Wireless networking on the st clair county isd network
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Wireless Networking On the St. Clair County ISD Network PowerPoint PPT Presentation


  • 62 Views
  • Uploaded on
  • Presentation posted in: General

Wireless Networking On the St. Clair County ISD Network. Dennis Buckmaster Network Engineer, St. Clair County ISD. Why Consider Implementation?. Expanded opportunities for technology use within the Schools Potential Cost Savings Catalyst for Other Technologies

Download Presentation

Wireless Networking On the St. Clair County ISD Network

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Wireless networking on the st clair county isd network

Wireless Networking On the St. Clair County ISD Network

Dennis Buckmaster

Network Engineer,

St. Clair County ISD


Why consider implementation

Why Consider Implementation?

  • Expanded opportunities for technology use within the Schools

  • Potential Cost Savings

  • Catalyst for Other Technologies

  • Demand from end users! (if it is not there now it will be shortly)

  • Goal is to Plan for what the users need in a secure way before the users start to add the technology in an insecure way without our knowledge.

http://www.vocera.com/products/vocera-new-graphics2.wmv


Why be concerned

Why Be Concerned?

  • Wireless Coverage Range

    • Physical security is no longer a sufficient

    • Wiretapping (WarDriving, WarChalking, and WarPlugging)

    • Internet Leach

    • Traditional Security Issues Expanded due to ease of access

    • Additional Wireless issues to consider


Wiretapping issues

Wiretapping Issues

  • Wiretapping

    • Free tools such as NetStumbler, Kismet and even Pocket Warrior

    • Access to Clear text network traffic including potentially confidential information

    • Vendors will claim this is addressed with SSID, MAC authentication tables, and WEP. Is it?


Netstumbler

Netstumbler


Kismet

Kismet


Traditional security issues magnified

Traditional SecurityIssues Magnified

  • Gaining access is one of the first tasks in any “Hacking” attempt

  • Tracking Origination is the first step in Prosecution

  • How do you determine where a wireless Attack originates from

  • Wireless Networks should be treated as an insecure environment just as the Public Internet and Dial Up RAS connections are


Additional wireless issues

Additional Wireless Issues

  • Site Survey

    • Dead Spots

    • Coverage

    • Signal Leak

    • Rouge Access Points!!

  • Interference

    • Mostly Unintentional

      • Blue Tooth

      • Cordless Phones

    • Intentional


Technologies to consider

Technologies to Consider

  • 802.11

  • 802.11b = 11mb 2.4 ghz

  • 802.11a = 54 mb 5 – 6 ghz

  • 802.11g = 54 mb 2.4 ghz

  • 802.11x = port level access control

  • 802.11i / WPA

  • 802.16 = WIMAX - Wireless Broadband

    • WIMAX is not yet Ratified


Wireless network access

Wireless NetworkAccess

  • What network access is needed?

    • Internet

    • Internal Networks

  • Who needs access?

    • Staff

    • Students

    • Public

  • What type of data will be accessed?

  • When Is Access Needed?

  • What equipment is available?

  • What Budget is available?


Steps to secure wireless basic settings

Steps to Secure Wireless (Basic Settings)

  • Do not Broadcast SSID (This may exclude some cheaper Access Points

  • Change the default settings

    • SSID

    • Address Ranges

    • Passwords

  • Choose SSID that does not easily associate to the entity owning the access point


Steps to secure wireless encryption

Steps to Secure Wireless (Encryption)

  • Enable Wireless Encryption Protocol

  • Some vendors offer advanced Protocols such as Cisco’s LEAP but this usually requires a single vendor solution

  • Provides reasonable security for low riskdata such as public internet traffic

  • Does not provide adequate security for critical systems (AIRSNORT)

  • WPA and 802.1x Can be used if supported


Steps to secure wireless addresses

Steps to Secure Wireless (Addresses)

  • MAC address filters

    • Difficult to manage, Not Scaleable

    • MAC Can easily be Spoofed

  • IP Address

    • Not using DHCP assigned addressescan be one more barrier

    • Do Not use default Addresses for access points


Steps to secure wireless firewall

Steps to Secure Wireless (Firewall)

  • Provide only limited (VPN Encrypted) connections to Internal network.

  • Treat Wireless machines as if they are public internet machines. (Use Host based Firewall Software for machines that are usually on)

  • Disable ALL unneeded services on Wireless Machines and regularly apply security patches

  • Use rules that require authentication to validate Network Access

  • Limit Bandwidth and usage times when possible


Network diagram

Network Diagram

http://www.vocera.com/products/vocera-new-graphics2.wmv


Wireless building diagram

Wireless Building Diagram


  • Login