Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Fortifying Wireless Networks. 2 Server Users Traditional Wired Network Well-Defined Network Edge, Straightforward to Manage and Secure INTERNET SECURE.

Published byGiles Wright Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Fortifying Wireless Networks. 2 Server Users Traditional Wired Network Well-Defined Network Edge, Straightforward to Manage and Secure INTERNET SECURE."— Presentation transcript:

1 1 Fortifying Wireless Networks

2 2 Server Users Traditional Wired Network Well-Defined Network Edge, Straightforward to Manage and Secure INTERNET SECURE INTERNAL NETWORK

3 3 Users INTERNET Trouble Connecting to WLANs Hacker in Parking Lot Users Connecting to Neighboring Networks Rogue AP Network Edge Blurred, New Attack Vectors ‘Behind’ the Firewall Wireless Changes Everything Server

4 4 Electricity Grid in U.S. Penetrated By Spies Wall Street Journal Cover story: 08/04/2009 WASHINGTON -- Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. Article By SIOBHAN GORMAN Associated PressSIOBHAN GORMAN Technology is a Target

5 5 Wireless – a Critical part of the Network The Reliability Issue TECHNOLOGY PROBLEMS Connectivity can be Impacted by Many Outside Factors Much Wider Variety of Client Settings than Wired Networks Problems are Transient – Like the Devices RF is a New Technology for Some Network Engineers BUSINESS / ORGANIZATIONAL PROBLEMS Wireless is the #1 Culprit – Blamed for Everything Too Many Support Calls are Escalated to Wireless Networking Team Tools Unavailable at Remote Sites Where Issues are Present Site Visits are Very Expensive Connectivity Problems Roaming Issues Coverage & Capacity Noise & Interference

6 6 PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis Wireless Intrusion Prevention Solutions (WIPS)

7 7 Gartner Group – Wireless / WIPS requirements From: Gartner Group Marketscope for Wireless Intrusion Prevention Systems John Pescatore, John Girard July 2008 “What you Need Wireless networks remain a potentially significant vulnerability for enterprises, as a continuing stream of wireless LAN (WLAN)-based security incidents demonstrates. Because most enterprises support WLANs, enterprises must ensure that vulnerability management and intrusion prevention processes are extended o cover wireless and wired networks. WLAN security monitoring is required to ensure that support WLANs are kept secure and the users do not install their technologies where WLAN (or faster technologies, such as 802.11n) are not supported”

8 8 US DoD – Wireless / WIPS requirements Wireless Intrusion Detection Systems (WIDS) were then added as a DoD requirement US DoD Wireless Policy The Department of Defense (DoD) Directive Number 8100.2 was issued on April 14, 2004. The Directive covers the use of commercial wireless devices, services, and technologies in the DoD Global Information Grid (GIG). The Directive spells out policies for deploying secure wireless networks, and requires monitoring of those wireless networks for compliance. Additionally, the Directive states that wireless networks are banned from use in certain areas, and it covers policies for banned and authorized wireless networks. On June 2, 2006 the DoD issued a supplemental policy and guidance to 8100.2 with the objective of enhancing overall security guidance and to create a foundation and roadmap for increased interoperability that embraces open standards regarding Wireless LAN (WLAN) technologies. This policy applies directly to IEEE 802.11 based WLAN devices, systems and technologies and excludes cellular, Bluetooth, WiMax and proprietary RF communication standards.

9 9 Existing WLAN infrastructure as overlay Need to know Security policy is in effect -- Motorola, Cisco, Aruba, Trapeze… NEW - Highly cost effective On-board WLAN/WIPS Integration Access Point und Sensor Need to know Security policy is in effect No WLAN Policy Security policy is NO wireless But…how do they know? Issues: Printers, USB WLANs, “Dual Homed Clients” (Ethernet & WLAN),u.a. Environments needing WIPS

10 10 Typical WIPS solution Architecture HEADQUARTERS WIPS Appliance Sensor FIELD OFFICES Innovative Add-on Modules WEP Cloaking A Migration Step to Protect Legacy Encryption Protocols. Meet PCI Requirements While Upgrading to WPA Spectrum Analysis Detect & Classify Common Types of RF Interference Sources Including Microwaves, Bluetooth etc. LiveRF Real-time Assessment of Wireless Network Performance. Centrally Analyze & Troubleshoot Connectivity Issues Advanced Forensics Rewind & Review Detailed Wireless Activity Records for Forensic Investigations & Troubleshooting Advanced Trouble- shooting Provides Faster Resolution of Wireless-related Issues as Well as Proactive Resolutions Mobile Workforce Protection End-point Security to Protect Mobile Users Regardless of Location Rogue Detection & Elimination Intrusion Detection Automated Termination Policy Compliance Wireless Troubleshooting Forensic Analysis Location Tracking Enterprise-class Scalability

11 11 Optimal WIPS Solution Architecture Centralized, Hardened Appliance Protection for WLAN Infrastructure and Devices Secure Layer 3 Connections Between Sensors and Appliance Minimal WAN Bandwidth Needed by Sensors, < 3Kb/s Two Types of Sensors: Dedicated Sensors are Separate Devices, Use One for Every 3-5 APs Integrated Sensors are Built Into Access Points All Sensors Provide 24x7 Protection for Gap-free Security NETWORK Distributed Collaborative Architecture is Highly Scalable Integrated AP/Sensor FIELD OFFICE Central Appliance Dedicated Sensor CORPORATE OFFICE

12 12 Combined AP & Sensor Optimal – full-time sensing/WIPS For years customer have asked for a single device as AP and Sensor Some solutions were “part-time” – when AP was not busy, would scan some channels. NOT recommended. New in market – APs with multiple Radios – where 1 radio can be “assigned” a sensor. Imperative – sensor MUST be full time! Imperative – if device is sensor and AP – is it scanning all channels? Reduced Deployment Cost – No Overlay Sensor Deployment

13 13 Status on – “n” Requires sensor to have ‘n’ radio – more expensive usually In the market are some Dual-radio APs to Use One Radio for Dedicated WIPS Sensing – most cost effective option There are sensors to cover ‘n’ In a no wireless environment ‘n’ can be a new threat Unless “green-field” ‘n’ – b, g radio sensors will see all traffic

14 14 Wireless Intrusion Prevention Solutions (WIPS) – what you should require COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis

15 15 Eliminate Rogues on the Network Differentiate Between Neighbors and Rogue Devices Automatically Identify Every Type of Rogue Device Connected to the Network Historical Record of Associations & Traffic Automatic Elimination Automatically Finds and Removes All Rogue Devices REMOTE OFFICE NEIGHBOR DETECT - ANALYZE - ELIMINATE Dedicated Sensor Open Rogue AP Encrypted Rogue AP Rogue AP Behind Firewall Soft AP Rogue Devices Can be Anywhere on the Network and can be Encrypted

16 16 Comprehensive Intrusion Detection Sensors PROTOCOL ABUSE ANOMALOUS BEHAVIOR SIGNATURE ANALYSIS POLICY MANAGER Correlation Engines Context-Aware Detection Engines Broad set of Threats Detected Reconnaissance & Probing Denial of Service Attacks Identity Thefts, Malicious Associations Dictionary Attacks; Security Policy Violations Minimal False Positives Correlation Across Multiple Detection Engines Reduces False Positives Most Accurate Attack Detection Powerful Detection with Minimal False Positives DETECTIONDISCOVERYANALYSIS

17 17 Automated Wireless Protection Wireless Termination Targeted Disruption of Wireless Connections No Impact to Allowed Network Traffic Compliant with Applicable Laws & FCC Regulations Wired Port Suppression Search Wired Network to Locate the Switch-port a Rogue Threat is Attached to Safeguards Ensure Only Threat is Disconnected Wireless ACL Prevent Wireless Stations from Connecting to the WLAN Sensor WIPS Appliance Switch Laptop Neighboring AP APs Wireless Station AP Terminated: Accidental Association Port Suppressed: Rogue AP ACL Enforced: Rogue Station Comprehensive Threat Mitigation that is Powerful & Safe to Use

18 18 Forensic Analysis Extensive Forensic Data Months of Historical Data Accessible from System 325+ Statistics per Device per Minute Device Connectivity & Activity Logs Valuable Business Information Accurate Records for Forensic Analysis & Policy Compliance Reporting Determine Exact Time & Impact of Attempted Attacks Record of Wireless Performance and Connectivity Issues FORENSIC SUMMARY ASSOCIATION ANALYSIS Unrivaled Visibility into Network Activity & Threats

19 19 SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis Wireless Intrusion Prevention Solutions (WIPS) – what you should require PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security

20 20 Regulatory Compliance RETAIL FEDERAL HEALTHCARE CORPORATE Payment Card Industry (PCI) Data Security Standard (DSS) Automated Wireless Scanning and Rogue Wireless Elimination Wireless Intrusion Prevention Encryption Policy Enforcement Department of Defense 8100.2 Directive Must have 24x7 Dedicated WIDS Applicable Regardless of WLAN Deployment Common Criteria Certification Needed Location Tracking Mandatory Health Insurance Portability and Accountability Act (HIPAA ) Encryption Validation Security Configuration Management HIPAA Compliance Reports Sarbanes Oxley (SOX) Compliance Gramm-Leach-Bliley Act (GLBA) Protect Confidentiality and Integrity of Corporate Data Transmitted Wirelessly Reporting and Audit Support DoD Standard Compliance Report

21 21 Policy Compliance & Reporting Fully Customizable Reporting and Dedicated Monitoring of Policy Compliance and Network Performance COMPLY Monitor Enforce Define DEFINE WIRELESS POLICY CUSTOMIZABLE REPORTING

22 22 SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records Wireless Intrusion Prevention Solutions (WIPS) – what you should require SECURITY Rogue Elimination Intrusion Detection Automated Defenses Forensic Analysis Legacy Protection Mobile Protection COMPLIANCE 24x7 Policy Monitoring Flexible Definition Custom Reports PCI, HIPAA, GLBA, US DoD, SOX Reports Granular Forensic Records TROUBLESHOOTING Solve Issues Remotely Level 1 Helpdesk Proactive Monitoring Spectrum Analysis Interference Detection LiveRF Coverage Remote Packet Capture Historical Analysis PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security PROTECTION FOR ANY WLAN Trouble- shooting Compliance Security

23 23 PASTPRESENTFUTURE HISTORICAL TROUBLESHOOTING TOOLS Detailed Forensics Scope Forensics Alarm Forensics PROACTIVE TROUBLE PREVENTION AP Testing Policy Compliance Performance Policy REAL-TIME TROUBLESHOOTING TOOLS LiveView Connectivity Troubleshooting AP Testing Spectrum Analysis LiveRF End-user FeedbackPerformance Alarms & Reports Centralized WLAN Troubleshooting Remote Troubleshooting

24 24 Remote Visibility Real-time View of WLAN Turn Any Sensor into a ‘Sniffer’ Full Layer 2 Frame Capture Visualize Wireless Traffic Flow 28 Different Graphical Views Low Network Support Costs Real-time View of Remote WLAN Advanced Centralized Troubleshooting Reduced on-site Support Cost Increased WLAN Uptime Remote WLAN Troubleshooting with Real-time Analysis FRAME CAPTURE REAL-TIME TRAFFIC CONNECTION ANALYSIS

25 25 Advanced Troubleshooting Connection Troubleshooting Designed for Level 1 Helpdesk Quickly Determine if it is a Wireless or Wired Network Issue Simple Debugging of Wireless Issues Escalation Only if Necessary Centralized Troubleshooting AP Connectivity Test Proactively Test One or More APs Find Problems Before Disruption Analyze Wireless and Wired Network from Clients Perspective Schedule Automatic Tests Test Access to Wired Applications Secure Server WAN DHCP Server Application Server DATA CENTERREMOTE LOCATION

26 26 Spectrum Analysis Module Physical Layer Troubleshooting Detect non-802.11 Interference – Microwaves, Bluetooth, Frequency Hopping Devices etc. 2.4 and 5 GHz Band Support Remote Real-time Spectrograms Automated Interference Detection Use Existing Sensors – No Special Hardware Needed Remote Detection of Interference Automatic Interference Alarms Improve Wireless Performance FULL SCAN CLASSIFY INTERFERENCE SOURCES

27 27 Coverage Mapping Understand Wireless Coverage & Impact on Applications Real-time RF coverage analysis Building Aware Prediction of Coverage and Capacity Application Specific Simulations – Voice, Video, Data Centralized and Remote Analysis VIEW SIGNAL COVERAGE FOR APPLICATIONS COVERAGE CHANGE WITH INTERFERER Wireless Camera Used as Interference Source Comparison of VoIP Coverage

28 28 Continuous Rogue Detection –US Dept of Energy (DOE) –Federal Aviation Administration (FAA) –US House of Representatives –Department of Agriculture (USDA) –Defense Advanced Research Agency (DARPA) –US Marine Corp –Defense Information Systems Agency (DISA) 28 Government Usage – No-wireless Policy DISA FBI DoL DoS DoE FCC SEC

29 29 Existing WLAN – WIPS – non-DoD –Department of Energy (DOE) –Security and Exchange Commission (SEC) –Veteran Affairs (VA) –Bureau of Labor Statistics –Federal Communication Commission (FCC) –Social Security Administration (SSA) –National Archives 29 Government Usage – In-building Wireless IDS (US Non-DOD) DISA FBI DoL DoS DoE FCC SEC

30 30 Indoor WLAN – WIPS – DoD –US Army –Defense Commissary Agency (DeCA) –Defense Logistics Agency (DLA) –Joint Forces Command (JFCOM) –Naval Space and Warfare Command –Naval War College 30 Government Usage – In-building Wireless IDS (DOD) DISA FBI DoL DoS DoE FCC SEC –Naval Hospital Jacksonville –DISA Joint Interoperability Test Center (JITC) –Defense Manpower Data Center –National Security Agency (NSA) –National Geospatial Agency (NGA)

31 31 - Dept of Homeland Security – Customs and Border Protection (CBP) –FBI Securing WLANs of field- deployed tactical units (portable units) –Navy Pierside Wireless Project Securing ship-to-shore wireless bridging at every Naval port 31 Government Usage – Outdoor Wireless IDS (DOD) DISA FBI DoL DoS DoE FCC SEC –Navy Shipboard Wireless Securing onboard WLAN for inventory application (barcode readers) –Wireless Perimeter Video Surveillance – 3 Navy sites, 1 Army site –Navy Tactical Field-deployed WLAN - air traffic control center – 5 systems –Naval Shipyard Outdoor WLAN - Securing outdoor WLAN mesh

32 32 - Laptop lockdown (no-wireless policy) DOD – AirDefense Personal –Secure Wireless Remote Access DISA – AirDefense Personal for telecommuting initiative DHS – AirDefense Personal –Cybercrimes – using AirDefense Mobile for WiFi surveillance DHS Naval Criminal Investigative Service (NCIS) –Warwalking – AirDefense Mobile for enforcing no-wireless policy Pentagon Navy National Park Service 32 Government Usage – Mobile Wireless Analyzers and Client based controls

33 33 Conclusion WIRELESS SECURITY IS PARAMOUNT Stating you have no wireless – is not enough! Several Recent Data Breaches Have Happened Over Wireless CENTRALIZED WIRELESS MONITORING NEEDED Rogue Wireless Access and Wireless Attacks on the Rise Significant OPEX in Resolving WLAN Connectivity and Performance Problems Expect the most from the solution you select! Automated Elimination of All types of Rogue Wireless Devices Detection of 200+ Attacks and Policy Violations Centralized, Advanced Troubleshooting of Wireless Connectivity Issues Wireless Compliance Validation and Reporting Integrated Deployment with WLAN – Common AP + Sensor Hardware, Integrated Management

34 34 Fortifying Wireless Networks Thank You Diane Johnson Diane.johnson@motorola.com +44 7554 436 939

Download ppt "1 Fortifying Wireless Networks. 2 Server Users Traditional Wired Network Well-Defined Network Edge, Straightforward to Manage and Secure INTERNET SECURE."

Similar presentations

MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.

MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective.
Network Systems Sales LLC

Network Systems Sales LLC
Agenda Product Overview Hardware Interfaces Software Features

Agenda Product Overview Hardware Interfaces Software Features
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
SHARKFEST '08 | Foothill College | March 31 - April 2, 2008 Non-Intrusive Out-of-Band Network Monitoring Utilizing a Data-Access Switch April 1, 2008 Patrick.

SHARKFEST '08 | Foothill College | March 31 - April 2, 2008 Non-Intrusive Out-of-Band Network Monitoring Utilizing a Data-Access Switch April 1, 2008 Patrick.
Is Your Network Ready for the iPad? George Bentinck MBCS MIET Sales Engineer, EMEA +44 (0) 2078 719987 Twitter: meraki_se.

Is Your Network Ready for the iPad? George Bentinck MBCS MIET Sales Engineer, EMEA +44 (0) Twitter: meraki_se.
1 Improving Efficiency, Reliability and Security in the Mobile Communications & Data Environment Coban User Group 2013, Rob Boback – Public Safety Sales.

1 Improving Efficiency, Reliability and Security in the Mobile Communications & Data Environment Coban User Group 2013, Rob Boback – Public Safety Sales.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Chapter - 11 CWNA Certified Wireless Network Administrator Introduction to Wireless LANs.

Chapter - 11 CWNA Certified Wireless Network Administrator Introduction to Wireless LANs.
MOTOROLA and the Stylized M Logo are registered in the US Patent and Trademark Office. All other product or service names are the property of their respective.

MOTOROLA and the Stylized M Logo are registered in the US Patent and Trademark Office. All other product or service names are the property of their respective.
Motorola Mobility Services Platform (MSP3.2) Control Edition Optimizing use of your mobile assets Daphanie Wallace June 2008 Enterprise Mobility Solutions.

Motorola Mobility Services Platform (MSP3.2) Control Edition Optimizing use of your mobile assets Daphanie Wallace June 2008 Enterprise Mobility Solutions.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.

Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.
Security Controls – What Works

Security Controls – What Works
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Wireless Network Security

Wireless Network Security
NetFlow Analyzer Drilldown to the root-QoS Product Overview.

NetFlow Analyzer Drilldown to the root-QoS Product Overview.
AirDefense Enterprise 7.0 What is New Future Proof Wireless Security Platform based on Collaborative Intelligence December 12, 2005.

AirDefense Enterprise 7.0 What is New Future Proof Wireless Security Platform based on Collaborative Intelligence December 12, 2005.

Similar presentations

Ads by Google