wireless security defense t-bone & tonic: aly boghani joan oliver mike patrick amol potdar
DESCRIPTION
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR. May 30, 2009. Problem Overview. Corporate governance for wireless, wired access, and intranet security used to be governed separately, however, it can no longer be so for the following two reasons:. - PowerPoint PPT PresentationTRANSCRIPT
WIRELESS SECURITYDEFENSE
T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR
May 30, 200905/30/2009
T-Bone & Tonic
Problem Overview
Corporate governance for wireless, wired access, and intranet security used to be governed separately, however, it can no longer be so for the following two reasons:
05/30/2009
1. Security threats need to be addressed on an enterprise wide-level
2. Mobility is a critical component of IT infrastructure access today
2
T-Bone & Tonic
Increase in Corporate Mobility
05/30/2009F
Figure 1 Figure 2
3
T-Bone & Tonic
Proposed Solution
• Cisco Wireless and Network Security Integration – Provides the architectural, design, and
implementation framework in deploying the Cisco Unified Network
– Enables an enterprise to deploy and enforce a common network security policy
– Consistent end-to-end policy enforcement as well as a highly effective threat detection and mitigation capability
– WLAN/LAN integrated and layered security protocol solution
05/30/2009
4
T-Bone & Tonic
Integration Points
05/30/2009
5
T-Bone & Tonic
Why use a Layered Approach?• 802.1x is the IEEE standard that provides the
layered approach• Initiate protection at layer 2 switches and layer 3
routers• Secure authentication of Wireless Access Points
with solid protocols such as WPA2-ENT with EAP-TLS
• Use a secure server to authenticate authorized users with Access Control Servers (Cisco, RADIUS)
• Educate users and administrators on properly securing the network
05/30/2009
6
T-Bone & Tonic
Why Cisco?
• Cisco is unique in occupying 3 industry spaces:– Core Wired Networking products– Wireless Communications– Network Security
05/30/2009
7
T-Bone & Tonic
The Cisco Unified Network
Cisco Unified Network is the marriage of the following 3 Cisco components:
• Cisco Secure Wireless Architecture• Cisco Campus Architecture• Cisco Branch Architecture
05/30/2009
8
T-Bone & Tonic
Cisco Secure Wireless Architecture
05/30/2009
9
T-Bone & Tonic
Cisco Secure Wireless Architecture• Cisco Unified Wireless Network• Cisco Security Agent (CSA)• Cisco Network Admission Control (NAC)
Appliance• Cisco Firewall• Cisco IPS• CS-MARS
05/30/2009
10
T-Bone & Tonic
CS-MARS
• Cisco Security Monitoring, Analysis, and Reporting• Hardened Linux server that monitors the network using
SNMP, SSH, Telnet, Layer 2 & 3 switches and routers• Gathers 15,000 events per second• Cisco ContextCorrelation – Cisco defined rules that
monitor for events• Provides visualizations of network topology and “hot-
spots”• Presents administrators with timely per-device
commands so that threats can be contained quickly• Identifies “chokepoint” devices that can be used to
isolate threats
05/30/2009
11
T-Bone & Tonic
CS-MARS Visualization
05/30/2009
12
T-Bone & Tonic
NAC – Network Access Control• 4 Main Capabilities
– Securely Identify Devices and Users– Enforce Consistent Policy– Quarantine and Remediate– Configure and Manage
• Access is controlled from all entry points to the network – LAN, WLAN, VPN, Internet, Guest
• Can be used to tier access levels• Be careful with quarantine policies, isolate as much
as possible• Uses Cisco Trust Agent and Cisco Security Agent to
verify “security posture”05/30/2009
13
T-Bone & Tonic
NAC - Overview
05/30/2009
14
T-Bone & Tonic
CTA & CSA
• Cisco Trust Agent Components– Network clients– Network Access Devices– ACS – Secure Access Control Server
• Provides Posture Token – Healthy, Infected, Unknown, etc.
– Posture Validation Servers – Third Party – Optional
• Cisco Security Agent– Installed on Network Clients– Limits network access until user and device is
validated– Provides access to remediation areas only
05/30/2009
15
T-Bone & Tonic
CSA – End User View
05/30/2009
16
T-Bone & Tonic
Cisco Campus Architecture
• Provision proper network access to:– Data Centers– Servers– User Devices
• Provide the necessary internal routing and switching capabilities
05/30/2009
17
T-Bone & Tonic
Campus - Illustrated
05/30/2009
18
T-Bone & Tonic
Cisco Branch Architecture
• Branch Architecture ties together the different infrastructure, application and computing resources across various organizational divisions and hierarchies.
05/30/2009
19
T-Bone & Tonic
Branch - Illustrated
05/30/2009
20