1 / 33

Cisco Wireless A to B (ACCESS to BYOD) Part 2 of 3 Mobility Services Engine ( wIPS , Context)

Cisco Wireless A to B (ACCESS to BYOD) Part 2 of 3 Mobility Services Engine ( wIPS , Context). Peter Avino Instructor/Engineer Ingram Micro Solution Center/Experience Center Peter.avino@ingrammicro.com Video – 3910@imciscoexp.com.

hana
Download Presentation

Cisco Wireless A to B (ACCESS to BYOD) Part 2 of 3 Mobility Services Engine ( wIPS , Context)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cisco Wireless A to B(ACCESS to BYOD)Part 2 of 3Mobility Services Engine(wIPS, Context) Peter Avino Instructor/Engineer Ingram Micro Solution Center/Experience Center Peter.avino@ingrammicro.com Video – 3910@imciscoexp.com

  2. AGENDA:Wireless Intrusion PreventionContext Aware MobilityMobility Service EngineLive DemoProsperity and Joy

  3. Wireless Intrusion Prevention Open Air No physical barriers to intrusion Open Protocols Well-documented and understood The most common attacks against WLAN networks are targeted at management frames Open Spectrum Easy access to inexpensive technologyMore Devices Regulatory and Business Requirements Sarbanes-Oxley HIPAA PCI

  4. Using wIPS to Enhance SecurityMonitoring the Airwaves to Find Threats Find Rogue Access Points Rogue access points can be used to hijack information from your corporate network from outside your physical building Detect Wireless Attackers Wireless attacks take many forms that are notdetected by traditional network security These attacks can be both detected and mitigated using wireless IPS Stay on Top of New Threats Leverage both signature-based network analysis, and anomaly-based methods for detection Maintain protection with on-going threat detection updates

  5. Using wIPS to Improve ComplianceIntegrated Into System-Level Security View Efficiently Audit Your Security Gather the information you need about your environment from a single source to demonstrate compliance to auditors Use Integrated Compliance Tools Let your infrastructure and wIPS solution help to guide you with ways to better secure your network and maintain security compliance, even when configurations change Know the Extent of Attacks Use full event forensics to determine the exact flow of information across your network when an attack occurs in order to determine that no other systems have been breached

  6. Using wIPS to Streamline Threat ManagementSimple and Secure Configure and Monitor from a Single Source Leverage an integrated management system to unify WLAN and wIPS policy and event monitoring workflows Utilize Embedded wIPS Policy Profiles Use configuration profiles to establish a baseline wIPS configuration in order to effectively tune your monitoring system Know Who Did What (History/Forensics) Use a flexible notification system to easily notify staff when security events have occurred Leverage consolidated event records with complete audit trail

  7. What is so special about the CleanAir AP? Detect and Classify • Uniquely identify and track multiple interferers • Assess unique impact to Wi-Fi performance • Monitor AirQuality 63 100 20 90 35 97 High-resolution interference detection and classification logic built-in to Cisco’s 802.11n Wi-Fi chip design. Inline operation with no CPU or performance impact. Cisco CleanAir

  8. Clean Air Overview Matrix * Future support * Future support

  9. AP ModeMonitor vs. Local Monitor-mode access point for wIPS spends all of its cycles scanning channels looking for rogues and over-the-air attacks. A monitor-mode access point can simultaneously be used for location (context-aware) services and other monitor-mode services A local-mode access point splits its cycles between serving WLAN clients and scanning channels for threats. As a result, detection times are longer (3 to 60 minutes) and a smaller range of over-the-air attacks can be detected

  10. DEMO!!!

  11. ??? QUESTIONS ???

  12. Identity Right Device Time Right Business Application Right Team Location Right Network Temperature Availability Right Place Humidity Right Time Contextual Information of Mobile Assets End User Experience Context Aware Mobility Context Aware Mobility Ability to Dynamically Capture and Use Contextual Information of Mobile Assets to Optimize, Change or Create Communications Flow and Business Processes

  13. Challenges of Today’s Solutions In close proximity Passive RFID Campus Wi-Fi (TDoA, Chokepoint) Nationwide Cellular, GPS Building Wi-Fi (RSSI, Chokepoint) Different Devices, Networks and Applications to Manage for Each Workspace Involved in the Business Process

  14. Keeping Track of Your Assets in MOTION What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? ConditionTracking Asset Tracking Presence Network Location Services Zone/Inventory Management Answer Questions Critical to Your Business in Real Time

  15. Zone/Inventory Management Applications What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? Defining Zones and Tracking Mobile Assets Entering and Exiting • Inventory management of medical equipment • Alerts when equipment leaving building • Nurses and Physician schedule • Emergency Room minimum attendance Healthcare • Final goods inventory • Emergency evacuation Manufacturing • Classroom attendance • Emergency evacuation Education • Location aware promotions Retail

  16. Asset Tracking Applications What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? Locating a Mobile Asset Anywhere in the Campus • Locating medical equipment such as infusion pump, wheelchairs… • Automated update of location information into bed management or medication administration Healthcare • Tracking pallets on the factory floor • Locating working in process (WIP) parts for assembly Manufacturing • Locating students when walking on campus Education • Tracking pallets in the warehouse • Locate sales associate • Information on demand Retail

  17. Condition Tracking Applications What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? Measuring Temperature, Pressure, Humidity, Motion… • Initiate a request to sterilize medical equipment • Monitor storage conditions for equipment or medication • Provide patient comfort in a responsive manner Healthcare • Monitor environmental conditions for chemical processes • Employees’ safety • Detect asset in motion Manufacturing • Ensure that perishable goods are kept in the right condition or alert Retail

  18. Presence Applications What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? Using Location Information to Automate Presence Status in Unified Communications Applications • Automatically update status of medical staff to know if (ER, surgery, off time…) and how to reach them (call, IM, email…) Healthcare • Most efficient way to collaborate (e.g. in a meeting, at his/her desk…) Office • Social networking (at the gym, in the library…) Consumer

  19. Network Location Services Applications What Is His/Her Status? Where in My Network Is It? What Is Its Condition? Is It Here? Where Is It? Automatically Optimizing Your Wireless Resources Where It Is the Most Needed • Immediately locate rogue wireless devices • Accurately identify interference zones and dead spots • Associate network access with physical location • Track location history

  20. TDoA TDoA TDoA How TDoA works Derived D1 Received at T1 • Time Difference of Arrival • Used with any CCX tags (not client) • Wi-Fi TDoA receivers are synchronized • Distances between the tag and APs is calculated based on the time difference of arrival • Requires Line of Sight • Recommended for high ceilings, outdoors and outdoor like environments (e.g. warehouses, parking lots) Wi-Fi TDoA Receiver #1 Derived D2 Received at T2 D1 Wi-Fi TDoA Receiver #2 D2 Sent at T0 D3 Derived D3 Wi-Fi TDoA Receiver #3 Received at T3

  21. How RSSI works Derived D1 Measured Strength S1 • Received Signal Strength Indicated • Used with Tags and Clients • Receivers are the access points • Distances between the tag and APs is calculated based on the received signal strength • Requires medium to short read range for better accuracy • Recommended for indoors Wi-Fi Access Point #1 Derived D2 Measured Strength S2 D1 Wi-Fi Access Point #2 D2 D3 Derived D3 Wi-Fi Access Point #3 Measured Strength S3

  22. How Chokepoint works • Hybrid tags with 125 kHz passive and Wi-Fi active sides • Tags and chokepoints have to be from the same vendor (Aeroscout or WhereNet) • When the tag is in close proximity of the chokepoint, its passive side gets excited and captures the information (location and sensoring) then the active side sends the information over Wi-Fi • The tag beaconing frequency can be reconfigured by the chokepoint • Indoor or Outdoor Wi-Fi Access Point Chokepoint 125 kHz Wi-Fi Passive Active

  23. DEMO!!!

  24. ??? QUESTIONS ???

  25. Mobility Services EngineAn open platform that gets data real time from the wireless LAN to track and act upon mobile resources

  26. Mobility Services EngineAn open platform that gets data real time from the wireless LAN to track and act upon mobile resources Two Flavors:Hardware Apliance vs. Virtual Machine(3355) .

  27. Mobility Services EngineContext Aware MobilitywIPSContext Aware Mobility + wIPSCapacity

  28. Cisco 3355 Mobility Services Engine Cisco Context-Aware Software to track up to 18000 devices Cisco Adaptive Wireless Intrusion Prevention System software to support up to 3000 monitor mode or enhanced local mode (ELM) access points (2) Quad-Core Intel Nehalem Processor 2.0 GHz, 4-MB cache, 16-GB DDR3 (2 x 8 GB), Four hot-swappable 146-GB SAS drives with up to 6-Gbps transfer rate

  29. High-End Virtual Appliance 50,000 Context-Aware License 10,000 aWIPS License Minimum RAM: 20GB Minimum Hard disk space allocation: 500GB Disk System Throughput: Minimum of 1600 IOPS with a bandwidth of 6000 Kbytes/sec Physical cores: 16 at 2.13GHz or better (2x Intel Xeon E7-L8867)

  30. Standard Virtual Appliance 18,000 Context-Aware License 5,000 aWIPS License Minimum RAM: 11GB Minimum Hard disk space allocation: 500GB Disk System Throughput: Minimum of 1000 IOPS with a bandwidth of 3500 Kbytes/sec Physical cores: 8 at 2.93GHz or better (2x Intel Xeon X5570)

  31. Low End Virtual Appliance 2,000 Context-Aware License 2,000 aWIPS License Minimum RAM: 6GB Minimum Hard disk space allocation: 500GB Disk System Throughput: Minimum of 900 IOPS with a bandwidth of 3000 Kbytes/sec Physical cores: 2 at 2.93GHz or better (2x Intel Xeon X5570)

  32. ??? QUESTIONS ???

More Related