1

T-Systems Motorola AirDefense

Secure WLAN Solution

2

Secure Corporate WLAN Solution

Project goal: Reengineering of the existing WLAN productive network, which is utilised as a transfer network for the security systems of the investor and international users, without interrupting operation during implementation.

Initial state: WLAN productive network with 2.4 GHz bandwidth

(IEEE 802.11 with synchronised frequency hopping). Largest public WiFi HotSpot – Visitor networks in the

precinct with 2.4 GHz and 5 GHz bandwidth (IEEE802.11a, b, g).

Solution co-engineered by KODYS and Motorola Why was the technological platform WLAN Motorola –

Symbol and AirDefense selected? Solution philosophy

Introduction to the unified secure WLAN solution

3

Perfect doesn’t always mean safe!

Boeing 747-121 aircraft Serial number: 19646 Engines: 4 x Pratt and Whitney

JT9D-7A turbofan

Perfect? Safe? September 21st, 1988 Boeing 747-121, N739PA

Lockerbie Dumfriesshire, Scotland

4

Architecture of the Secure WLAN Solution

RFMS

MSP

AP300

WIPS

Bezpečnostní brána 1

Bezpečnostní brána 2

RFS 7000

RFS 7000

AP300

AP300

Podniková datová síť

WiFi VLANy

WIPS VLAN

Admin VLAN

AP VLAN

5

Basic Components of the Switched WLAN

Wireless Switched Networks significantly simplify the installation of large wireless networks, while also decreasing their cost.

The administration of the entire wireless network is concentrated to a single place – the WLAN switch.

As in the case of routers and other network hardware, the switch is located separately from the WLAN access points.

Switched networks with a cell structure increase the security of WLAN traffic.

Motorola RFS7000 RF Switch

6

Basic Components of Switched Networks RF Switch RFS7000

AP300 Dual-band Access Point

Probes: Motorola – Symbol AP300, AirDefense 520, 510

7

Mobility Services Platform (MSP)

Quick installation of applications (staging) Update of mobile terminals (provisioning) Mobile devices inventory Monitoring and data analysis Remote end user support Increased corporate security

Why was MSP chosen?

8

Mobility Services Platform (MSP)

• MSP Server: A software solution designed for the Microsoft Windows 2003 Server platform.

• MSP Console: A web interface for the MSP Server, which allows access to administration of the mobile network from any computer.

• Relay Server: An FTP/FTPS server used for file communication between the MSP server and MSP clients.

Note: (The actual software for creating an FTP/FTPS server is not part of the MSP package. It is necessary to use third-party products)

• MSP Client: A backround application which runs on the mobile terminal and communicates with the MSP (Relay Server). The client contacts the server in regular defined intervals and secures packet synchronisation. The MSP Client also transfers information about devices to the MSP Server.

• Scalability Note: MSP is available in three versions: MSP Stage Edition, MSP Provision Edition and

MSP Control Edition.

MSP Components

9

Motorola RF Management Suite 3 (RFMS)

WLAN planning - Motorola LANPlanner version 10.2 Configuration of wireless components WLAN monitoring WLAN troubleshooting Device inventory Corporate wireless network security Flexible assigning of user roles Visualisation of network operation

Why was the RFMS platform selected?

10

Wireless Intrusion Protection System (WIPS)

Besides the fundamental IDS function, it also serves as an IPS (Intrusion Protection System) which enables disconnection of the attacker’s device from the wired or wireless part of the WLAN network to cut off the attackers communication.

Common hardware platform for WIPS and WLAN Forensic analysis Note: When combined with the RFMS platform it enables

the visualisation of the location and movement of mobile devices

Why was the Motorola AirDefense Enterprise platform selected?

11

One of the first fortifying WLAN solutions based on the Wireless Intrusion Protection System (WIPS) in

combination with the RF Management Suite (RFMS) is successfully implemented.

Thank you for your attention.Diane JohnsonMotorola AirDefenseEmail: diane.johnson@motorola.com

Ladislav Slíva T-Systems Czech RepublicEmail: ladislav.sliva@t-systems.cz