Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dave Packham OIT Architecture

Published byVanessa Francis Modified over 6 years ago

Similar presentations

Presentation on theme: "Dave Packham OIT Architecture"— Presentation transcript:

1 Dave Packham OIT Architecture Dave.packham@utah.edu
Campus Wireless Dave Packham OIT Architecture

2 Agenda IV. Wireless 101 - Dave Packham (45 minutes)
a. Overview of Wireless Technology (3500 foot level) b. U of U Wireless Direction, Standards i. ITC -> Wireless Committee ii. White Paper: 802.1x, WPA iii. Wireless Requirements for Task Force funding c. Campus Today, Future i. Friday meetings, wireless list ii. Map of current zones iii. Planned future zones iv. Support via the Campus Help Desk v. WAP registration

3 Credits and Noteworthy Contributors
Joe Breen and CHPC. For the wonderful lab facilities and dealing with us every Friday. Chris Hessing and Terry Simons and the Library folk. For designing and pushing x and security in the wireless arena, willing to test out live networks for us to watch (Library 802.1x) Panko’s Business Data Networks and Telecommunications, 5th edition Copyright 2005 Prentice-Hall 5G Wireless for the campus wide coverage maps Cisco for some great slides on wireless antennas and spectrum Wayne Peay and the Wireless working group. That has facilitated us to unite and develop many new ideas. To work on campus wide deployment of COMMON authentication look and feel Steve Hess and OIT for the resources to deploy products like Perfigo campus wide.

4 Huge Number of 802.11-Enabled Devices and Growing
HP iPAQ PDA Cisco 7920 Epson Printer PDAs Printers Projectors Tablet PCs Barcode scanners Custom devices for vertical markets: Healthcare Manufacturing Retail Restaurants Sharp M25X Projector HHP Barcode Scanner Compaq Tablet PC 4

5 Market Realities 802.11b Dominates the installed base but not for sale much longer because of g 802.11g dominates sales today 802.11a is not thriving in the market 802.11n is under development 100 Mbps or more in the 5 GHz band Fast enough for video

6 Antennas Yaggi Dish Directional Unidirectional Hemispherical
Toroidal Active Antennas Energy beams Mass transfer conversion Transporters Anti matter nacelles and warp drive

7 Omnidirectional and Directional Antennas
Dish Antenna Concentrates incoming and outgoing signals in a narrow range ----- Must point at receiver Good for fixed subscribers Omnidirectional Antenna Signal spreads as a sphere Rapid signal attenuation ----- No need to point at receiver Good for mobile subscribers

8 Wireless Propagation Problems
2. Electromagnetic Interference (EMI) from Other stations, Microwave ovens, etc. 1. Attenuation: signal gets weaker with distance Blocking Object 3. Shadow Zone (Dead Spot) Direct Signal Laptop 4. Multipath Interference Reflected Signal Direct and reflected signals may cancel out

9 Radio Channels What are they? Why do the collide?
B/G Why are there only 3 distinct channels with 11 available? A Why are there 56 channels?

10 Wireless Technologies
WAN (Wide Area Network) MAN (Metropolitan Area Network) LAN (Local Area Network) PAN (Personal Area Network) PAN LAN MAN WAN Standards Bluetooth 802.11 GSM, CDMA, Satellite Speed < 1 Mbps 11 to 54 Mbps Mbps 10 Kbps–2 Mbps Range Short Medium Medium-Long Long Applications Peer-to-Peer Device-to-Device Enterprise Networks Last Mile Access Mobile Data Devices

11 802.11 Wireless LAN Standards (Table)
802.11g 802.11g if g access point serves an 802.11b station 802.11a, operating at a higher frequency, has more attenuation Than b Rated Speed 11 Mbps 54 Mbps 54 Mbps Not Specified Actual Throughput, 3 m 6 Mbps 25 Mbps 25 Mbps 12 Mbps Actual Throughput, 30 m 6 Mbps 12 Mbps 20 Mbps 11 Mbps

12 802.11 Wireless LAN Standards (Table)
802.11g 802.11g if g access point serves an 802.11b station Unlicensed Band 2.4 GHz 5 GHz 2.4 GHz 2.4 GHz Number of Non- Overlapping Channels 3 8 to 14 In future, 19 to 24 3 3 2.4 GHz non-overlapping channels are 1, 6, and 11

13 Using Different Channels in Nearby Access Points
Point A Channel 1 Access Point B Channel 6 Access Point C Channel 6 OK Interference OK Interference OK Interference OK Access Point D Channel 6 Access Point E Channel 6 Access Point F Channel 11

14 Radio spectrum types Frequency hopping Spread spectrum

15 Normal Radio Transmission and Spread Spectrum Transmission
Why Spread Spectrum Transmission? Commercial spread spectrum transmission reduces certain propagation effects (multipath interference and narrowband EMI); These typically occur over a narrow range of frequencies With spread spectrum transmission, most of the signal will get through Does not provide security as in military spread spectrum systems (common misconception)

16 Frequency Hopping Frequency Time 2.483 GHz 9 8 7 6 5 4 3 2 1 2.400 GHz
79 Channels, 1 MHz Each Changes frequency (Hops) at least every 0.4 seconds Synchronized hopping required

17 Spread Spectrum Transmission Methods, Continued
Wideband but Low-Intensity Signal Direct Sequence Spread Spectrum (DSSS) Signal is spread over the entire bandwidth of the wideband channel The power per hertz at any frequency is very low Interference will harm some of the signal, but most of the signal will still get through and will be readable Used in b (11 Mbps)

18 IEEE 802.11b Direct Sequence @ 2.4 GHz
Channels 1 2 3 4 5 6 7 8 9 10 11 12 13 14 2.402 GHz 2.483 GHz Up to (14) 22 MHz wide channels 3 non-overlapping channels (1, 6,11 in US and 1,7,13 in Europe) Up to 11 Mbps data rate 3 Access Points can occupy the same space for a total of 33 Mbps aggregate throughput, but not on same radio card

19 Frequency Hopping vs. Direct Sequence: A Summary on Interference Handling
1 2 3 Channel 1 GHz GHz Frequency Channel 2 Frequency Interference Channel 3 2.4 GHz 2.4 GHz Time FH system hops around interference Data may be decoded from redundant bits Can move to an alternate channel to avoid interference

20 Wireless Security How? What? Where? When?

21 Overview of Wireless Security Technologies
No Security by Default In older products, the installation default was to have no security at all No Security No Security

22 WarChalking, WarDriving….
Automated Drive-By Hacking Can read traffic from outside the building walls Can also send malicious traffic into the network

23 Standard WEP Wired Equivalent Privacy (WEP) Initial flawed security method developed by the Working Group for devices All stations share the same encryption key with the access point This key is rarely changed because of the difficulty of coordinating the many users sharing it This is a shared static key

24 Standard WEP Wired Equivalent Privacy (WEP) Shared static keys means that a large volume of traffic is encrypted with the same key With so much traffic generated with one unchanging key, cryptanalysts can crack the key by collecting data for a few days Once the key is cracked, the attacker can read all messages and send attack messages into the network without going through a firewall filter

25 Standard WEP Wired Equivalent Privacy (WEP) Software that automates the hacking process is widely available Locate vulnerable access points by driving around (war driving) Collect traffic and crack the key

26 VPN’s Virtual Private Network (VPN) VPNs protect transmission over the untrusted Internet (Chapter 1) VPNs can also be used to protect transmission over the untrusted WLAN Effective but complex and therefore expensive to set up

27 802.11i Later, 802.11 Working Group introduced strong security
802.11i Security Later, Working Group introduced strong security 802.11i 802.11i specifies the Temporal Key Integrity Protocol (TKIP) Each station gets a separate key for confidentiality This key is changed frequently

28 801.11i 802.11i Specifies the Extensible Authentication Protocol (EAP)
802.11i Security 802.11i Specifies the Extensible Authentication Protocol (EAP) Authentication involves a device proving its identity to another device Authenticate with an authentication server (Figure 5-17)

29 Authentication Protocol (EAP)
2. Notebook Access Point A EAP Data Switch 3. EAP Data Authentication is stored on an authentication server, not in access points This simplifies access points, making them cheaper Central authentication data is easier to manage and change Client PC Authentication Server Large Wired Ethernet LAN

30 Authentication Protocol (EAP)
4. Notebook Access Point A Switch OK Accept OK If an OK is sent back, the access point may accept an association request from the client If a bad report is sent back, the access point may decline an association request from the client 4. Client PC Authentication Server Large Wired Ethernet LAN

31

32 802.11 continued Products started becoming available soon?
802.11i Security Products started becoming available soon? Wireless Protected Access (WPA) Stopgap security method introduced before full i security could be developed Introduced some parts of i in 2002 and 2003 It was often possible to upgrade older WEP products to WPA

33 Stronger Security The Transition to Strong Security We will soon have a mix of no security, WEP, i, WPA, and other security protocols Only as strong as the weakest link Legacy equipment that cannot be upgraded to i will have to be discarded (802.11i is sometimes called WPA2)

34 Security? Rogue Access Points Unauthorized access points set up by department or individual Often have very poor security, leaving a big opening for hackers Often operate at high power, attracting many clients to these access points with weak security

35 BlueTooth? Where did this come from? Why is it here?

36 BlueTooth Replace wired connections
Wireless standard for personal area networks (PANs) Replace wired connections A few devices that a person carries A few devices on a user’s desktop

37 802.11 vs BlueTooth 802.11 Bluetooth Focus Local Area Network (LAN)
Personal Area Network (PAN) Rated Speed (Actual Throughput Will Be Lower) 11 Mbps to 54 Mbps in both directions 722 kbps with back channel of 56 kbps. May increase. Distance 30 to 100 meters 10 meters Number of Devices Limited in practice only by bandwidth and traffic 10 piconets (PANs), each with up to 8 devices

38 802.11 vs BlueTooth 802.11 Bluetooth Scalability Good because
allows multiple access points Poor Cost Higher Lower Battery Drain Higher Lower Application Profiles No Yes

39 Should I BlueTooth? Bluetooth Application Profiles Devices with compatible application profiles (a printer and PC, for instance) can work together automatically Extremely useful; nothing like it in However, few application profiles have been designed Also, most Bluetooth devices only implement a few application profiles

40

41 Whats up Next? Here comes the solution to everything……

42 Emerging WLAN Technologies
Fourth-Generation (4G) Stations Stations that can support multiple radio methods 802.11a, b, and g Bluetooth 3G cellular Etc. Choose the best mode for a situation E.g., g when in reach of WLAN (fast & cheap) Expensive 3G when nothing else is available

43 Mesh Networks Move frames to desired receiver peer-to-peer (P2P)
Access points and wireless NICs self-organize Move frames to desired receiver peer-to-peer (P2P) Adjust signal power, etc. when an element fails or is turned off

44 Expensive Directly-Manageable
The “Wireless Switch” Expensive Directly-Manageable Smart Access Point Ethernet Switch Dumb Access Point WLAN switch has the management intelligence for multiple inexpensive dumb access points Management Console WLAN Switch Dumb Access Point

45 Wireless on Campus What Where When Why

46 Friday meeting @ CHPC Every Friday at 10 am CHPC lab/conf room
Talk about hardware Talk about software Put together proposals for ITAC and Wireless working groups Design and workout kinks in wireless networks on campus Continue Radius mesh design and integration Join the wireless groups mailing list for see news on this.

47 Campus WIDE Wireless Coverage

48 Student Task Force Wireless Requirements
Campus Wireless rollouts may be Task Force funded Requirements are Adhere to the Wireless Whitepaper policy Agree to adopt to changing wireless environments Provide “secure.utah.edu” for clients with an x supplicant Provide “insecure.utah.edu for device that don’t support 802.1x Request approved AP and wireless hardware Provide these wireless services to every student

49

50 Wireless Links

51 ALL Wireless Problems Solved
Everyone's problems are solved Nothing more can ever happen I'm just done talking now….. 

Download ppt "Dave Packham OIT Architecture"

Similar presentations

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Wireless LAN’s Brent Leopold Geoff Guist. History of WLAN’s Have been around for almost 40 years First WLAN came together in 1971 Project called ALOHNET.

Wireless LAN’s Brent Leopold Geoff Guist. History of WLAN’s Have been around for almost 40 years First WLAN came together in 1971 Project called ALOHNET.
Conducted and Wireless Media (Part II) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 7, Tuesday 2/21/2007)

Conducted and Wireless Media (Part II) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 7, Tuesday 2/21/2007)
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 5 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 5 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,
Communications & Networks

Communications & Networks
IT in Business Enterprise and Personal Communications Networks Lecture – 07.

IT in Business Enterprise and Personal Communications Networks Lecture – 07.
Wireless Networking and Security

Wireless Networking and Security
Switched and Wireless LANs. 2 Shared media LANs u Limits to Shared Media LANs –FDDI, 100Base-X, 100VG-AnyLAN all shared media LANs v Only one station.

Switched and Wireless LANs. 2 Shared media LANs u Limits to Shared Media LANs –FDDI, 100Base-X, 100VG-AnyLAN all shared media LANs v Only one station.
1 Chapter Overview Wireless Technologies Wireless Security.

1 Chapter Overview Wireless Technologies Wireless Security.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 50 – The Wireless LAN.

Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 50 – The Wireless LAN.
Wireless Networking.

Wireless Networking.
 Midterm 30%  Final 40%  LAB 15%  Assignment 15%  Text Book – Designing and Deploying 802.11n Wireless Networks  Jim Geier (ciscopress)

 Midterm 30%  Final 40%  LAB 15%  Assignment 15%  Text Book – Designing and Deploying n Wireless Networks  Jim Geier (ciscopress)
Version 1.1 2006Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.

Version Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.
Wireless communications Prof. Sheldon Lou College of Business Administration CSU San Marcos.

Wireless communications Prof. Sheldon Lou College of Business Administration CSU San Marcos.
1 Figure 2-11: 802.11 Wireless LAN (WLAN) Security 802.11 Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.

1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.

Similar presentations

Ads by Google