Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Journey into Wireless JD Chaves. 2 Introduction Wireless Wireless a. Types a. Types b. Which one to use b. Which one to use c. Security Types c. Security.

Published byJayde Marling Modified over 10 years ago

Similar presentations

Presentation on theme: "A Journey into Wireless JD Chaves. 2 Introduction Wireless Wireless a. Types a. Types b. Which one to use b. Which one to use c. Security Types c. Security."— Presentation transcript:

1 A Journey into Wireless JD Chaves

2 2 Introduction Wireless Wireless a. Types a. Types b. Which one to use b. Which one to use c. Security Types c. Security Types Shelby County Implementation Shelby County Implementation a. Our Current Implementation a. Our Current Implementation b. What Users Asked for b. What Users Asked for c. What Solutions we came up with c. What Solutions we came up with

3 3 802.11b 802.11b 802.11g 802.11g 802.11a 802.11a 802.11n 802.11n Types of Wireless

4 4 802.11b First form of WiFi intended for general consumers First form of WiFi intended for general consumers Operates in the 2.4GHz RF band Operates in the 2.4GHz RF band Transfers data at a rate of 11 megabits Transfers data at a rate of 11 megabits per second (Mbps)

5 5 802.11g WiFi 802.11g is a newer extension of the WiFi standard WiFi 802.11g is a newer extension of the WiFi standard Like the older 802.11b equipment, 802.11g equipment operates in the 2.4GHz band Like the older 802.11b equipment, 802.11g equipment operates in the 2.4GHz band Transfers data at a rate of 54 Mbps Transfers data at a rate of 54 Mbps Extreme G is different equipment. It achieves data transfer rates of 108 Mbps, equipment Extreme G is different equipment. It achieves data transfer rates of 108 Mbps, equipment from one manufacturer may be incompatible with similar equipment from a different manufacturer

6 6

7 7 802.11a Uses the less-crowded 5.0GHz RF band Uses the less-crowded 5.0GHz RF band Transfers data at 54 Mbps rates Transfers data at 54 Mbps rates Generally harder to find and may cost more Generally harder to find and may cost more

8 8 802.11n Expected release in 2008. Expected release in 2008. Transfer rates between 200 Mbps and 600 Transfer rates between 200 Mbps and 600Mbps. Transmission is in the 2.4GHz band Transmission is in the 2.4GHz band Uses "multiple in, multiple out" (MIMO) antennas to provide a higher throughput as well as extended range Uses "multiple in, multiple out" (MIMO) antennas to provide a higher throughput as well as extended range

9 9 Pre-n Some manufacturers, such as Belkin and Linksys, are currently selling equipment that they call "pre n" or "draft-n." Some manufacturers, such as Belkin and Linksys, are currently selling equipment that they call "pre n" or "draft-n." This equipment does not adhere to the not This equipment does not adhere to the not yet-finalized 802.11n standard Transfer rates are said to be at least twice as Transfer rates are said to be at least twice as fast as existing 802.11g products Eventual compatibility with true 802.11n products is not assured. Eventual compatibility with true 802.11n products is not assured.

10 10 So…..Which one is best? Older equipment is most likely 802.11b, which is compatible with newer 802.11g equipment. Older equipment is most likely 802.11b, which is compatible with newer 802.11g equipment. If you experience interference with other wireless devices, consider moving to 802.11a equipment. These products are just as fast as 802.11g products but operate in the 5.0GHz band for reduced interference, but usually harder to find. If you experience interference with other wireless devices, consider moving to 802.11a equipment. These products are just as fast as 802.11g products but operate in the 5.0GHz band for reduced interference, but usually harder to find. Once the 802.11n standard gets finalized, you'll definitely want to consider upgrading to this newer equipment. True 802.11n products should be at least four times as fast as current equipment and have a longer range. Once the 802.11n standard gets finalized, you'll definitely want to consider upgrading to this newer equipment. True 802.11n products should be at least four times as fast as current equipment and have a longer range.

11 11 Wireless Security Types WEP WEP Wi-Fi Protected Access (WPA) Wi-Fi Protected Access (WPA) and 802.11i (WPA2) Protected Extensible Authentication Protocol (PEAP) Protected Extensible Authentication Protocol (PEAP) Remote Authentication Dial In User Service (RADIUS) Remote Authentication Dial In User Service (RADIUS)

12 12 Wired Equivalent Privacy (WEP) 64 and 128 bit encryption with an 64 and 128 bit encryption with an IV (Initialization Vector) Uses 13 – 26 hexadecimal characters in a shared key system Uses 13 – 26 hexadecimal characters in a shared key system Uses Key + IV to encrypt each packet Uses Key + IV to encrypt each packet Weakness is that the IV is sent in Plain text and can be stolen and used to decrypt the WEP key. Weakness is that the IV is sent in Plain text and can be stolen and used to decrypt the WEP key. NIST.Org reports that WEP has been broken in under a minute, using a packet capture utility from the internet. NIST.Org reports that WEP has been broken in under a minute, using a packet capture utility from the internet.

13 13 WPA and WPA2 Everyone uses a Pre-Shared Key Everyone uses a Pre-Shared Key Improved over WEP by changing the key dynamically for each packet (Packet Mixing) Improved over WEP by changing the key dynamically for each packet (Packet Mixing) Also encrypts the IV, called Hashing, instead of Plain text like WEP Also encrypts the IV, called Hashing, instead of Plain text like WEP Common weakness: Short pass phrases can be broken with Dictionary attacks. Once the key is captured, the attacker can spend time off-line to break the key. Common weakness: Short pass phrases can be broken with Dictionary attacks. Once the key is captured, the attacker can spend time off-line to break the key.

14 14 RADIUS Uses a Username and password through a challenge/response method Uses a Username and password through a challenge/response method Uses Policies and restrictions based on user access needed. Uses Policies and restrictions based on user access needed. Further Protection: Further Protection: Protected Extensible Authentication Protocol (PEAP) uses only server-side public key certificates to authenticate clients by creating an encrypted SSL/TLS tunnel between the client and the authentication server, which protects the ensuing exchange of authentication information from casual inspection.

15 15 Site survey at location of request for wireless Site survey at location of request for wireless Determine area of coverage using a test WAP Determine area of coverage using a test WAP Determine equipment needed (WAP, cat5 cable, surge protection, etc.) for coverage area Determine equipment needed (WAP, cat5 cable, surge protection, etc.) for coverage area Install WAP/s using pre-determined security standards (Authentication type, encryption, etc.) Install WAP/s using pre-determined security standards (Authentication type, encryption, etc.) How we provide Wireless services currently

16 16 What Users Asked for We need Wireless Access for our entire School. We need Wireless Access for our entire School. We dont have enough class rooms to allocate to another lab. We dont have enough class rooms to allocate to another lab. What if a Guest user wants access to the internet? What if a Guest user wants access to the internet?

17 17 We need Wireless Access for our entire School. Problems: Problems: a.) Administration of Multiple WAP/s b.) Security administration per laptop for connectivity c.) Lack of monitoring for rogue access d.) Guest access fairly complicated, and exposes security

18 18 We need Wireless Access for our entire School. Solution: Cisco Wireless Controller and Cisco WAP/s Solution: Cisco Wireless Controller and Cisco WAP/s a.) Central administration through web browser b.) Certificate authentication handled through group policy automatically c.) WAP/s monitor and report on rogue access points d.) Multiple policies for guest and employee access Cons: Cons: a.) Expensive b.) Can be complicated to setup, based on your configuration

19 19 We dont have enough class rooms to allocate to another lab. Problems: Problems: a.) Space issues in using another room b.) Wiring for network and electrical is time consuming and can be expensive c.) Wasted materials if the room ever changes from a lab back to a classroom

20 20 We dont have enough class rooms to allocate to another lab. Solution: Laptop carts Solution: Laptop carts a.) Provides 20-30 laptops wireless connectivity b.) Self contained and Mobile; Plug in Network cables and power c.) 1-2 WAPs depending on number of laptops. (Generally 15 per WAP)

21 21

22 22 What if a Guest user wants access to the internet. Problems: Problems: a.) Security problems in leaving open Wireless access, as well as liability issues. b.) Configuration issues with guest users laptops, as well as time consuming. c.) Administration nightmare monitoring these guest laptops. d.) Security risk in exposing your network infrastructure.

23 23 What if a Guest user wants access to the internet. Solution: Proxy device that allows for guest web access Solution: Proxy device that allows for guest web access a.) Devices give web access while keeping Internal network private. b.) Web site can give Acceptable Use policy as well as authentication if desired. c.) Some devices also allow for bandwidth throttling.

24 24 Features Provides instant guest access to the public network HNP Technology protects the host network from guests IP Plug and Play for configuration-free client operation No configuration required; GUESTGATE automatically detects the network settings Additional setup functions can be performed by IT administrator using Web- based user interface Client isolation through Layer 3 VLAN technology Bandwidth control (upstream and downstream) Password option for Internet access Packet filter for IP addresses, domains and TCP/IP service ports Customizable welcome page (banner and text changeable) Firmware upgrade through Web-based user interface Plug and Play experience for your guests

25 25

26 26 Questions / Comments

27 27 Acknowledgements Thanks to the following Folks: Shawn Nutting and the Trussville City Schools crew Greg Knight, UAB Hospital Feel free to download a copy of this presentation from the following link: http://www.shelbyed.k12.al.us/tech/aetc.htm

Download ppt "A Journey into Wireless JD Chaves. 2 Introduction Wireless Wireless a. Types a. Types b. Which one to use b. Which one to use c. Security Types c. Security."

Similar presentations

INTRODUCTION TO Wi-Fi TECHNOLOGY.

INTRODUCTION TO Wi-Fi TECHNOLOGY.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
Computer Concepts – Illustrated 8th edition

Computer Concepts – Illustrated 8th edition
Introduction to the WatchGuard AP Device

Introduction to the WatchGuard AP Device
1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.

1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.
Security+ All-In-One Edition Chapter 10 – Wireless Security

Security+ All-In-One Edition Chapter 10 – Wireless Security
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Alarm transmission over IP networks

Alarm transmission over IP networks
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Network Security.

Network Security.
AARP Tax-Aide Sonoma/Napa District Bill Dornbush, TC Guide to Printer Sharing.

AARP Tax-Aide Sonoma/Napa District Bill Dornbush, TC Guide to Printer Sharing.
Faculty of Computer Science & Engineering

Faculty of Computer Science & Engineering
300Mbps n Wireless Micro-size USB Adapter

300Mbps n Wireless Micro-size USB Adapter
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
What’s New in Fireware XTM v11.9.1

What’s New in Fireware XTM v11.9.1
SMC2804WBRP-G Barricade™ g 2.4GHz 54Mbps Wireless Cable/DSL Broadband Router with USB Print Server SMC2804WBRP-G www.smc.com.

SMC2804WBRP-G Barricade™ g 2.4GHz 54Mbps Wireless Cable/DSL Broadband Router with USB Print Server SMC2804WBRP-G
31242/32549 Advanced Internet Programming Advanced Java Programming

31242/32549 Advanced Internet Programming Advanced Java Programming
CY-SWR1100 Dual Band Wireless N Router

CY-SWR1100 Dual Band Wireless N Router
Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.

Attacks and defense strategies in a wireless local area network Course: CSCI5235 Instructor: Dr. Andrew T. Yang Student: Fan Yang.

Similar presentations

Ads by Google