SECURE WIRELESS NETWORK IN IŞIK UNIVERSITY ŞİLE CAMPUS.

Slides:



Advertisements
Similar presentations
Security in Wireless Networks Juan Camilo Quintero D
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Security+ Guide to Network Security Fundamentals
Security+ Guide to Network Security Fundamentals, Third Edition
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
Security Awareness Chapter 5 Wireless Network Security.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Chapter Extension 8 Understanding and Setting up a SOHO Network © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
Securing a Wireless Network
Ch. 5 – Access Points. Overview Access Point Connection.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
ECE 578: COMPUTER NETWORK AND SECURITY
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
Mobile and Wireless Communication Security By Jason Gratto.
WIRELESS LAN SECURITY Using
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
Certified Wireless Network Administrator (CWNA) PW0-105 Chapter Network Security Architecture.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Basic Wireless Concepts & Configuration Chapter.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
WLAN Security Issues, technologies, and alternative solutions Hosam M. Badreldin Western Illinois University December 2011 Hosam Badreldin – Fall 2011.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
WEP Protocol Weaknesses and Vulnerabilities
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
David Abarca, Instructor Del Mar College Computer Corner Wireless Network Access Control.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Lecture 24 Wireless Network Security
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs
Networking Network Classification, by there: 3 Security And Communications software.
Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
Understand Wireless Security LESSON Security Fundamentals.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Instructor Materials Chapter 6 Building a Home Network
Wireless Technologies
SECURE WIRELESS NETWORK IN IŞIK UNIVERSITY ŞİLE CAMPUS
Security of a Local Area Network
Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs
Presentation transcript:

SECURE WIRELESS NETWORK IN IŞIK UNIVERSITY ŞİLE CAMPUS

Designed by VOLKAN MUHTAROĞLU Designed by VOLKAN MUHTAROĞLU

WLAN(Wirelass LAN) We introduced at 1986 for use in barcode scanning. We introduced at 1986 for use in barcode scanning. A properly selected and installed Wi-Fi or wireless fidelity. A properly selected and installed Wi-Fi or wireless fidelity a, b, g technologies, g is the latest technology. These are IEEE standard a, b, g technologies, g is the latest technology. These are IEEE standard.

GENERAL TOPOGOLY OF WLAN

THE PROJECT THE PROJECT  The problem is, how can three different users access over an access point to different type of data with securily in our campus.  As another word, if we choose there people such as; student, university staff and data processing center worker can access different type of data or they have different rights when access from the access point by securily.

THREE DIFFERENT USER 1) Student 2) University Staff 3) Data Processing Center Worker

COMPONENTS OF SECURE WIRELESS NETWORK I. Cisco Aironet 1100 Series Access Point II. Radius Server III. Two Switch(One of them is Managable Switch, the other one is Backbone Switch) IV. Vlan V. Cisco PIX Firewall VI. WEP & LEAP VII. Database Server VIII. Intranet Web Server

Cisco Aironet 1100 Series Access Point  It is a wireless LAN transceiver.  1100 series is cheaper than the others and its performances is really efficient.  It is also managable easily and common all over the world.

RADIUS SERVER  RADIUS is a distributed client/server system that secures networks against unauthorized access.  Use RADIUS in these network environments, which require access security  This server also called AAA Server which means Audit, Authentication and Accounting.  In my project Radius Server will provide Authentication and Mac filtering.

SWITCHES Managable Switch Managable Switch Backbone Switch Backbone Switch  I will use three different type IP. Student will take 10.0.x.x, University Staff will take x.x, Data Processing Center Worker will take x.x.

VLAN VLAN is a switched network that is logically segmented. VLAN is a switched network that is logically segmented. I will use Vlan for having different kind of rights of these there different type of users on WLAN. I will use Vlan for having different kind of rights of these there different type of users on WLAN.

CISCO PIX FIREWALL I chose it because I have it.

DATABASE AND INTRANET WEB SERVER Database Server : Only Data Processing Center Worker can access these server. Intranet Web Server : Only University Staff and Only Data Processing Center Worker can access these server.

HOW WILL DESIGN BE?  Firstly; how will student, university staff and data processing center worker be on the different Vlan, how can I give different rights them.  The second thing is how these people come to these Vlan.  The third thing which is most important how I can provide security.

SSID(Service Set Identifer) When connect to WLAN you will see the name of WLAN, which is SSID. When connect to WLAN you will see the name of WLAN, which is SSID.

FOR VLAN 1 If we define two different SSID, one of them broadcasting, the other one is secret. If we define two different SSID, one of them broadcasting, the other one is secret.  For instance; our broadcasting SSID is tsunami; our not broadcasting(secret) SSID is Private. If you connect WLAN with access point everybody sees automatically tsunami SSID. Also when you connect this, you will come to Vlan 1 and this Vlan provides to access only Internet.

AUTHENTICATION If you are not student; you write the not broadcasting SSID name for accessing, at that time you will see the Username-Password Window for having different kind of rights. If you are not student; you write the not broadcasting SSID name for accessing, at that time you will see the Username-Password Window for having different kind of rights. When you enter the username-password, the information come to Radius Server. When you enter the username-password, the information come to Radius Server. And now; EAP (Extensible Authentication Protocol) uses. And now; EAP (Extensible Authentication Protocol) uses.

AUTHENTICATION TOPOLOGY

WEP(Wired Equivalent Privacy ) i. WEP is an encryption algorithm used by the Shared Key authentication process for authenticating users and for encrypting data payloads over only the wireless segment of the LAN. ii. The secret key lengths are 40-bit or 104-bit yielding WEP key lengths of 64 bits and 128 bits. iii. WEP key is an alphanumeric character string used in two manners in a wireless LAN. iv. WEP key can be used : Verify the identity of an authenticating station. Verify the identity of an authenticating station. WEP keys can be used for data encryption. WEP keys can be used for data encryption.

CRITERIA The standard specifies the following criteria for security: Exportable Exportable Reasonably Strong Reasonably Strong Self-Synchronizing Self-Synchronizing Computationally Efficient Computationally Efficient Optional Optional WEP meets all these requirements. WEP supports the security goals of confidentiality, access control, and data integrity.

WEP KEY WEP key is an alphanumeric character string used in two manners in a wireless LAN. WEP key is an alphanumeric character string used in two manners in a wireless LAN. WEP key can be used : WEP key can be used : Verify the identity of an authenticating station. Verify the identity of an authenticating station. WEP keys can be used for data encryption. WEP keys can be used for data encryption.

WEP KEY TABLE

EAP(Extensible Authentication Protocol )  This authentication type provides the highest level of security for your wireless network.  Using the Extensible Authentication Protocol (EAP) to interact with an EAP-compatible RADIUS server.  This is type of dynamic WEP key.  There are five different type of EAP, I will use LEAP (Lightweight Extensible Authentication Protocol, designed by Cisco) which is the most secure.

LEAP TOPOLOGY

MAC(Media Access Control) ADDRESS FILTERING Server checks the address against a list of allowed MAC addresses. Server checks the address against a list of allowed MAC addresses. If your MAC address is University Staff’s MAC address, you wil come to Vlan 2 and you will have thoose rights, if your MAC address is data processing center worker’s address, you will come Vlan 3 also you will have those rights. If your MAC address is University Staff’s MAC address, you wil come to Vlan 2 and you will have thoose rights, if your MAC address is data processing center worker’s address, you will come Vlan 3 also you will have those rights.

MAC FILTERING TOPOLOGY

STUDENT TOPOLOGY-1

STUDENT TOPOLOGY-2

STUDENT GENERAL TOPOLOGY

UNIVERSITY STAFF TOPOLOGY-1

UNIVERSITY STAFF TOPOLOGY-2

UNIVERSITY STAFF TOPOLOGY-3

UNIVERSITY STAFF GENERAL TOPOLOGY

DATA PROCESSING CENTER WORKER TOPOLOGY-1

DATA PROCESSING CENTER WORKER TOPOLOGY-2

DATA PROCESSING CENTER WORKER GENERAL TOPOLOGY

SECURITY POLICY   The purpose of this policy is to provide guidance for the secure operation and implementation of wireless local area networks (WLANs).

AUTHENTICATION   University Staff and Data Processing Center Worker have to authenticate the system if they want to have different kind of rights.   For authentication, username and password authentication is used so users must use strong passwords (alphanumeric and special character string at least eight characters in length).   Shared secret (or shared key) authentication must be used to authenticate to the WLAN

ENCRYPTION & ACCESS CONTOL   Distinct WEP keys provide more security than default keys and reduce the risk of key compromise.  SSID  MAC(Media Access Control)

FIREWALL   Firewall provide security based on ports.

PHYSICAL AND LOGICAL SECURITY   Access point must be placed in secure areas, such as high on a wall, in a wiring closet, or in a locked enclosure to prevent unauthorized physical access and user manipulation.   Access point must have Intrusion Detection Systems (IDS) at designated areas on Campus property to detect unauthorized access or attack.

CONCLUSION With this design Student, University Staff and Data Processing Center Worker can access securily; wherever they want, don’t use extra devices or don’t make any adjusting.

QUESTION ? QUESTION ?

REFERENCES Cisco Press Wireless Network Site Surveying and Installation book. Cisco Press Wireless Network Site Surveying and Installation book. Cisco Securing Wireless Networks handbook. Cisco Securing Wireless Networks handbook. Cisco Aironet 1100 Series Access Point Quick Start Guide. Cisco Aironet 1100 Series Access Point Quick Start Guide. Certified Wireless Network AdministratorTM Official Study Guide. Certified Wireless Network AdministratorTM Official Study Guide. Wireless Network Solutions (Paul Williams) Wireless Network Solutions (Paul Williams) ogy_support_sub-protocol_home.html ogy_support_sub-protocol_home.html pport_protocol_home.html pport_protocol_home.html _gci843996,00.html 7_gci843996,00.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.