Presentation is loading. Please wait.

Presentation is loading. Please wait.

COPYRIGHT © 2003 – 2004 AIRDEFENSE, INC. ALL RIGHTS RESERVED. Put Wireless LAN Security Monitoring in your budget. - Gartner AirDefense Market Leader in.

Published byTheodore Stone Modified over 9 years ago

Similar presentations

Presentation on theme: "COPYRIGHT © 2003 – 2004 AIRDEFENSE, INC. ALL RIGHTS RESERVED. Put Wireless LAN Security Monitoring in your budget. - Gartner AirDefense Market Leader in."— Presentation transcript:

1 COPYRIGHT © 2003 – 2004 AIRDEFENSE, INC. ALL RIGHTS RESERVED. Put Wireless LAN Security Monitoring in your budget. - Gartner AirDefense Market Leader in Enabling Risk-Free Wireless LANs Wireless Monitoring & Intrusion Protection www.airdefense.net

2 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. About AirDefense BENEFITS  Enterprise Class Distributed Monitoring Architecture – 13 Patents Pending  Wireless Intrusion Detection & Protection System with Multiple Correlation & Analysis Engines  Control over air space  Auto-Discovery of all Wireless Assets & Threats  Risk-free Wireless Deployments WHAT WE DOOUR TECHNOLOGY  250+ Govt. Organizations & Blue-Chip Enterprises (over 80% market share)  Proven solution monitoring:  Tens of thousands of Access Points  Hundreds of thousands of Devices CUSTOMER PROFILE  Proactive 24 x 7 Monitoring of Enterprise Airwaves against Rogues, Intruders, Hackers, Interference & Network Abuses  Ensures Regulatory & Enterprise Policy Compliances  Any Vendor, Any Protocol, Any Device

3 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Wireless LAN Risks: Hype or Reality

4 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Understanding SSID & Mac Address  SSID helps stations find APs around - 32 byte unique Service Set Identifier of AP - Like your company name on the building - Sent when AP receives a probe request from station - Can be seen in the air SSID  To deliver traffic, a unique Identifier must be available for each device – Media Access Control (MAC) Address  Example: 00-04-5a-03-3c-0f VendorOUI Cisco (Aironet)00-04-96 Agere (Orinoco)00-02-2D Nokia00-e0-03 Linksys00-04-5a OUI (Organizationally Unique Identifier, first 3 characters) Serial Number  Mac Address

5 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Understanding Probes & Beacons PROBES:  A Station sends a probe request frame when it needs to obtain information from another station. (For example, a station would send a probe request to determine which access points are within range.) Probes User Station BEACONS:  The Access point (AP ) periodically sends a beacon frame to announce its presence and relay information, such as timestamp, SSID, and other parameters regarding the access point Access Point Beacons

6 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Problem: Uncontrolled Medium Wireless LAN is extension of Wired LAN e ak tr 2 The walls of the facility provide a solid line of defense against intruders Intruder RF in the AIR is uncontrolled… The walls of the facility provide a solid line of defense against intruders  With a single access point, walls come tumbling down  Ethernet now extends to the parking lot! AIR Vs. Intruder Server Computer

7 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Self-Deploying & Transient Networks PARKING LOT CONFERENCE ROOM SHIPPING DEPARTMENT CORPORATE NETWORK NEIGHBOR A PROBES 1. User Station transmits PROBES 2. APs transmit BEACONS 3. User Station connects to BEST ACCESS POINT We Don’t Control who we connect to… Accidental Association Malicious Association Ad Hoc Network

8 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Increasing Sophistication of Attacks Low High 1980 2005 Attack Sophistication Knowledge Required by Intruder WiGLE.net New & Easier Attack Tools Easier to Attack: Growing Security Threats New & Easier Tools make it very easy to attack the Network

9 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. WLAN – Real World Risks 46 % Of Companies Have Been Victim Of A Security Breach - PwC 61% Of Attacks Were From Hackers 10% Of Attacks Were From Former Employees/ Contractors 83% Of Companies Reported A Monetary Loss Downtime Averaged 1.33 Days Per Employee WLAN Facts: Top 8 Companies That Found A Rogue Device 90% Found Devices With No Security 80% $416K Average Cost Of Loss Per Attack (UK Study) $220K 2M/Qtr Current Growth of Stations 10M/Qtr Average Cost Of Loss Per Attack (US Study) Current Growth Of Access Points 60% 100 Companies That Have Deployed Insecure WLANs Avg. # Of Serious Attacks Per Month

10 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Best Practices for Wireless LAN Security & Monitoring

11 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Layered Approach to Security Control the Uncontrollable

12 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Gartner on WLAN Security Risks 3 “Must Have” WLAN Security  Install a centrally managed personal firewall on laptops that are issued wireless NICs  Perform wireless intrusion detection to discover rogue access points, foreign devices connecting to corporate access points and accidental associations to nearby access points in use by other companies.  Turn on some form of encryption and authentication for supported WLAN use. July 31, 2003 3 “Must Have” WLAN Security  Install a centrally managed personal firewall on laptops that are issued wireless NICs  Perform wireless intrusion detection to discover rogue access points, foreign devices connecting to corporate access points and accidental associations to nearby access points in use by other companies.  Turn on some form of encryption and authentication for supported WLAN use. July 31, 2003

13 © Giga Research, a wholly owned subsidiary of Forrester Research, Inc. Best Practices for Securing Enterprise WLANs Monitor & Root out Rogue WLANs WLAN POLICY Use Strong Encryption & Authentication & Authorization Monitor your Air Space Securing the perimeter  No WLANs  Sanctioned WLANs Lock down APs & User Stations

14 Copyright © 2003 AirDefense Proprietary and Confidential. 802.11 Security Standards WEP: Wired Equivalent Privacy, a wireless encryption standard, which was developed by the IEEE 802.11 standards committee. 802.1X: IEEE 802.1 standard for authentication, which supports multiple authentication modes, including RADIUS, that can be used in wireline and wireless networks. LEAP: Lightweight Extensible Authentication Protocol, which includes Cisco’s proprietary extensions to 802.1X to share authentication data between Cisco WLAN access points and the Cisco Secure Access Control Server. TKIP: Temporal Key Integrity Protocol, which was developed by the IEEE 802.11i standards committee as a WEP improvement. TTLS: Tunneled Transport Layered Security, which was developed by Funk Software and Certicom, now is an IETF draft standard. It is an alternative to PEAP. PEAP: Protected Extensible Authentication Protocol, which was developed by Microsoft, Cisco and RSA Security, is now an IETF draft standard. PEAP encrypts authentication data using a tunneling method. WPA: Wi-Fi Protected Access – Announced by the Wi-Fi Alliance to describe 802.1x with TKIP and MIC. Subset of the 802.11i security standard expected in Q4 ‘03 802.11i: IEEE standards group effort that involves fixing perceived weaknesses in 802.1X and WEP and creating an umbrella standard for 802.11 security

15 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. AirDefense Solution: Plug & Protect  Real-time Monitoring  Multiple Correlation, Analysis & IDS Engines  Integrated Reporting Appliance Smart Sensor Access Points Wireless Stations Hacker Rogue Access Point Remote Secure Browser Smart Sensor  Smart Sensors scanning 802.11 a/ b/ g  Selective processing, Encryption Centralized Management Designed for Enterprise Scalability & Central Management

16 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. AirDefense Functionality SECURITY  Rogue Detection, Analysis & Mitigation  Intrusion Detection System  Forensics & Incident Analysis Active Defenses 1 COMPLIANCE  Enterprise Policy Monitoring  Regulatory Compliance  DoD, HIPAA  SOX, FDIC, OCC, GLBA 2 TROUBLESHOOTING  Remote Troubleshooting  Availability  Network Usage & Performance 3

17 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. 26-STORY 20-STORY 11-STORY 3-STORY ATRIUM AIRPORT BRAZIL ARGENTINA IRELAND MEXICO JAPAN HONG KONG SOUTH AFRICA HEADQUARTERS, USA Centralized Management Console Experience: Fortune 500 Consumer Goods Company

18 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Customer Examples

19 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Southeastern Hospital - Background Main driver: point of care access to computerized care systems at the bedside: Recent contract with McKesson and Siemens for wireless application deployment Reduction of errors on medications and physician’s orders Reduction of paper in all medical records Improved care through access to information at point of diagnosis and treatment

20 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Southeastern Hospital - Background Physical plant was saturated with cable, no room for real growth Additional devices required additional equipment in the closets More personnel resources are needed to support additional lines Wireless access will speed up application deployment

21 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Southeastern Hospital Issues With Rogue Devices Columbus is saturated with wireless deployments Local universities are moving to wireless deployments in their classrooms All students are now outfitted with laptops with WLAN cards for their class work Two largest competitors share a property line with our campus Fear of unauthorized access and HIPAA’s implications Physicians and clinicians bringing in unauthorized devices with wireless access cards

22 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Southeastern Hospital Rogue Incident #1 – Physician Unauthorized Access / Use New PACS systems was installed in radiology Contract radiologist connected WLAN device to viewing station Was pulling images from other hospitals via this device to be manipulated by 3-D imaging system HIPAA concerns, ownership of data, patient confidentiality Solution – identified rogue device via air defense, removed device, contract was terminated

23 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Southeastern Hospital Rogue Incident #2 – Vendor With Hacking Software An unauthorized vendor came to sell to a department in hospital Obtained temporary access to WLAN from ED nodes for email and internet Intercepted emails from materials management staff in a matter of minutes Solution – identified rogue vendor as they passed through the hospital with AirDefense, had security meet them, and escorted off the building

24 Large Systems Integrator Case #1: Probing Vendor Vendor probing for WLAN within LM Aero controlled facility AirDefense alerted security officer via email. Security resolved situation before any damage was done.

25 Large Systems Integrator Case #2: Mis-configured WLAN Approved WLAN with several configurations out of security specs AirDefense alerted security and network services Security and network services resolved problem.

26 Large Systems Integrator Case #3: Default Configuration Approved AP accidentally reset to factory defaults during construction in area of building AirDefense alerted security of default configuration. Security was able to shut AP down before any intrusions.

27  As an educational institution we provide an open flexible network infrastructure  Many departments with network admins who want to install their own APs  Must maintain a standard configuration policy regardless of hardware used  Employees bringing in access points  Difficulty identifying WLAN performance issues A Large University Issues:

28  Communication to staff, faculty, students – difficult at best  Create policy not allowing WLAN outside of ITS control – not good, people usually want and push for what they can’t have  War-walking – time consuming, doesn’t monitor 24-7 A Large University How Can the Issues Be Addressed?

29  24/7 monitoring of airwaves  Security policy enforcement  A better view of our WLAN than EVER before  Time savings  Network management  Security  Product was purchased by security for security purposes – but the reality is that it’s been as much a WLAN performance & management tool A Large University 24 X 7 Monitoring with AirDefense

30 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Summary 1.WLAN risks made severe by:  We don’t control the medium  We don’t control who we connect to 2.Every organization has WLANs (rogue or sanctioned)  Check out wigle.net 3.Detect and root out rogue WLANs  NetStumbler > Kismet > 24 X 7 monitoring  Lock down laptops (Probing, ad hoc) 4.WLAN policy is critical (Deployed or prohibited)  Define > Monitor > Enforce 5.When deploying, use layered security approach  Encryption > Authentication > 24 X 7 RF Monitoring 6.Have Control over your Air Space  Assets > Relationships > Behavior

31 Copyright © 2002 – 2004 AirDefense Proprietary and Confidential. Contact us  Web: www.AirDefense.NETwww.AirDefense.NET  HQs Phone: 770-663-8115  More info or demo?  Darren Hamrick  Email: Dhamrick@AirDefense.netDhamrick@AirDefense.net  Phone: 404-786-1440

Download ppt "COPYRIGHT © 2003 – 2004 AIRDEFENSE, INC. ALL RIGHTS RESERVED. Put Wireless LAN Security Monitoring in your budget. - Gartner AirDefense Market Leader in."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.

MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
December 17, 2002 1 Wi-Fi Mark Faggiano GBA 576. December 17, 20022 Purpose of the Project  I hear Wi-Fi, WLAN, 802.11 everywhere  What does it all.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Virtual Private Network

Virtual Private Network

Similar presentations

Ads by Google