Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fine Tuned Machines Wireless & Network Security Integration Solution Overview Offense – FTM March 6 th, 2010.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Fine Tuned Machines Wireless & Network Security Integration Solution Overview Offense – FTM March 6 th, 2010."— Presentation transcript:

1 Fine Tuned Machines Wireless & Network Security Integration Solution Overview Offense – FTM March 6 th, 2010

2 Fine Tuned Machines Unified vs. Non-Unified WLAN Non - UnifiedUnified The paper claims that the Unified System will save costs, but this claim is unsubstantiated 03/06/2010MSIT 458 - FTM Group2

3 Fine Tuned Machines Total Cost of Ownership 3MSIT 458 - FTM Group To determine cost savings, a company must evaluate: Is there a savings in acquiring the new infrastructure? Will the savings be achieved in ongoing maintenance and upgrades? What is the ROI and Payback Period? Is the project in line with the company’s strategic priorities, for example, supporting a growing mobile population? How does a diverse workforce or global presence impact the decision? 03/06/2010

4 Fine Tuned Machines Total Cost of Ownership 4MSIT 458 - FTM Group Acquisition cost is a fraction of the total cost of ownership Initial acquisition cost of IT technologies usually represents only 20 percent of the TCO over a five- year period. The remaining 80 percent of the cost-the ongoing upgrades, maintenance, and support-are often overlooked during the initial phases of a new technology rollout. Both areas must be evaluated in the context of ROI before purchasing Unified Network Equipment 03/06/2010

5 Fine Tuned Machines TCO for Unified vs. Non Unified MSIT 458 - FTM Group503/06/2010

6 Fine Tuned Machines Cost Savings is Not Substantiated 6MSIT 458 - FTM Group Unified WLANs can save money in the following areas, not defined in the paper: Vendor Negotiations Vendor Management Reduced Training Costs Streamlined Reports Improved Security Lower Labor Costs Lower Infrastructure and Energy Costs Less Unplanned Downtime 03/06/2010

7 Fine Tuned Machines Secure Communications Cisco Article states: “…, a network-wide security solution that only addresses WLAN-related attacks is dangerously unbalanced.” 7MSIT 458 - FTM Group Yet… 03/06/2010

8 Fine Tuned Machines Secure Communications 8MSIT 458 - FTM Group No Recommended Cisco Feature ?!?!?!? 03/06/2010

9 Fine Tuned Machines Intrusion Detection The Cisco Security Agent (CSA): - uses “Signature-based anti-virus protection to identify and remove known malware 9MSIT 458 - FTM Group - The operative word here is “known” - What is “Zero Update Protection” - No mention of a Statistical -based detection method for DDoS type attacks. 03/06/2010

10 Fine Tuned Machines Intrusion Detection 10MSIT 458 - FTM Group03/06/2010

11 Fine Tuned Machines Security Policy Challenges Bad Passwords – Low complexity password policies can allow malicious users to guess passwords and gain access to network resources regardless of well-crafted policy. Central Authentication/Configuration – One must not only be concerned with user authentication, but also authenticated access point configuration and management. – Remove telnet access from devices and move to SSH or better remote access. – Use non-public version of SNMP for both read/write access. MSIT 458 - FTM Group1103/06/2010

12 Fine Tuned Machines Segmenting Networks Network Admission Controller Configuration – Implement NAC to establish baseline of secure access before wired/wireless nodes connects to network. – Does node have updated virus signatures? Doses this node show symptoms of an infection? – NAC can be single point of failure if authentication server is compromised. MSIT 458 - FTM Group1203/06/2010

13 Fine Tuned Machines Mobile Device Intrusion WLAN Access – Mobile devices frequently obtain access to business resources either to mitigate cellular data use or increased speeds on WLAN. – Due to proprietary OS phones may not be able to implement Cisco Security Agent on all network nodes. Flash-disk Access – Phones are frequently charged and synced via USB. – Can be used to bypass IDS, Firewalls, NAC, and CSA. Malicious Applications – Application marketplaces offer a possible vector for attack in the guise of legitimate software. MSIT 458 - FTM Group1303/06/2010

14 Fine Tuned Machines Why do I need Cisco Boxes? A slew of Cisco boxes are mentioned but their unique “functional purposes” in the overall enterprise security framework is not clear – More boxes: CSA, NAC, Firewall, IPS, MARS, etc. – What combination of devices is needed (bare essential)? – How can I avoid the dangers of overlaps vs. gaps (must haves)? MSIT 458 - FTM Group1403/06/2010

15 Fine Tuned Machines Enterprise WLAN Security: Defense-In-Depth “Defense-In-Depth” is mentioned but the article lacks explaining what that constitutes and more importantly, how their products map. “Defense-In-Depth” is a ring architecture which has multiple unique layers of security functions that in unity provide a robust solution. MSIT 458 - FTM Group1503/06/2010

16 Fine Tuned Machines Defense-In-Depth: what is missing? 1. Security Policy 2. Network Level Security 3. Host Level Security 4. Application Level Security 5. Logging and Auditing MSIT 458 - FTM Group1603/06/2010

17 Fine Tuned Machines Defense-In-Depth: what is missing cont. Weakest link in the chain – Host Level Security Access Point- SSIDs, encryption, MAC, IP – Application Level Security OS: hot fixes/patches/updates Applications: essential vs. non-essential Access: “least privilege principle” Protection: accounts, passwords, anti-virus, spyware, firewalls MSIT 458 - FTM Group1703/06/2010

18 Fine Tuned Machines Some Powerful Wireless Exploitation Tools According to “sectools.org” top 5 wireless cracking tools: Wardriving, warwalking, war-*, etc. Aircrack-ng – one of the fastest WEP/WPA crack tool available A) Computing resources B) KEY complexity C) Dictionary Youtube Demo MSIT 458 - FTM Group18 KismetNetStumblerAircrack-ngAirSnortKisMAC 03/06/2010

19 Fine Tuned Machines MSIT 458 - FTM Group1903/06/2010

Download ppt "Fine Tuned Machines Wireless & Network Security Integration Solution Overview Offense – FTM March 6 th, 2010."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Separate Domains of IT Infrastructure

Separate Domains of IT Infrastructure
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.

Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE Intercontinental Group 1.

FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE Intercontinental Group 1.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Similar presentations

Ads by Google