Sri Sundaralingam, VP, Product Management Dr. Kaustubh Phanse, Senior Wireless Architect A New Wireless Risk to the Enterp...
Consumerization of IT (especially wireless/mobile) is posing a challenge for enterprise security
 
Evolution of Wi-Fi support on end-user devices Traditional Wi-Fi Operate as client/ad-hoc First Gen “Soft AP” Convert lapt...
Setting up a Windows 7 Soft AP is simple!
Download free utility from http://connectify.me/
Choose SSID, WPA2-PSK Password, Interface Click !
Voilà !  We have a hotspot!
You can do the same using Intel’s My WiFi utility
Windows 7 Soft AP: A User’s Delight
Windows 7 Soft AP:  Security? ?
Typical Rogue AP scenario
Windows 7 Rogue AP scenario
Security administrator has  no visibility  and  no control  over allowing or denying access to devices connecting through ...
Wired security measures are ineffective!
What can you do about it?
<ul><li>Shutdown user privileges for running Virtual WiFi   </li></ul><ul><li>- Use Windows Active Directory group policy ...
<ul><li>Centrally enforce wireless policies </li></ul><ul><li>Enable flexibility </li></ul>Wireless Security Endpoint Agent
Permit legitimate devices, deny access to others Wireless Intrusion Prevention System (WIPS) Wire-side scanning cannot det...
SpectraGuard Enterprise WIPS
1-click drill down
Accurate location tracking
 
 
 
 
Prevention turned ON
 
<ul><li>Windows 7 Virtual WiFi allows simultaneous operation as client and as Soft AP </li></ul><ul><li>- Very easy to set...
<ul><li>Automates wireless threat remediation </li></ul><ul><li>Minimizes false alarms </li></ul><ul><li>Provides “always ...
SpectraGuard Product Family WLAN Coverage & Security Planning  SpectraGuard   Planner SpectraGuard   SAFE Wireless Securit...
Thank You! The Global Leader in Wireless Security and Compliance For more information on wireless security risks, best pra...
Upcoming SlideShare
Loading in …5
×

Windows 7 - A New Wireless Risk to the Enterprise

2,507 views

Published on

Windows 7 soft ap is a new wireless risk to the enterprise. This presentation demonstrates how windows 7 can be converted to a soft ap(hotspot) and become a thread to your organization.

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,507
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • This is been an ongoing trend for past few years and will continue for several years to come… Happening rapidly for Wireless-enabled devices: laptops, Netbooks, Smartphones, Gaming equipment, etc. Corporate security threat as these devices are brought into the enterprise End-user perspective: If I can use this at home why can’t I use this at work? Same issue as Social networking, etc.
  • The question then is are you ready for this challenge? Do you have wireless usage and security policies and do you have a mechanism to enforce it?
  • Laptop can be configured to simultaneously connect to a Wi-Fi network as well as serve other devices as an Access Point (known as Software-enabled AP)
  • Isn’t this a great feature! A personal hotspot! Setup a Personal Area Network using Wi-Fi connectivity Connect Smartphones, Zune, and other devices to your laptop to synch music &amp; video, share photos, transfer files, print, and share the Internet connection.
  • Isn’t this a great feature! A personal hotspot! Setup a Personal Area Network using Wi-Fi connectivity Connect Smartphones, Zune, and other devices to your laptop to synch music &amp; video, share photos, transfer files, print, and share the Internet connection.
  • Our findings
  • 02/25/10
  • 02/25/10
  • Windows 7 - A New Wireless Risk to the Enterprise

    1. 1. Sri Sundaralingam, VP, Product Management Dr. Kaustubh Phanse, Senior Wireless Architect A New Wireless Risk to the Enterprise Windows 7
    2. 2. Consumerization of IT (especially wireless/mobile) is posing a challenge for enterprise security
    3. 4. Evolution of Wi-Fi support on end-user devices Traditional Wi-Fi Operate as client/ad-hoc First Gen “Soft AP” Convert laptop into AP But, single function: Can operate either as AP OR client/ad-hoc Windows 7 Virtual WiFi – The Next Gen Soft AP Can operate as Soft AP and Client/Ad-hoc simultaneously
    4. 5. Setting up a Windows 7 Soft AP is simple!
    5. 6. Download free utility from http://connectify.me/
    6. 7. Choose SSID, WPA2-PSK Password, Interface Click !
    7. 8. Voilà ! We have a hotspot!
    8. 9. You can do the same using Intel’s My WiFi utility
    9. 10. Windows 7 Soft AP: A User’s Delight
    10. 11. Windows 7 Soft AP: Security? ?
    11. 12. Typical Rogue AP scenario
    12. 13. Windows 7 Rogue AP scenario
    13. 14. Security administrator has no visibility and no control over allowing or denying access to devices connecting through ‘Virtual WiFi’ Policy Enforcement Challenge
    14. 15. Wired security measures are ineffective!
    15. 16. What can you do about it?
    16. 17. <ul><li>Shutdown user privileges for running Virtual WiFi </li></ul><ul><li>- Use Windows Active Directory group policy </li></ul><ul><li>- Supported on Windows 2008 server R2 </li></ul><ul><li>Not always practical </li></ul><ul><li>Lacks flexibility </li></ul>Windows User Group Policy
    17. 18. <ul><li>Centrally enforce wireless policies </li></ul><ul><li>Enable flexibility </li></ul>Wireless Security Endpoint Agent
    18. 19. Permit legitimate devices, deny access to others Wireless Intrusion Prevention System (WIPS) Wire-side scanning cannot detect presence of Virtual WiFi Soft APs  Wired and Wireless correlation is necessary to detect and block Virtual WiFi Soft APs 
    19. 20. SpectraGuard Enterprise WIPS
    20. 21. 1-click drill down
    21. 22. Accurate location tracking
    22. 27. Prevention turned ON
    23. 29. <ul><li>Windows 7 Virtual WiFi allows simultaneous operation as client and as Soft AP </li></ul><ul><li>- Very easy to set up, e.g., Connectify, Intel My WiFi </li></ul><ul><li>This new type of Rogue AP can now be connected to your enterprise network also through WiFi </li></ul><ul><li>Presence of Soft AP cannot be detected using wire-side scanning alone </li></ul><ul><li>Can be detected only using a WIPS that correlates wired and wireless traffic </li></ul>Our findings
    24. 30. <ul><li>Automates wireless threat remediation </li></ul><ul><li>Minimizes false alarms </li></ul><ul><li>Provides “always on” protection </li></ul><ul><li>Protects both current and legacy WLANs </li></ul><ul><li>Integrates with any WLAN environment </li></ul><ul><li>Simplifies compliance </li></ul><ul><li>Ideal solution for both secure WiFi and no-WiFi environments </li></ul>AirTight’s Key Value Propositions
    25. 31. SpectraGuard Product Family WLAN Coverage & Security Planning SpectraGuard Planner SpectraGuard SAFE Wireless Security for Mobile Users SpectraGuard Online Industry’s Only Wireless Security Service SpectraGuard Enterprise Complete Wireless Intrusion Prevention
    26. 32. Thank You! The Global Leader in Wireless Security and Compliance For more information on wireless security risks, best practices, and solutions, visit: www.airtightnetworks.com For up-to-date information on developments in wireless security, visit blog.airtightnetworks.com

    ×