Fortifying Wireless LANs    Gap-free Security & Compliance, Infrastructure Mgmt & Network Assurance MOTOROLA AIRDEFENSE SO...
Wireless Security Concerns MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other ...
Why is it easy to attack WLAN ? 802.11 Frame Format vs. 802.3 <ul><li>Layer 2 - three different frames </li></ul><ul><ul><...
Wireless Phishing MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product o...
IPPON Attack Type 1  & 2 Tools such as  IPPON  Uses several techniques of update-exploitation attacks  Leverages a man-in-...
Windows 7 – Virtual Wifi Mode…thanks MS! MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Offi...
Risks Faced By Mobile Workers MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All oth...
WLAN Management Concerns & Factors Affecting WLAN Reliability MOTOROLA and the Stylized M Logo are registered in the US Pa...
The Industry is changing –  Unified Wireless Management Platforms MOTOROLA and the Stylized M Logo are registered in the U...
Lifecycle: Rogue Threat Management & Mitigation Comprehensive Threat Analysis and locationing <ul><li>Detect Rogue Devices...
Automated Wireless Protection  SECURITY &  COMPLIANCE Wireless Termination Targeted Disruption of Wireless Connections No ...
Requirement! Forensic Analysis for Security MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark O...
Broad Analysis for “Network Assurance” MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office...
Requirement! Forensics for Troubleshooting WLAN Issues MOTOROLA and the Stylized M Logo are registered in the US Patent & ...
Physical Layer and RF Troubleshooting MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office....
WLAN Device Management:  Centrally Manage Multi-vendor Deployments MOTOROLA and the Stylized M Logo are registered in the ...
Wireless Security  is Paramount MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All o...
The Motorola AirDefense Solution MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All ...
Solution Architecture MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other produ...
Innovative Add-on Modules MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other p...
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names ar...
Upcoming SlideShare
Loading in …5
×

Fortifying WLANs: Wireless Security & Compliance, Infrastructure Mgmt & Network Assurance

622 views
570 views

Published on

This session covers security risks associated with WLANs, including tools that are used by hackers to exploit wireless vulnerabilities. We will also cover key performance issues that affect deployments and holistic WLAN management solutions that can be leveraged to dramatically reduce TCO and achieve quicker ROI from your WLAN.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
622
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
54
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fortifying WLANs: Wireless Security & Compliance, Infrastructure Mgmt & Network Assurance

  1. 1. Fortifying Wireless LANs Gap-free Security & Compliance, Infrastructure Mgmt & Network Assurance MOTOROLA AIRDEFENSE SOLUTIONS
  2. 2. Wireless Security Concerns MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. INTERNET Server Users Network Edge Blurred New Attack Vectors ‘Behind’ the Firewall Mis-configured AP Hacker in Parking Lot Users Connecting to Neighboring Networks Rogue AP You may be a target? Purposeful Threats Your users may just not know any better? Policy Threats
  3. 3. Why is it easy to attack WLAN ? 802.11 Frame Format vs. 802.3 <ul><li>Layer 2 - three different frames </li></ul><ul><ul><li>Management frames </li></ul></ul><ul><ul><li>Control frames </li></ul></ul><ul><ul><li>Data frames </li></ul></ul><ul><li>Layer 2 - single data frame </li></ul><ul><ul><li>3 step handshake </li></ul></ul>frames 802.11 802.3 <ul><li>Important: </li></ul><ul><li>Encryption (WEP, WPA2 ...) is only valid for the „Data Frame“ </li></ul><ul><li>„ Management/Control Frames“ are NOTencryptable, which means transparent and always visible , ( even 802.11 w WILL NOT HELP!) </li></ul><ul><li>Layer 1 is a cable </li></ul><ul><li>Layer 1 is the AIR </li></ul>MAC SSID Channel BSSID Vendor Framerates Need WEP Key MAC
  4. 4. Wireless Phishing MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Tools such as Karma can Respond to ANY Client Probe Request Takes advantage of Automatic Network Selection in Windows (Zero Configuration Client) 3 Naïve user Associates with AP 2 AP responds to Probe Request Laptop sends Probe Request 1 AP provides IP address to User 4 Scan laptop for vulnerabilities & compromise it 5 Use station as a launch pad 6 Intruder Laptop (Soft AP) User Station
  5. 5. IPPON Attack Type 1 & 2 Tools such as IPPON Uses several techniques of update-exploitation attacks Leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session
  6. 6. Windows 7 – Virtual Wifi Mode…thanks MS! MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Virtual WiFi EVERY laptop can be an AP!
  7. 7. Risks Faced By Mobile Workers MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. COFFEE SHOP AIRPORT BRANCH OFFICE HOTEL HOME HEADQUARTERS Am I connected to an insecure access point? Am I connected to a real hotspot connection Are my employees using Municipal Wi-Fi? Is my laptop probing for SSIDs not on the safe list? Am I connected to another passenger in ad-hoc mode? Do I have wired & wireless on at the same time?
  8. 8. WLAN Management Concerns & Factors Affecting WLAN Reliability MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Users Wireless Switch Client Devices Vendor C: Acquired Business Users <ul><li>WLAN Device Management </li></ul><ul><li>Difficulty in Managing Various Infrastructure Vendors with Multiple Consoles </li></ul><ul><li>Diverse Environments Add Levels of Complexity to Manage, Leaving Networks with Inconsistent Configuration </li></ul>Vendor A: Legacy Deployment Vendor B: Current Deployment Model Corporate Headquarters Noise & Interference Roaming Issues Coverage & Capacity Connectivity Problems <ul><li>WLAN “Network Assurance” </li></ul><ul><li>Device metrics and utilization </li></ul><ul><li>RF coverage and capacity </li></ul><ul><li>Connectivity problems </li></ul><ul><li>Roaming issues </li></ul><ul><li>Noise and Interference </li></ul>
  9. 9. The Industry is changing – Unified Wireless Management Platforms MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Security and Comply with Regulatory & Industry Requirements Centrally Control and Monitor WLAN Infrastructure with One Management Console Infrastructure Management Network Assurance Unified Platform WLAN Troubleshooting and Proactive Analysis of Wireless Issues Security & Compliance
  10. 10. Lifecycle: Rogue Threat Management & Mitigation Comprehensive Threat Analysis and locationing <ul><li>Detect Rogue Devices / Associations </li></ul><ul><ul><li>Hardware APs, Soft APs, Wireless ready laptops </li></ul></ul><ul><ul><li>Specialty Devices </li></ul></ul><ul><ul><li>Ad-hoc networks/ Accidental/ Malicious Associations </li></ul></ul>1 <ul><li>Calculate Threat Index </li></ul><ul><ul><li>Threat-based Management </li></ul></ul><ul><ul><li>Partitioning of Friendly Neighboring Networks till they get malicious </li></ul></ul>2 <ul><li>Analyze Rogue Connections </li></ul><ul><ul><li>In-depth analysis of the activity level of each rogue </li></ul></ul><ul><ul><li>Who was connected to the rogue </li></ul></ul><ul><ul><li>What/ how much data transmitted </li></ul></ul>3 <ul><li>Locate Rogue Devices </li></ul><ul><ul><li>Real-time accurate location tracking of all devices </li></ul></ul>4 <ul><li>Terminate Rogue Devices </li></ul><ul><ul><li>Policy-based & manual termination </li></ul></ul><ul><ul><li>Via air or port suppression </li></ul></ul>5 Highest Risk Innocent Neighbor AP Least Risk Connection to Neighbor AP Rogue AP in my building Connection to Rogue AP & transferring data Rogue AP on My Network
  11. 11. Automated Wireless Protection SECURITY & COMPLIANCE Wireless Termination Targeted Disruption of Wireless Connections No Impact to Allowed Network Traffic Compliant with Applicable Laws & FCC Regulations Wired Port Suppression Search Wired Network to Locate the Switch-port a Rogue Threat is Attached to Safeguards Ensure Only Threat is Disconnected Wireless ACL Prevent Wireless Stations from Connecting to the WLAN Sensor WIPS Appliance Switch Laptop Neighboring AP APs Wireless Station AP Terminated: Accidental Association Port Suppressed: Rogue AP ACL Enforced: Rogue Station Comprehensive Threat Mitigation that is Powerful & Safe to Use Methods of IPS
  12. 12. Requirement! Forensic Analysis for Security MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Visibility into Network Activity & Threats Forensic Summary Association Analysis <ul><li>Extensive Forensic Data </li></ul><ul><li>Record of Device Connectivity </li></ul><ul><li>Determine Exact Time & Impact of Security Incidents </li></ul><ul><li>Historical Data Storage </li></ul><ul><li>Benefits </li></ul><ul><li>Complete picture of event: before, during, after </li></ul><ul><li>Understand Exposure From Transient Threats </li></ul><ul><li>Reduces Need for 24/7 Staffing </li></ul><ul><li>Legally may require details to prosecute </li></ul>
  13. 13. Broad Analysis for “Network Assurance” MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. <ul><li>Historical </li></ul><ul><li>Troubleshooting </li></ul><ul><li>Tools </li></ul><ul><li>Detailed Forensics </li></ul><ul><li>Scope Forensics </li></ul><ul><li>Alarm Forensics </li></ul><ul><li>Real-time </li></ul><ul><li>Troubleshooting </li></ul><ul><li>Tools </li></ul><ul><li>Live Wireless Analysis </li></ul><ul><li>Client Connectivity Troubleshooting </li></ul><ul><li>AP Connection Testing </li></ul><ul><li>Spectrum Analysis </li></ul><ul><li>Live RF Visualization </li></ul><ul><li>Proactive </li></ul><ul><li>Trouble </li></ul><ul><li>Prevention </li></ul><ul><li>AP Connection Testing </li></ul><ul><li>Monitoring to ensure Policy Compliance </li></ul><ul><li>Monitoring to Performance Policy Compliance </li></ul><ul><li>RF coverage change Modeling </li></ul>End-user Feedback Performance Alarms & Reports Centralized WLAN Troubleshooting
  14. 14. Requirement! Forensics for Troubleshooting WLAN Issues MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. <ul><li>Detailed Forensic Analysis </li></ul><ul><li>Device, Threats, Associations, Traffic, Signal and Location Tends </li></ul><ul><li>Record of Wireless Performance and Connectivity Issues </li></ul><ul><li>Network Trend Analysis </li></ul><ul><li>Historical Analysis of Intermittent Wireless Problems </li></ul><ul><li>Performance Trends and Establish Network Baselines </li></ul>Traffic Analysis Event Sequence Faster Root Cause Determination and Recovery
  15. 15. Physical Layer and RF Troubleshooting MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. <ul><li>Spectrum Analysis for Interference Detection </li></ul><ul><li>Real-time Spectrograms </li></ul><ul><li>Proactive Detection of Application Impacting Interference </li></ul><ul><li>Remote Real Time L1 Troubleshooting </li></ul>Easily Identify the impact and Source of Interference Problems Classify Interference Sources <ul><li>Visualize RF Coverage </li></ul><ul><li>Real-time RF Visualizations </li></ul><ul><li>Proactive Monitoring and Alerting of Coverage Problems </li></ul><ul><li>Application Specific Simulations – Voice, Video, Data, Custom </li></ul><ul><li>Comparative Analysis of Current Environment to Known Healthy Environment </li></ul>Side-by-side Comparative Analysis
  16. 16. WLAN Device Management: Centrally Manage Multi-vendor Deployments MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Operate the Entire Wireless Network from One Console Holistic Visibility <ul><li>Managing the Wireless Network </li></ul><ul><li>Perform Device Configuration </li></ul><ul><li>Automate Configuration Audit & Correction </li></ul><ul><li>Monitor Device Health </li></ul><ul><li>Receive Infrastructure Faults </li></ul><ul><li>Collect Network Traffic Statistics </li></ul><ul><li>Identifying, Analyzing and </li></ul><ul><li>Remediating Issues </li></ul><ul><li>Visualizing Network Topology </li></ul><ul><li>Maintaining Consistent Configuration </li></ul><ul><li>Monitoring and Prioritizing Critical Events </li></ul><ul><li>Reporting on Network Health and Utilization </li></ul>
  17. 17. Wireless Security is Paramount MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Motorola’s AirDefense Solution has a Positive ROI within a Year Security & Compliance <ul><li>Cost Effective Compliance with Regulatory and Industry Requirements. </li></ul><ul><li>Prevention Cost is About 5% the Cost of the Data Breach. </li></ul>Infrastructure Management <ul><li>Holistic Network Management with a Single ‘Pane of Glass’ for Central Management. </li></ul><ul><li>Network Upgrades/Migrations are Simplified with Centrally Managed Infrastructure. </li></ul>Network Assurance <ul><li>Improve Wireless Availability and Network Reduce Downtime. </li></ul><ul><li>Reduce Operational Costs Associated with Wireless Performance and Maintenance. </li></ul>Centralized Mgmt Improves Network Performance 24x7 Monitoring Ensures Network Reliability Why a Unified Wireless Management Platform? Improved ROI Cross Domain usage and value
  18. 18. The Motorola AirDefense Solution MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Ensure Security and Comply with Regulatory & Industry Requirements Centrally Control and Monitor WLAN Infrastructure with One Management Console Infrastructure Management Network Assurance Managed Services Advanced Services Solutions for Any WLAN Allows Remote Troubleshooting and Proactive Analysis of Wireless Issues Security & Compliance
  19. 19. Solution Architecture MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. <ul><li>The Hardware: </li></ul><ul><li>Centralized, Hardened Appliance – Secure System with Low-bandwidth Utilization </li></ul><ul><li>Two Types of Sensors </li></ul><ul><li> - Integrated Sensors are Built into Motorola Access Points </li></ul><ul><li> - Stand Alone Sensors are Separate Devices, Use One for Every 3-5 APs </li></ul><ul><li>The AirDefense Services Platform: </li></ul><ul><li>Centralized Reporting </li></ul><ul><li>24x7 Monitoring </li></ul><ul><li>Robust Alarm Management </li></ul><ul><li>Automatic Mitigation & Escalation </li></ul><ul><li>Forensic Analysis </li></ul><ul><li>Multi-vendor Management </li></ul><ul><li>Remote Troubleshooting </li></ul><ul><li>Interference Detection </li></ul>AirDefense Services Platform Industry First: Combined AP & Sensor Headquarters ADSP Appliance Sensor Field Offices Field Offices Wireless Switch <ul><li>Advanced Forensics </li></ul><ul><li>Spectrum Analysis </li></ul><ul><li>Advanced Troubleshooting </li></ul><ul><li>LiveRF </li></ul><ul><li>Mobile Laptop Analyzer </li></ul>Network Assurance Infrastructure Management <ul><li>WLAN Management </li></ul><ul><li>Centralized Management Console </li></ul>Security & Compliance <ul><li>WIPS </li></ul><ul><li>Wireless Vulnerability Assessment </li></ul><ul><li>Advanced Forensics </li></ul><ul><li>Mobile Workforce Protection </li></ul><ul><li>Legacy Encryption Protection </li></ul>
  20. 20. Innovative Add-on Modules MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. <ul><ul><ul><li>Innovative Add-on Modules </li></ul></ul></ul>Wireless Vulnerability Assessment Mobile Workforce Protection Proactively Assess the Security Posture of Wireless Networks End-point Security to Protect Mobile Users Regardless of Location WLAN Management Provides Simplified, Centralized Multi-vendor WLAN Infrastructure Management & Control Centralized Management Console Manage Multiple Motorola AirDefense Enterprise Appliances From One Single Console Wireless Intrusion Prevention Vendor-agnostic 24x7 Wireless Intrusion Prevention System & Automated Threat Mitigation Advanced Forensics Rewind & Review Detailed Wireless Activity Records for Forensic Investigations & Troubleshooting Advanced Troubleshooting Spectrum Analysis Provides Faster Resolution of Wireless-related Issues as Well as Proactive Performance Detect & Classify Common Types of RF Interference Sources Including Microwaves, Bluetooth etc. Real-time Assessment of Wireless Network Performance. Centrally Analyze & Troubleshoot Connectivity Issues LiveRF Legacy Encryption Protection Provides Protection for Wireless Infrastructure Secured by Legacy Encryption Protocols
  21. 21. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved. Thank You! Please Visit the Motorola Booth for More Information Diane Johnson [email_address]

×