1SYMBOL CORPORATE PRESENTATION Wireless IPS 2.0 Comprehensive Protection for WLAN Networks.

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.
Network Systems Sales LLC
IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.
RiT PatchView Solution
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
Guide to Network Defense and Countermeasures Second Edition
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Network Instruments Troubleshooting Techniques. What to look for in network monitoring solutions… Key Elements Real Time Statistics Visual Network Traffic.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Network Security for the Distributed Enterprise January 2011.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.
Secure Computing Network
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
AirDefense Enterprise 7.0 What is New Future Proof Wireless Security Platform based on Collaborative Intelligence December 12, 2005.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Norman SecureSurf Protect your users when surfing the Internet.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Hosted by IDS for WLANs The Mansfield Group, LLC Security for Enterprise Networks Wireless LAN Security Workshop Wash DC Honolulu.
Lessons Learned in Smart Grid Cyber Security
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Common Devices Used In Computer Networks
AirDefense’s Role in Wireless Security
Enhancing the Security of Corporate Wi-Fi Networks using DAIR PRESENTED BY SRAVANI KAMBAM 1.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
The Infrastructure Optimization Journey Kamel Abu Ayash Microsoft Corporation.
The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.
Wireless Intrusion Prevention System
Lecture 24 Wireless Network Security
IT Priorities Minimize CAPEX Maximize employee productivity Grow the business Add new compute resources real- time to support growth Meet compliance requirements.
1 Company Confidential Fluke Networks OptiView Wireless Network Analyzer Bringing the power of OptiView to Wireless LANS.
Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
IS3220 Information Technology Infrastructure Security
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Simple, End-to-End Performance Management Application Performance.
Model: DS-600 5x 10/100/1000Mbps Ethernet Port Centralized WLAN management and Access Point Discovery Manages up to 50 APs with access setting control.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Component 8/Unit 1bHealth IT Workforce Curriculum Version 1.0 Fall Installation and Maintenance of Health IT Systems Unit 1b Elements of a Typical.
SatCom Management Challenges
Barracuda Web Security Flex
Cisco WLAN Overview and Vision
IS4680 Security Auditing for Compliance
K!M SAA LOGICAL SECURITY Strong Adaptive Authentication
LM 5. Wireless Network Security
Presentation transcript:

1SYMBOL CORPORATE PRESENTATION Wireless IPS 2.0 Comprehensive Protection for WLAN Networks

2SYMBOL CORPORATE PRESENTATION Corporate Network Barcode Scanner Parking Lot BEACONS PROBES Accidental Association Malicious Association Intruder Confidential Data Soft AP Neighboring WLAN Rogue Devices signals bleed around physical walls and firewalls Threats from Wireless Devices Hardware AP Wireless Laptop Ad-Hoc Rogue Access Point Intruders or hackers can launch attacks (DoS, Identity Theft) Associations accidental, malicious; peer-to-peer/ad hoc. VPN & Authentication don’t help Bridging wireless laptops: opens back doors and exposes wired network Wireless Phishing: can hijack users at hotspots (AirSnarf, Hotspotter, Evil Twin)

3SYMBOL CORPORATE PRESENTATION Symbol Wireless IPS Solution Real-time Monitoring Multiple Correlation, Analysis & IDS Engines Integrated Reporting Centralized Server AP300 Sensor AP300 Wireless Stations Hacker Rogue Access Point Remote, Secure Browser AP300 Sensor Scanning a/b/g Selective Processing, Encryption Centralized Management Designed for Enterprise Scalability & Central Management AP300

4SYMBOL CORPORATE PRESENTATION Using AP300s as Sensors Symbol ships AP300 as a single SKU AP300 can be converted to a Sensor (and back to AP) Enterprise Class a/b/g hardware Sensors are independent of wireless switch Sensor firmware in flash Sensor is IP addressable – can be used across LAN 2-radio design allows for better scanning, or scan while terminate Coverage for multiple APs Monitors all devices in 40,000 – 60,000 square feet (~3700 – 5600 square meters) range Typically one deployed for every 4 AP’s AP300: a/b/g

5SYMBOL CORPORATE PRESENTATION Functionality Most comprehensive wireless intrusion prevention functionality Automated threat & rogue mitigation Centralized policy definition, monitoring & enforcement Industry regulation compliance monitoring Enterprise-ready solution Secure & hardened server Centrally-Managed Remote troubleshooting of WLANs Detailed reporting Rogue Management Advanced Detection Automated Defenses Forensic Analysis Forensic Analysis Anywhere Protection

6SYMBOL CORPORATE PRESENTATION Automated Defenses Automated, policy-based Active Defenses Wireless or wired-side mitigation 3 Total Wireless Intrusion Protection Threat-based Rogue Management Analyze real rogue threats (vs. long list of rogues) Pinpoint Rogue on my Network Locate, Terminate 1 Attack/ Threat Detection Most accurate & comprehensive detection Known & day zero attacks 2 5 Forensic Analysis Incident analysis What, when, how, who? Anywhere Protection Threats to mobile users Notify, enforce policy Enterprise Integration 4 Rogue Threat Management Advanced Detection Automated Defenses Forensic Analysis Anywhere Protection

7SYMBOL CORPORATE PRESENTATION Threat-based Rogue Management Detect Rogue Devices / Associations  Hardware APs, Soft APs  Wireless ready laptops  Specialty Devices (barcode scanners)  Ad-hoc networks  Accidental/ Malicious Associations 1 Calculate Threat Index  Threat-based Management  Partitioning of Friendly Neighboring Networks till they get malicious 2 Analyze Rogue Connections  In-depth analysis of the activity level of each rogue  How long it existed  Who was connected to the rogue  What and how much data transmitted 3 Locate Rogue Devices  Real-time accurate location tracking of all devices (release 2)  No client software required 4 Terminate Rogue Devices  Policy-based & manual termination  Via air – AirLockdown  Wired port suppression (release 2) 5 Highest Risk Innocent Neighbor AP Least Risk Connection to Neighbor AP Rogue AP in my building Connection to Rogue AP & transferring data Rogue AP on My Network

8SYMBOL CORPORATE PRESENTATION Accurate Detection of Threats & Attacks Correlation Across Sensors Stateful Analysis Statistical Base-lining and Aggregation Anomalous Behavior Protocol Abuse Signature Analysis Policy Manager Correlation Goal: Detect all known and day zero threat and attacks reliably Challenge: It is a race with hackers. New threats are evolving rapidly Simple threats & issues can be detected at the sensor ACCURATE ALARMS Threat Index Multiple Detection Technologies are required for accurate & comprehensive detection Many threats require correlation across sensors (certain identity theft) Day Zero attacks require anomalous behavior analysis Correlation across multiple detection engines reduces false positives Focus on threat index by location or sensor rather than individual alarms

9SYMBOL CORPORATE PRESENTATION Ensures Policy Compliance Adopt security policies and procedures to address the security weaknesses of the wireless environment DOD DHS SOX HIPAAGLBA FDIC OCC Symbol Enables Compliance with Monitor for Compliance  Compliance with Corporate, regulatory requirements?  Network performing correctly? Monitor for Compliance Enforce Turn off SSID broadcast Change channel of AP Terminate Enforce Define Policy  Security  Configuration; VLANs  Performance  Vendor / Channel Define Policy Closed Loop Compliance Monitor Enforce Define

10SYMBOL CORPORATE PRESENTATION Operational Support: Remote Troubleshooting In widely distributed wireless deployments, remote troubleshooting tools are critical to ensure administrators are able to diagnose and correct end-user issues centrally.  Ongoing collection of performance statistics  Device connection history  Built-in Channel reports for troubleshooting RF problems Historical Analysis  Real-time device analysis  Real-time device tracking  Real-time Layer 2 decoding  Full, remote frame capture Real-time Analysis Live Real-time Analysis Heavily Congested Channels Network Utilization

11SYMBOL CORPORATE PRESENTATION Self-Managing Platform  High Performance  Zero-Config Sensors  Secure Sensors  SSL/Digital Certificates  Hardened OS  WLAN Management  Device/Security/DB Mgmt  Tivoli, OpenView  Adjustable Views  Notify by Role, Location  Accurate Termination  Policy based Rules Easy to Deploy & Manage DEPLOYABLE MANAGEABLE

Wireless IPS 2.0 New Product Feature Set

13SYMBOL CORPORATE PRESENTATION Wireless IPS: New Features Enhanced GUI Location services Increased Visibility to Threats Improved Control and Response Increased Scalability and Depth of Forensic Analysis VISA CISP reporting

14SYMBOL CORPORATE PRESENTATION Multiple Dashboards based on administrative roles Domain-based partitioning to allow full or partial access New advanced filtering options Easy recreation of events for on-going customer support Enhanced GUI – An Intuitive Interface for Manageability Manager Dashboard Performance Dashboard Role-based Dashboards

15SYMBOL CORPORATE PRESENTATION Sensor-less Rogue Detection and Correlation Ability to detect rogue wireless devices in “No Wireless” environments through wired- side rogue discovery Correlated rogue detection with sensors and wired rogue discovery for optimized security at lowest cost Built-In Location Tracking Network Map providing full connectivity information at a glance Built-in RF triangulation based location tracking with advanced path loss algorithm Architected for the future: integrate other best-in-class location engines Network Mapping and Location Signal Triangulation Network Map Location Tracking

16SYMBOL CORPORATE PRESENTATION Tooled to Detect over 200 Events Enhanced event correlation and historical trending Adaptive learning based on statistical analysis of events over time Simultaneous adaptive scanning provides increased visibility across the wireless network Increased Visibility to Threats Rogue Device Analysis Key Security Metrics including overall threat level; Rogue threats; Intrusion threats; Policy Compliance; Threats to wireless stations and List of Alarms.

17SYMBOL CORPORATE PRESENTATION Enhanced Wireless or Wired-side termination methods – AirLockdown executed across multiple sensors – Wired port suppression Continuous scanning of network during AirLockdown process provides uninterrupted protection from attack Simultaneous termination of multiple rogues Full auditability of the termination action Flexible notification options Enhanced Control and Response Threat Mitigation is automated, simple and policy-driven

18SYMBOL CORPORATE PRESENTATION Increased Scalability for Enterprise Deployments 100,000 concurret wireless devices 300 sensors/servers Low wide area network bandwidth utilization (3-5Kbps) RF Review with Forensic Analysis More data collected and stored over a long period of time Adaptive learning system – even fewer false positives Ability to easily replay events Increased System Scalability and Depth of Forensic Analysis

19SYMBOL CORPORATE PRESENTATION Expanded Compliance and Management Reporting Compliance reports include GLBA, HIPAA, DoD, Sarbanes Oxley, Visa-CISP, PCI Vulnerability Assessment Platform Management and Reporting Secure and Simplified Platform Management ‘Secure Platform’ available for selected hardware appliance Continued self-health monitoring for system integrity Fail safe architecture Management Reporting

20SYMBOL CORPORATE PRESENTATION Service Features Purchasing annual support for Wireless IPS entitles customers to: 24 x 7 Ready-Access to Technical Resources Telephone and support Problem isolation, analysis and resolution of software operational issues Product Updates Major and Minor releases of software and documentation Access to MySymbolCare Service website for electronic distribution of support information including support management tools, product and technical literature, and more. NOTE: Wireless IPS Software Support does not include hardware repair or replacement coverage for the AP300 sensors. Any required hardware repair or replacement would be covered under the AP300

21SYMBOL CORPORATE PRESENTATION Wireless IPS Symbol Advantages Comprehensive security coverage of in-building, perimeter, and parking lots Utilizes “thin” sensor technology, AP300. Fast channel switching to avoid “RF blind-spots” Capture & Scanning simultaneously – (2 Radio Advantage) High Availability System: Server technology to recover from server and sensor network outages Real time vs. Off-line protocol analysis – essential for proper troubleshooting Easily Scalable to over 100,000 MU’s Accurate Reporting Correlation of attacks over multiple sensors to avoid False Positives Configurable alarm thresholds and alerts Scalability for distributed environments: Low WAN bandwidth usage with Split-Analysis in the sensor Low Cost of Maintenance Easy, centralized updates Low Cost of Installation Uniform ceiling infrastructure (same AP300 SKU) Added Flexibility Sensor can be converted to Access Port in case of AP failure

uestions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.