Wireless networking on the st clair county isd network
Download
1 / 16

Wireless Networking On the St. Clair County ISD Network - PowerPoint PPT Presentation


  • 89 Views
  • Uploaded on

Wireless Networking On the St. Clair County ISD Network. Dennis Buckmaster Network Engineer, St. Clair County ISD. Why Consider Implementation?. Expanded opportunities for technology use within the Schools Potential Cost Savings Catalyst for Other Technologies

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless Networking On the St. Clair County ISD Network' - uriel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Wireless networking on the st clair county isd network

Wireless Networking On the St. Clair County ISD Network

Dennis Buckmaster

Network Engineer,

St. Clair County ISD


Why consider implementation
Why Consider Implementation?

  • Expanded opportunities for technology use within the Schools

  • Potential Cost Savings

  • Catalyst for Other Technologies

  • Demand from end users! (if it is not there now it will be shortly)

  • Goal is to Plan for what the users need in a secure way before the users start to add the technology in an insecure way without our knowledge.

http://www.vocera.com/products/vocera-new-graphics2.wmv


Why be concerned
Why Be Concerned?

  • Wireless Coverage Range

    • Physical security is no longer a sufficient

    • Wiretapping (WarDriving, WarChalking, and WarPlugging)

    • Internet Leach

    • Traditional Security Issues Expanded due to ease of access

    • Additional Wireless issues to consider


Wiretapping issues
Wiretapping Issues

  • Wiretapping

    • Free tools such as NetStumbler, Kismet and even Pocket Warrior

    • Access to Clear text network traffic including potentially confidential information

    • Vendors will claim this is addressed with SSID, MAC authentication tables, and WEP. Is it?




Traditional security issues magnified
Traditional SecurityIssues Magnified

  • Gaining access is one of the first tasks in any “Hacking” attempt

  • Tracking Origination is the first step in Prosecution

  • How do you determine where a wireless Attack originates from

  • Wireless Networks should be treated as an insecure environment just as the Public Internet and Dial Up RAS connections are


Additional wireless issues
Additional Wireless Issues

  • Site Survey

    • Dead Spots

    • Coverage

    • Signal Leak

    • Rouge Access Points!!

  • Interference

    • Mostly Unintentional

      • Blue Tooth

      • Cordless Phones

    • Intentional


Technologies to consider
Technologies to Consider

  • 802.11

  • 802.11b = 11mb 2.4 ghz

  • 802.11a = 54 mb 5 – 6 ghz

  • 802.11g = 54 mb 2.4 ghz

  • 802.11x = port level access control

  • 802.11i / WPA

  • 802.16 = WIMAX - Wireless Broadband

    • WIMAX is not yet Ratified


Wireless network access
Wireless NetworkAccess

  • What network access is needed?

    • Internet

    • Internal Networks

  • Who needs access?

    • Staff

    • Students

    • Public

  • What type of data will be accessed?

  • When Is Access Needed?

  • What equipment is available?

  • What Budget is available?


Steps to secure wireless basic settings
Steps to Secure Wireless (Basic Settings)

  • Do not Broadcast SSID (This may exclude some cheaper Access Points

  • Change the default settings

    • SSID

    • Address Ranges

    • Passwords

  • Choose SSID that does not easily associate to the entity owning the access point


Steps to secure wireless encryption
Steps to Secure Wireless (Encryption)

  • Enable Wireless Encryption Protocol

  • Some vendors offer advanced Protocols such as Cisco’s LEAP but this usually requires a single vendor solution

  • Provides reasonable security for low riskdata such as public internet traffic

  • Does not provide adequate security for critical systems (AIRSNORT)

  • WPA and 802.1x Can be used if supported


Steps to secure wireless addresses
Steps to Secure Wireless (Addresses)

  • MAC address filters

    • Difficult to manage, Not Scaleable

    • MAC Can easily be Spoofed

  • IP Address

    • Not using DHCP assigned addressescan be one more barrier

    • Do Not use default Addresses for access points


Steps to secure wireless firewall
Steps to Secure Wireless (Firewall)

  • Provide only limited (VPN Encrypted) connections to Internal network.

  • Treat Wireless machines as if they are public internet machines. (Use Host based Firewall Software for machines that are usually on)

  • Disable ALL unneeded services on Wireless Machines and regularly apply security patches

  • Use rules that require authentication to validate Network Access

  • Limit Bandwidth and usage times when possible


Network diagram
Network Diagram

http://www.vocera.com/products/vocera-new-graphics2.wmv