Presentation is loading. Please wait.

Presentation is loading. Please wait.

Center of Excellence Wireless and Information Technology CEWIT 2003 Keys To Secure Your Wireless Enterprise Toby Weiss SVP, eTrust Computer Associates.

Published byBrendan Mills Modified over 9 years ago

Similar presentations

Presentation on theme: "Center of Excellence Wireless and Information Technology CEWIT 2003 Keys To Secure Your Wireless Enterprise Toby Weiss SVP, eTrust Computer Associates."— Presentation transcript:

1 Center of Excellence Wireless and Information Technology CEWIT 2003 Keys To Secure Your Wireless Enterprise Toby Weiss SVP, eTrust Computer Associates International

2 Center of Excellence Wireless and Information Technology 2 CEWIT 2003 Agenda Overview of Wireless Networks Security Issues Keys to a Secure Wireless Environment

3 Center of Excellence Wireless and Information Technology 3 CEWIT 2003 Wireless Networks Today WPAN (Wireless Personal Area Network) –Bluetooth WLAN (Wireless Local Area Network) –802.11b, 802.11a,g,i,… WWAN (Wireless Wide Area Network) –Through wireless operators using GPRS, CDMA, etc.

4 Center of Excellence Wireless and Information Technology 4 CEWIT 2003 Wireless Enterprises WWAN WLAN Existing Infrastructure

5 Center of Excellence Wireless and Information Technology 5 CEWIT 2003 Wireless LANs Wireless ethernet Wireless access point (AP) connected to a desktop or server or an existing network Mobile devices with compatible network cards are required

6 Center of Excellence Wireless and Information Technology 6 CEWIT 2003 IEEE WLAN Specifications Specification FrequencyThroughput Range (in meters) 802.11b2.4 GHz11 MB/sec50 – 100 802.11a/h5 GHz54 MB/sec~ 50 802.11g2.4 GHz54 MB/sec50 – 100

7 Center of Excellence Wireless and Information Technology 7 CEWIT 2003 Hotspots Public Access WLANs The ones you find at airports, hotels, and other public places On the rise, but still many issues to deal with –Billing –Roaming –Security

8 Center of Excellence Wireless and Information Technology 8 CEWIT 2003 WWANs Service offered by wireless operators like Vodafone, NTT DoCoMo, Verizon Wireless, Cingular and others Data transfer over cellular networks Cover global geography Use technologies like GPRS, CDMA, and others

9 Center of Excellence Wireless and Information Technology 9 CEWIT 2003 What’s Available Today Most infrastructure is either 2G or 2.5G, not quite 3G yet 3G promises throughputs of: –~384 Kbps for semi-stationary devices –~128 Kbps when in a car –~ 2Mbps in fixed applications

10 Center of Excellence Wireless and Information Technology 10 CEWIT 2003 The #1 Barrier Security is the #1 issue for enterprises deploying wireless environments

11 Center of Excellence Wireless and Information Technology 11 CEWIT 2003 Network Security Integrate with existing infrastructure Rogue access points Vulnerable WLANs –Intrusions Sniffing Spoofing Session hijacking Man in the Middle –Obstructions Jamming Denial-of-service –War-driving, war-chalking

12 Center of Excellence Wireless and Information Technology 12 CEWIT 2003 Too Much Soup & Chips Build-it-yourself Wi-Fi antenna amplifiers a.k.a. “Cantennas” Pringles can (5 miles) Campbell’s Soup can (7 miles) Instructions available on the Web

13 Center of Excellence Wireless and Information Technology 13 CEWIT 2003 Nothing Better To Do?

14 Center of Excellence Wireless and Information Technology 14 CEWIT 2003 WLAN Security WEP (Wired Equivalent Privacy) –Provides encryption based on RC-4 cipher WPA (Wi-Fi Protected Access) –Uses dynamic keys and advanced encryption 802.1x –Provides authentication using EAP (Extensible Authentication Protocol) 802.11i –Advanced encryption and authentication

15 Center of Excellence Wireless and Information Technology 15 CEWIT 2003 Wireless Encryption 802.11 (WEP) RC4 40 Bits 0.7 Seconds GSMA5 56 Bits (NATO) 12 Hours Time To CrackKey Length AlgorithmSystem 40 Bits (friendly) 0.7 Seconds 0 Bits (world) 0 CDMA One 96 Bits (US) 1.5 Billion Yrs 32 Bits (world) 2.6 milliseconds Oryx UMTSKasumi 128 Bits 6.5 million trillion years 802.11 (TKIP Or WPA) RC4/Kerberos 128 Bits 3 Seconds Example Open Source Utilities: WEPCrack (Perl), Airsnort (Linux)

16 Center of Excellence Wireless and Information Technology 16 CEWIT 2003 Device Security Protection of mobile information Configuration control Virus attacks Recovering from the effects of lost and stolen devices

17 Center of Excellence Wireless and Information Technology 17 CEWIT 2003 User Security Integrate mobile users into existing security policies Context-based access control Identity management Authentication Provisioning Location-based security

18 Center of Excellence Wireless and Information Technology 18 CEWIT 2003 Security Best Practices Get your wired security in order first Take an enterprise-wide perspective Define clear goals and security policies for your wireless environment –Networks –Devices –Users Identify and audit the wireless users Research the technology thoroughly and choose what best meets your business objectives Partner with trusted business and technology advisors

19 Center of Excellence Wireless and Information Technology 19 CEWIT 2003 Basic WLAN security Use WEP or AES for encryption Maintain an updated MAC list Do not broadcast the SSID If you can, don’t use DHCP for wireless devices Use WPA so that the keys are dynamically rotated Use 802.1x to authenticate your users Require WLAN users to log in through VPN

20 Center of Excellence Wireless and Information Technology 20 CEWIT 2003 Take No Chances

21 Center of Excellence Wireless and Information Technology 21 CEWIT 2003 CA’s Wireless Solutions eTrust ™ Antivirus eTrust ™ Admin eTrust ™ Intrusion Detection eTrust ™ Web Access Control eTrust ™ Security Command Center CleverPath ™ Portal BrightStor ® Mobile Backup ManageDeliverSecure Storage Unicenter ® Wireless Network Management Option Unicenter ® Asset Management Unicenter ® Software Delivery Unicenter ® ServicePlus Service Desk

22 Center of Excellence Wireless and Information Technology CEWIT 2003 Keys To Secure Your Wireless Enterprise Toby Weiss SVP, eTrust Computer Associates International

Download ppt "Center of Excellence Wireless and Information Technology CEWIT 2003 Keys To Secure Your Wireless Enterprise Toby Weiss SVP, eTrust Computer Associates."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
CSG357 Dan Ziminski & Bill Davidge 1 Effective Wireless Security – Technology and Policy CSG 256 Final Project Presentation by Dan Ziminski & Bill Davidge.

CSG357 Dan Ziminski & Bill Davidge 1 Effective Wireless Security – Technology and Policy CSG 256 Final Project Presentation by Dan Ziminski & Bill Davidge.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Insecurity.

Wireless Insecurity.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wi-Fi the 802.11 Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.

Wi-Fi the Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Similar presentations

Ads by Google