1 / 24

Security and Wireless Together at Last

Security and Wireless Together at Last. Three Things Often Missing from Your Wireless Robert Neuroth, Regional Director - West, Wireless Solutions. Agenda. Top 3 Problems with Secure Wireless Access Problem #1 – Disparate Network Access and Security Platforms

giacomo-allen
Download Presentation

Security and Wireless Together at Last

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and Wireless Together at Last Three Things Often Missing from Your Wireless Robert Neuroth, Regional Director - West, Wireless Solutions

  2. Agenda • Top 3 Problems with Secure Wireless Access • Problem #1 – Disparate Network Access and Security Platforms • Problem #2 – Security Challenges • Problem #3 – Wireless Performance • The Fortinet Approach • Q&A

  3. Problem #1 – Disparate Network Access and Security Platforms

  4. Problem: Multiple Appliances, Management Systems and Policies Multiple Management Systems VPN Intrusion Prevention Application Control Web Filtering WLAN APs WAN Optimization Wi-Fi Controller Antispam Switch Antivirus Firewall

  5. Solution: Unified Access Layer Single Management System Unified Access Layer Gateway with Integrated Wi-Fi Controller WLAN APs Switch Lower cost of acquisition Lower cost of ownership Improves security provisioning

  6. Solution: Unified Security Policy • Integrated Wireless LAN management with security gateway • Authentication and Security policy consistent across Wired, Wireless and Remote Access • User Identification • Access Control • Content Inspection • Attack Mitigation DIGITAL ASSET

  7. Problem #2 – Security Challenges

  8. BYOD • Securing BYOD environment • Enforce appropriate policy based on device • Increase network visibility • Add control beyond traditional Windows AD environment • Organizations must be able to embrace BYOD Securely • Device Identification • Device & OS Fingerprinting • Device Classification & Management • ContextualDevice Information Device Group List

  9. Secure Guest Access to the Wireless LAN • Temporary user Provisioning & Access • Allow non-IT staff to create Guest account via web portal • Assign time quota • Generate temporary password • Distribute guest credentials: • Print • Email • SMS • Batch guest users creation

  10. Problem: Wireless LAN Introduces Compliance Challenges • PCI Compliance • Even if Wireless LAN is not used in the Cardholder Data Environment • HIPPA Compliance • CIPA Compliance

  11. Solution: Rogue AP Suppression and WIDS • Rogue AP Suppression • Full-time or background scanning • On-wire correlation • Automatic suppression • Wireless Intrusion Detection System • WiFi protocol & RF level attack detection • Must be built-in to wireless controller • Separate WIDS appliances mean another interface to manage! • Data Leakage Prevention • URL Filtering • Reporting is Critical

  12. Problem #3 – Wireless Performance

  13. Problem: Inability to Prioritize Business Applications Priority App Non-Priority App Non-Priority App • Shared Bandwidth • Clients and applications on wireless networks compete with each other • WME/WMM • 802.11e, Wireless Multimedia Extensions (WME or WMM) doesn't solve this problem, as Business applications like Remote Desktop, VNC, Webex, etc. are not be prioritized differently WebEx YouTube Client #1 Client #2

  14. Solution: Layer 7 Application Control Priority App Non-Priority App Non-Priority App • Layer 7 Inspection • Ensures bandwidth is guaranteed for business critical applications • Application Control Sensors • Thousands of signatures • Dozens of categories • Advanced IM & P2P control • Application Control Traffic Shaping • SSL Content Inspection Webex Youtube Priority App High Priority App Client #1 Client #2

  15. Problem: High Density Environments • Wireless LANs are becoming extremely dense with clients: • Device proliferation • Mobile workforce • Wireless only offices • Multiple devices per user common (laptop, tablet, smart phone, etc.)

  16. Solution: High Density Radio Control Features • Frequency Handoff – Moves client to less-loaded band/radio • AP Handoff – Moves client to less-loaded AP 1 2 1 2

  17. Problem: Interference from other APs and Sources of RF • Legitimate APs • APs in neighboring building • Microwave Ovens • Cordless Phones • etc. CH 1 CH 6 CH 11

  18. Solution: Automatic Radio Resource Provisioning • Channel Assignment • Automatically assigns non-overlapping channels • Reduces chatter between APs • Auto TX Power • Changes radio transmission power settings automatically CH 1 CH 6 CH 11

  19. The Fortinet Approach

  20. The Fortinet Difference

  21. Corporate Wi-Fi Fortinet Secure WLAN Approach No additional licenses needed Captive Portal, 802.1x—Radius /shared key Assign users and devices to their role Examine wireless traffic to remove threats Identify applications and destinations Apply policy to users and applications Ensure business traffic has priority Report on policy violations, application usage, destinations and PCI DSS

  22. Sample of Fortinet’s Wireless Customers Distributed Enterprise / Distributed Retail Large Enterprise Education Services / Financial / Healthcare / Gov Outdoor / Mesh

  23. Top 3 Problems with Secure Wireless Access • Problem #1 – Disparate Network Access and Security Platforms • A Unified Access Layer is essential • Unified appliances, unified management, unified policy • Problem #2 – Security Challenges • Secure BYOD requires policy based on device, with deep visibility • Guest Access must be built-in to your Secure Wireless solution • Compliance is simple when control and reporting is integrated • Problem #3 – Wireless Performance • Application control at Layer 7 is critical, WME/WMM is not enough • Automatic Radio Resource Provisioning, no manual radio configuration required

  24. Q & A

More Related