1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Securing A Wireless Home Network. Wireless Facts Range about feet from access point Security anyone can eavesdrop on an unsecured wireless network.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Security Awareness: Applying Practical Security in Your World
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Protected Extensible Authentication Protocol
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
Wi-Fi Structures.
Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Technologies Networking for Home and Small Businesses – Chapter 7.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Wireless Network Security Lab Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Romney Bake Brian Peterson Clay Stephens Michael Hatheway.
NetComm Wireless VPN Functionality Feature Spotlight.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to 802: Managing and Troubleshooting PCs Fourth Edition (Exam.
Course 201 – Administration, Content Inspection and SSL VPN
 2013, Infotecs ViPNet Technology Advantages.  2013, Infotecs GmbH In today’s market, along with the ViPNet technology, there are many other technologies.
Worldwide Product Marketing Group United States - Spain - UK - France - Germany - Singapore - Taipei Barricade™ VPN Broadband Routers (4 and 8 port)
Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.
The Right Choice for Call Recording OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Chapter 20: Getting from the Office to the Road: VPNs BAI617.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 6 – Configure Remote Access VPN.
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—-3-1 Wireless LANs Implementing a WLAN.
Module 11: Remote Access Fundamentals
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Secure Wireless Home Networks Area 2 SIR Presentation Nov. 18, 2004 Dean Steichen Br. 8.
1/28/2010 Network Plus Unit 4 WAP Configuration WAP Configuration In this section we will discuss basic Wireless Access configuration using a Linksys.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Generic Routing Encapsulation GRE  GRE is an OSI Layer 3 tunneling protocol: Encapsulates a wide variety of protocol packet types inside.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.
9: Troubleshooting Your Network
Citrix Secure Gateway v1.1 Customer Presentation Aug 2002 Customer Presentation Aug 2002.
Welcome to Early Bird Class
Securing A Wireless Home Network. Simple home wired LAN.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
Securing a Wireless Home Network BY: ARGA PRIBADI.
Brianne Stewart.   A wireless network is any computer network that is not connected with a cable  Many homes use this type of internet access  Less.
How To Set Up A Wireless Network. What is a wireless network  A wireless network is a computer network that allows computers and other electronic devices.
Networks and Security Great Demo
Instructor Materials Chapter 6 Building a Home Network
Wireless Technologies
Configuring and Troubleshooting Routing and Remote Access
Agenda Create certificates for the GlobalProtect Portal, internal gateway, and external gateway. Attach certificates to a SSL-TLS Service Profile. Configure.
Cengage Learning: Computer Networking from LANs to WANs
Presentation transcript:

1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec 08, 2005

222 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS What is Security in Computer Development Projects What are you protecting Why are you protecting it From whom are you protecting it How are you going to protect it What is the cost of protecting it

333 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Wired Access Topology V V Internet Access Device Local Area Network (LAN) Wide Area Network (WAN)

444 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Wireless Access Topology Internet Access Device Local Area Network (LAN) Wide Area Network (WAN)

555 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Wireless Access Topology Internet Access Device Local Area Network (LAN) Wide Area Network (WAN)

666 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Wireless Access Security Complication Physical Access to Local Area Network no longer exists – Anyone can intercept your conversations – Anyone can utilize your network resources

777 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Security Solution For Wireless Access Authentication Encryption

888 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Typical Solution for Wireless Access Internet 1) Where is Access Point “MyAP” 2) I am here. Prove you know my secret

999 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Typical Solution for Wireless Access Internet 3) Here is my proof 4) OK. Here are session keys

10 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS So Whats The Problem? Wireless Access is a huge Consumer Market People are beoming concerned with Wireless Security My GrandMother cant use it

11 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS What Can We Do To Help Make it easy for Grandma to set up Wireless Security

12 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 1. Configure Security Parameters Automatically Internet When Access Point is booted 1 st time: Configures Random Secure SSID Configures Random WPA Shared Secret Waits for Wireless Association on Secure SSID SSID: 55ID WPA-PSK:

13 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. How Can We Transfer Security Parameters Securely?

14 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One SSID: Well Known SSID Open Authentication 1) Where is my Access Point “Well Known SSID” 2) Here I am. Come on in

15 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One SSID: Well Known SSID Open Authentication 3) Give me Security Parameters 4) Here They Are

16 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One 1) Where is my Access Point 55ID” 2) I am here. Prove you know my secret SSID: 55ID WPA-PSK:

17 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One 3) Here is my proof 4) OK. Here are session keys SSID: 55ID WPA-PSK:

18 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One Attack SSID: Well Known SSID Open Authentication 1) Where is my Access Point “Well Known SSID” 2) Here I am. Come on in

19 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial One Attack SSID: Well Known SSID Open Authentication 3) Give me Security Parameters 4) Here they are

20 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial Two What Authentication is possible given constraints – something we know – something we have – something we are – something we do If we can’t be sure, at least be safe

21 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial Two SSID: Well Known SSID Open Authentication Where is my Access Point “Well Known SSID” Here I am. Come on in Where is my Access Point “Well Known SSID” Here I am. Come on in

22 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial Two SSID: Well Known SSID Open Authentication 1) Give Me Security Parameters Hang on a sec Give Me Security Parameters Unable to guarantee unique access Access to all denied

23 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Step 2. Trial 2 Attack Attacker just Associates and Listens

24 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Trial 3. Use Trial 2 Method for Authentication Use SSL for Encryption

25 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS So Whats The Problem with IPSec? Network Protection is a huge Consumer Market People are beoming concerned with Security and look to IPSec for help My GrandMother cant use it

26 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS Network Address Translation Internet Local Area Network (LAN) Wide Area Network (WAN)

27 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS The RoadWarrior IPSec Problem With common implementations the IP Address need to be known a priori or else a global shared secret is used for Authentication Mobility and NAT make it hard to predict the IP Address

28 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS RoadWarrior Solution 2. Client configured Web Install client software Configure address of Home Gateway 3. Client software connects Logs on to HTTPS Initiates the IPSec VPN 1. Gateway configured SSL Username, password 4. Gateway accepts Authenticates Client by password Figures out current Client IP Address Provisions IPSec for Client IP Address Joins Client to Protected Network using IPSec VPN Home Gateway Internet Protected Network IPSec VPN Tunnel HTTPS Road Warrior Client

29 Copyright © 2003, Cisco Systems, Inc. All rights reserved. EDCS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.