Security and wireless together at last
Download
1 / 24

Security and Wireless Together at Last - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

Security and Wireless Together at Last. Three Things Often Missing from Your Wireless Robert Neuroth, Regional Director - West, Wireless Solutions. Agenda. Top 3 Problems with Secure Wireless Access Problem #1 – Disparate Network Access and Security Platforms

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Security and Wireless Together at Last' - giacomo-allen


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Security and wireless together at last

Security and Wireless Together at Last

Three Things Often Missing from Your Wireless

Robert Neuroth,

Regional Director - West, Wireless Solutions


Agenda
Agenda

  • Top 3 Problems with Secure Wireless Access

    • Problem #1 – Disparate Network Access and Security Platforms

    • Problem #2 – Security Challenges

    • Problem #3 – Wireless Performance

  • The Fortinet Approach

  • Q&A



Problem multiple appliances management systems and policies
Problem: Multiple Appliances, Management Systems and Policies

Multiple Management Systems

VPN

Intrusion Prevention

Application Control

Web Filtering

WLAN APs

WAN Optimization

Wi-Fi Controller

Antispam

Switch

Antivirus

Firewall


Solution unified access layer
Solution: Unified Access Layer Policies

Single Management System

Unified Access Layer

Gateway with Integrated

Wi-Fi Controller

WLAN APs

Switch

Lower cost of acquisition

Lower cost of ownership

Improves security provisioning


Solution unified security policy
Solution: Unified Security Policy Policies

  • Integrated Wireless LAN management with security gateway

  • Authentication and Security policy consistent across Wired, Wireless and Remote Access

  • User Identification

  • Access Control

  • Content Inspection

  • Attack Mitigation

DIGITAL ASSET



BYOD Policies

  • Securing BYOD environment

    • Enforce appropriate policy based on device

    • Increase network visibility

    • Add control beyond traditional Windows AD environment

  • Organizations must be able to embrace BYOD Securely

  • Device Identification

    • Device & OS Fingerprinting

    • Device Classification & Management

    • ContextualDevice Information

Device Group List


Secure guest access to the wireless lan
Secure Guest Access to the Wireless LAN Policies

  • Temporary user Provisioning & Access

    • Allow non-IT staff to create Guest account via web portal

    • Assign time quota

    • Generate temporary password

    • Distribute guest credentials:

      • Print

      • Email

      • SMS

    • Batch guest users creation


Problem wireless lan introduces compliance challenges
Problem: Wireless LAN Introduces Compliance Challenges Policies

  • PCI Compliance

    • Even if Wireless LAN is not used in the Cardholder Data Environment

  • HIPPA Compliance

  • CIPA Compliance


Solution rogue ap suppression and wids
Solution: Rogue AP Suppression and WIDS Policies

  • Rogue AP Suppression

    • Full-time or background scanning

    • On-wire correlation

    • Automatic suppression

  • Wireless Intrusion Detection System

    • WiFi protocol & RF level attack detection

    • Must be built-in to wireless controller

      • Separate WIDS appliances mean another interface to manage!

  • Data Leakage Prevention

  • URL Filtering

  • Reporting is Critical



Problem inability to prioritize business applications
Problem: Inability to Prioritize Business Applications Policies

Priority App

Non-Priority App

Non-Priority App

  • Shared Bandwidth

    • Clients and applications on wireless networks compete with each other

  • WME/WMM

    • 802.11e, Wireless Multimedia Extensions (WME or WMM) doesn't solve this problem, as Business applications like Remote Desktop, VNC, Webex, etc. are not be prioritized differently

WebEx

YouTube

Client #1

Client #2


Solution layer 7 application control
Solution: Layer 7 Application Control Policies

Priority App

Non-Priority App

Non-Priority App

  • Layer 7 Inspection

    • Ensures bandwidth is guaranteed for business critical applications

  • Application Control Sensors

    • Thousands of signatures

    • Dozens of categories

    • Advanced IM & P2P control

    • Application Control Traffic Shaping

    • SSL Content Inspection

Webex

Youtube

Priority App

High Priority App

Client #1

Client #2


Problem high density environments
Problem: High Density Environments Policies

  • Wireless LANs are becoming extremely dense with clients:

    • Device proliferation

    • Mobile workforce

    • Wireless only offices

    • Multiple devices per user common (laptop, tablet, smart phone, etc.)


  • Frequency Handoff – Moves client to less-loaded band/radio

  • AP Handoff – Moves client to less-loaded AP

1

2

1

2


Problem interference from other aps and sources of rf
Problem: Interference from other APs and Sources of RF Policies

  • Legitimate APs

  • APs in neighboring building

  • Microwave Ovens

  • Cordless Phones

  • etc.

CH 1

CH 6

CH 11


Solution automatic radio resource provisioning
Solution: Automatic Radio Resource Provisioning Policies

  • Channel Assignment

    • Automatically assigns non-overlapping channels

    • Reduces chatter between APs

  • Auto TX Power

    • Changes radio transmission power settings automatically

CH 1

CH 6

CH 11




Fortinet secure wlan approach

Corporate PoliciesWi-Fi

Fortinet Secure WLAN Approach

No additional licenses needed

Captive Portal, 802.1x—Radius /shared key

Assign users and devices to their role

Examine wireless traffic to remove threats

Identify applications and destinations

Apply policy to users and applications

Ensure business traffic has priority

Report on policy violations, application usage, destinations and PCI DSS


Sample of fortinet s wireless customers
Sample of Fortinet’s Wireless Customers Policies

Distributed Enterprise / Distributed Retail

Large Enterprise

Education

Services / Financial / Healthcare / Gov

Outdoor / Mesh


Top 3 problems with secure wireless access
Top 3 Problems with Secure Wireless Access Policies

  • Problem #1 – Disparate Network Access and Security Platforms

    • A Unified Access Layer is essential

    • Unified appliances, unified management, unified policy

  • Problem #2 – Security Challenges

    • Secure BYOD requires policy based on device, with deep visibility

    • Guest Access must be built-in to your Secure Wireless solution

    • Compliance is simple when control and reporting is integrated

  • Problem #3 – Wireless Performance

    • Application control at Layer 7 is critical, WME/WMM is not enough

    • Automatic Radio Resource Provisioning, no manual radio configuration required


Q & A Policies


ad