Wireless and Mobile Security
Advanced Solutions
K. K. Mookhey, Principal Consultant
Agenda
� Challenges
� Solutions
� WLAN Security
� WLAN Identity Management
� Preventing Dual Connectivity
� WLAN IDS/IPS
� Blocking Rogue APs and Connections
� Summary
Challenges
� Weak WLAN configurations
� W-WAN configuration consistency
� User identity management and authentication
� Rogue access points
� Users who connect to insecure/guest network while on the corporate network
� Monitoring WLAN attacks
� VA of WLAN
Wireless LAN Controller
� Corporate-wide or campus-wide implementation of Wi-Fi
� Features:
� Configure all Access Points with identical parameters
� LDAP-based authentication
� Identify and block rogue Access Points
� Implement access control lists to restrict WLAN access from Corporate Network
� Implement Wireless IDS/IPS capability
� Integrate with NAC for endpoint security
WLAN Controller
WLAN Controller – Enforce Encryption
WLAN Controller ACL Capabilities
WLAN IDS/IPS Features
Rogue APs - Detection
WLAN-NAC Interfacing
� Identify the user
� Identify privileges of the user
� Verify user’s device configuration
� Anti-virus
� Patch levels
� Policy-compliance
� Interfaces with standards-based policy servers – Microsoft NAP, Cisco NAC, Juniper UAC, others compliant with Trusted Network Connect (TNC)
� Enforce compliance on end-devices
WLAN Management Solutions
� Real-time monitoring of every user, AP, controller
� Inventory, usage, and trend reports
� Detect new WiFi and other devices connected on the network
� Group-based policy definition
� Distribute patches and updates across the network
� Audit device configurations
� Support for multiple devices
� Diagnostics and alarms
� Support for multiple types of wireless technology
� Integrate with NMS
Vendors & Solutions to Consider
K K MOOKHEY
PRINCIPAL CONSULTANT
NETWORK INTELLIGENCE INDIA PVT. LTD.AN ISO/IEC 27001:2005 CERTIFIED COMPANY
Thank you!
Questions / Queries
Web http://www.niiconsulting.com
Email [email protected]
Tel +91-22-2839-2628
+91-22-4005-2628
Fax +91-22-2837-5454
