Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Ten Steps to Wireless for Libraries Live web event July, 21, 2005 WebJunction's Focus on Wireless Internet Access in Public Libraries.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A November 11 th 2003www.wireless.ubc.ca 1 Deploying the world’s largest campus IEEE b.
Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.
Northern Arizona University Wi-Fi 2005 Flagstaff Campus Wireless Plan 4/11/2005.
Wireless networking Roger Treweek Oxford University Computing Services.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
Network Security Professor Professor Dr. Adeel Akram.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Agenda 10:00 11:00 Securing wireless networks 11:00 11:15 Break 11:15 12:00Patch Management in the Enterprise 12:00 1:00 Lunch 1:00 2:30 Network Isolation.
Dartmouth’s Wireless Network May 16, 2005 David W. Bourque.
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
VPN AND SECURITY FLAWS Rajesh Perumal Clemson University.
PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.
The "How" and "Why" of a Large-Scale Wireless Deployment  March 3, 2004  EDUCAUSE Western Regional Conference Sacramento, CA Copyright Philip Reese,
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Wireless Past, Present and Future. University of Auckland Robert Beattie.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Solutions for BDMHS  JF&C is a highly qualified company that performs a wide variety if technical services in the Chicago land area to business, government.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
HUB Connects multiple workstations, servers, and other devices to a network. Can be used to connect two or more computers to one network port. Handles.
Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
PRESENTATION ON WI-FI TECHNOLOGY
1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.
Module 5: Configuring Access for Remote Clients and Networks.
CAEN Wireless Network College of Engineering University of Michigan October 16, 2003 Dan Maletta.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Protecting Your Wireless Network Protecting Your Wireless Network University of Tasmania School Of Computing 2007.
Resnet Enhancements and Directions Part 1, Bruce Campbell, Information Systems and Technology.
Network Components By: Zach Przybilla CECS 5460 Fall 2015.
● Albert Einstein explained it best: ● "You see, wire telegraph is a kind of a very, very long cat. You pull his tail in New York and his head is meowing.
12/1/2015Faculty : Trần Thị Ngọc Hoa1 ISA server Overview 1. Introducing ISA Server 2. Deployment Scenario for ISA Server.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
Copyright 2003 UBC wireless.ubc.ca The World’s Largest Wi-Fi Campus Network Jonn Martell Wireless Project Manager, UBC
April 28, A shared commitment to provide the most effective education to all students so they live successful lives. In order to accomplish the.
Network Equipment Assignment 3 LTEC 4550 Aaron Whitaker.
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
Securing A Wireless Home Network. Simple home wired LAN.
Chapter 1-4 Home Networking. Introduction Setting up a home network is probably one of the first networks that the student sets up. This is an exciting.
There is a lot to talk about if we think of the advantages of a wireless connection, the most important of its aspects is mobility and everything that.
© 2003, Cisco Systems, Inc. All rights reserved. 2-1 Campus Network Design.
TSS 3293 W IRELESS N ETWORK SECURITY AIMAN ALIF BIN SUPIAN TSK WIRELESS GATEWAY.
Siti Kholijah Binti Hashim TSI/2013. FREQUENCY 2.452GHz GHz SECURITY WEP, WPA, WPA2 STANDARD IEEE802.16e-2005 Wave 2 (WiMAX) TRANSMIT POWER.
 Two wireless gateways for home use that I choose are : - Linksys Wireless-G ADSL Home Gateway WAG354G - WAG160N Wireless-N ADSL2+ Gateway  The wireless.
Virtual Private Network Technology Nikki London COSC 352 March 2, 2010.
Wireless Access Point Product Overview
Wireless Access Point Product Overview
Deploying the world’s largest campus IEEE b network
Presentation transcript:

wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca www.wireless.ubc.ca October 3rd 2003 Copyright 2003 UBC Copyright 2003 UBC

University of BC (UBC) A Research 1 university Public (and research) funded Motivation: Estrategy and UNP $30.6 M CDN wired project of which 10% was allocated to a specific wireless budget and project. High level support and buy in. Copyright 2003 UBC

The Largest Wi-Fi Campus network in the world…. 5 million square feet of coverage 150+ buildings Over 1000 users (daily) Campus-wide coverage 1300 access points configured, installed and documented – up to 2000 possible. Now adding residential areas. Cited as the #1 item that stands out for new students. Copyright 2003 UBC

Copyright 2003 UBC

Prime Directives Meeting UBC’s mission: Research, Education and learning User centric & ease of use. Estrategy self service tools. Faculty, Student, Staff and guests/affiliate with sponsor Zero cost goal University funded Cost to user (dollars, time, grief etc). Built on standards and modular Copyright 2003 UBC

Biggest Issues Microsoft keeps shipping insecure default configurations Deploying & supporting Antivirus Deploying & supporting Personal firewall Aggregating intrusion alerts Copyright 2003 UBC

Survey of EDU environment Secure and proprietary wireless EDU networks weren’t being used – denial of service? Cost of ownership can be difficult if not standards-based. Users come back from conferences or setup wireless at home and say, “it works there, why not here?” Users don’t care about security Copyright 2003 UBC

Technology 802.11b 11 Mbps everywhere 802.11g 54 Mbps as early as fall ‘03 802.11a 54 Mbps likely not campus wide, deployment on hold. Enterprise class equipment: Wireless access points: Cisco AP1200 and some AP1100 Powered Switched: Cisco 3550PWR Core/Carrier class: Cisco 4507R Colubris Wireless Gateway: CN3500 Nortel Contivity VPN Servers: 2700/1700 Copyright 2003 UBC

Conceptual Network Diagram Copyright 2003 UBC

Balancing usability with security Basic Access – Secure Web Login Only restricting (filtering) extremely flawed traffic (Microsoft Networking) Optional virtual private networking VPN (PPTPv2 and IPSec) Promoting safe computing Usability is more important to users than security Copyright 2003 UBC

Key to success Ease of use Designing for “zero cost”. Low cost, standards-based network cards Handling security by heavy monitoring – access, time, traffic Automating abuse detection tools Advanced management tools – users don’t complain! Bad users are a small minority - let’s not punish good users because of the few bad users Copyright 2003 UBC

Triangulation to detect problems Copyright 2003 UBC

VPN – Virtual Private Network VPN no longer optional for Exchange, Microsoft File and Print etc. General service, free to faculty, staff and students. Works common campus single ID and password Supports both VPN standards (PPTP and IPsec) Copyright 2003 UBC

WPA & IEEE 802.11i WPA - Providing authentication and encryption between client and AP Will always be challenges to security VPN is here to stay…. Copyright 2003 UBC

Questions? www.wireless.ubc.ca Jonn Martell, jonn.martell@ubc.ca 604-822-9449 Copyright 2003 UBC

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.