoS, IP Mobility  The fewer devices you have, the easier to maintain the system  Integrated systems will typically reduce your overall cost

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #7 Inconvenience of Required Client Software ? ?? ? ? ?

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address WLAN Customer Pain #7 Inconvenience of Required Client Software  Choose a security and management solution that utilizes common access methods –Browser based logins PCs, Macs, Linux, PDAs –Window Domain logins To provide “transparent” authentication –Eliminates the need to load client software  Take advantage of native encryption when possible –Windows and MACs have built-in PPTP and IPSec

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. WLAN Customer Pain #8 Lack of Seamless Secure Mobility Users cannot roam between IP subnets with encrypted sessions Users must receive a new IP address, re-authenticate, and establish a new secure connection

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. How To Address WLAN Customer Pain #8 Lack of Seamless Secure Mobility  Choose a solution that allows users to move seamlessly  Users should not have to worry about: –Their IP addresses –Moving between subnets  Users should be able to roam without re-authenticating or re-establishing a secure connection  You should not have to create a “flat” network just to accommodate your WLAN

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Two Approaches For WLAN Security and Management All Security and Management in one Wireless Gateway Security, Access Control, Management, QoS Better Solution: Wireless Gateway Access Point Current Solutions: Admission ControlQoSIPSec Mobility Access Point Enterprise Network

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Network Placement of the Wireless Gateway

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Bluesocket Wireless Gateway: Summary of Features  Easy to use for network manager and network user alike  Single-component configuration, simple to implement, integrate, manage and update  Support for major Access Points, NICs, network protocols, authentication/security clients, VPNs

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Bluesocket Wireless Gateway: Summary of Features  Authentication –Native, Windows Domain, LDAP, RADIUS, 802.1x, Mac based  Authorization –Role based access control –Roles are determined by user attributes in your directory  Encryption –PPTP, IPSec, AES  Bandwidth Management –Set bandwidth thresholds per Role

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Bluesocket Wireless Gateway: Summary of Features  Distributed intelligence –All Gateways are independent systems with full functionality  Mesh Architecture –Provides centralized management of entire system of Gateways  Full logging and reporting of user activity –Allows IT staff to monitor WLAN usage Helps with capacity planning Find users who violate your WLAN policy

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Rutgers-Newark Login

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Rutgers – New Brunswick Login

© 2003 Bluesocket, Inc. Proprietary and Confidential. Do not copy. Thank you. Any questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.