Security and wireless together at last
1 / 24

Security and Wireless Together at Last - PowerPoint PPT Presentation

  • Uploaded on

Security and Wireless Together at Last. Three Things Often Missing from Your Wireless Robert Neuroth, Regional Director - West, Wireless Solutions. Agenda. Top 3 Problems with Secure Wireless Access Problem #1 – Disparate Network Access and Security Platforms

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Security and Wireless Together at Last' - giacomo-allen

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Security and wireless together at last

Security and Wireless Together at Last

Three Things Often Missing from Your Wireless

Robert Neuroth,

Regional Director - West, Wireless Solutions


  • Top 3 Problems with Secure Wireless Access

    • Problem #1 – Disparate Network Access and Security Platforms

    • Problem #2 – Security Challenges

    • Problem #3 – Wireless Performance

  • The Fortinet Approach

  • Q&A

Problem multiple appliances management systems and policies
Problem: Multiple Appliances, Management Systems and Policies

Multiple Management Systems


Intrusion Prevention

Application Control

Web Filtering


WAN Optimization

Wi-Fi Controller





Solution unified access layer
Solution: Unified Access Layer Policies

Single Management System

Unified Access Layer

Gateway with Integrated

Wi-Fi Controller



Lower cost of acquisition

Lower cost of ownership

Improves security provisioning

Solution unified security policy
Solution: Unified Security Policy Policies

  • Integrated Wireless LAN management with security gateway

  • Authentication and Security policy consistent across Wired, Wireless and Remote Access

  • User Identification

  • Access Control

  • Content Inspection

  • Attack Mitigation


BYOD Policies

  • Securing BYOD environment

    • Enforce appropriate policy based on device

    • Increase network visibility

    • Add control beyond traditional Windows AD environment

  • Organizations must be able to embrace BYOD Securely

  • Device Identification

    • Device & OS Fingerprinting

    • Device Classification & Management

    • ContextualDevice Information

Device Group List

Secure guest access to the wireless lan
Secure Guest Access to the Wireless LAN Policies

  • Temporary user Provisioning & Access

    • Allow non-IT staff to create Guest account via web portal

    • Assign time quota

    • Generate temporary password

    • Distribute guest credentials:

      • Print

      • Email

      • SMS

    • Batch guest users creation

Problem wireless lan introduces compliance challenges
Problem: Wireless LAN Introduces Compliance Challenges Policies

  • PCI Compliance

    • Even if Wireless LAN is not used in the Cardholder Data Environment

  • HIPPA Compliance

  • CIPA Compliance

Solution rogue ap suppression and wids
Solution: Rogue AP Suppression and WIDS Policies

  • Rogue AP Suppression

    • Full-time or background scanning

    • On-wire correlation

    • Automatic suppression

  • Wireless Intrusion Detection System

    • WiFi protocol & RF level attack detection

    • Must be built-in to wireless controller

      • Separate WIDS appliances mean another interface to manage!

  • Data Leakage Prevention

  • URL Filtering

  • Reporting is Critical

Problem inability to prioritize business applications
Problem: Inability to Prioritize Business Applications Policies

Priority App

Non-Priority App

Non-Priority App

  • Shared Bandwidth

    • Clients and applications on wireless networks compete with each other


    • 802.11e, Wireless Multimedia Extensions (WME or WMM) doesn't solve this problem, as Business applications like Remote Desktop, VNC, Webex, etc. are not be prioritized differently



Client #1

Client #2

Solution layer 7 application control
Solution: Layer 7 Application Control Policies

Priority App

Non-Priority App

Non-Priority App

  • Layer 7 Inspection

    • Ensures bandwidth is guaranteed for business critical applications

  • Application Control Sensors

    • Thousands of signatures

    • Dozens of categories

    • Advanced IM & P2P control

    • Application Control Traffic Shaping

    • SSL Content Inspection



Priority App

High Priority App

Client #1

Client #2

Problem high density environments
Problem: High Density Environments Policies

  • Wireless LANs are becoming extremely dense with clients:

    • Device proliferation

    • Mobile workforce

    • Wireless only offices

    • Multiple devices per user common (laptop, tablet, smart phone, etc.)

  • Frequency Handoff – Moves client to less-loaded band/radio

  • AP Handoff – Moves client to less-loaded AP





Problem interference from other aps and sources of rf
Problem: Interference from other APs and Sources of RF Policies

  • Legitimate APs

  • APs in neighboring building

  • Microwave Ovens

  • Cordless Phones

  • etc.

CH 1

CH 6

CH 11

Solution automatic radio resource provisioning
Solution: Automatic Radio Resource Provisioning Policies

  • Channel Assignment

    • Automatically assigns non-overlapping channels

    • Reduces chatter between APs

  • Auto TX Power

    • Changes radio transmission power settings automatically

CH 1

CH 6

CH 11

Fortinet secure wlan approach

Corporate PoliciesWi-Fi

Fortinet Secure WLAN Approach

No additional licenses needed

Captive Portal, 802.1x—Radius /shared key

Assign users and devices to their role

Examine wireless traffic to remove threats

Identify applications and destinations

Apply policy to users and applications

Ensure business traffic has priority

Report on policy violations, application usage, destinations and PCI DSS

Sample of fortinet s wireless customers
Sample of Fortinet’s Wireless Customers Policies

Distributed Enterprise / Distributed Retail

Large Enterprise


Services / Financial / Healthcare / Gov

Outdoor / Mesh

Top 3 problems with secure wireless access
Top 3 Problems with Secure Wireless Access Policies

  • Problem #1 – Disparate Network Access and Security Platforms

    • A Unified Access Layer is essential

    • Unified appliances, unified management, unified policy

  • Problem #2 – Security Challenges

    • Secure BYOD requires policy based on device, with deep visibility

    • Guest Access must be built-in to your Secure Wireless solution

    • Compliance is simple when control and reporting is integrated

  • Problem #3 – Wireless Performance

    • Application control at Layer 7 is critical, WME/WMM is not enough

    • Automatic Radio Resource Provisioning, no manual radio configuration required

Q & A Policies