wireless networking on the st clair county isd network n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Wireless Networking On the St. Clair County ISD Network PowerPoint Presentation
Download Presentation
Wireless Networking On the St. Clair County ISD Network

Loading in 2 Seconds...

play fullscreen
1 / 16
uriel

Wireless Networking On the St. Clair County ISD Network - PowerPoint PPT Presentation

96 Views
Download Presentation
Wireless Networking On the St. Clair County ISD Network
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Wireless Networking On the St. Clair County ISD Network Dennis Buckmaster Network Engineer, St. Clair County ISD

  2. Why Consider Implementation? • Expanded opportunities for technology use within the Schools • Potential Cost Savings • Catalyst for Other Technologies • Demand from end users! (if it is not there now it will be shortly) • Goal is to Plan for what the users need in a secure way before the users start to add the technology in an insecure way without our knowledge. http://www.vocera.com/products/vocera-new-graphics2.wmv

  3. Why Be Concerned? • Wireless Coverage Range • Physical security is no longer a sufficient • Wiretapping (WarDriving, WarChalking, and WarPlugging) • Internet Leach • Traditional Security Issues Expanded due to ease of access • Additional Wireless issues to consider

  4. Wiretapping Issues • Wiretapping • Free tools such as NetStumbler, Kismet and even Pocket Warrior • Access to Clear text network traffic including potentially confidential information • Vendors will claim this is addressed with SSID, MAC authentication tables, and WEP. Is it?

  5. Netstumbler

  6. Kismet

  7. Traditional SecurityIssues Magnified • Gaining access is one of the first tasks in any “Hacking” attempt • Tracking Origination is the first step in Prosecution • How do you determine where a wireless Attack originates from • Wireless Networks should be treated as an insecure environment just as the Public Internet and Dial Up RAS connections are

  8. Additional Wireless Issues • Site Survey • Dead Spots • Coverage • Signal Leak • Rouge Access Points!! • Interference • Mostly Unintentional • Blue Tooth • Cordless Phones • Intentional

  9. Technologies to Consider • 802.11 • 802.11b = 11mb 2.4 ghz • 802.11a = 54 mb 5 – 6 ghz • 802.11g = 54 mb 2.4 ghz • 802.11x = port level access control • 802.11i / WPA • 802.16 = WIMAX - Wireless Broadband • WIMAX is not yet Ratified

  10. Wireless NetworkAccess • What network access is needed? • Internet • Internal Networks • Who needs access? • Staff • Students • Public • What type of data will be accessed? • When Is Access Needed? • What equipment is available? • What Budget is available?

  11. Steps to Secure Wireless (Basic Settings) • Do not Broadcast SSID (This may exclude some cheaper Access Points • Change the default settings • SSID • Address Ranges • Passwords • Choose SSID that does not easily associate to the entity owning the access point

  12. Steps to Secure Wireless (Encryption) • Enable Wireless Encryption Protocol • Some vendors offer advanced Protocols such as Cisco’s LEAP but this usually requires a single vendor solution • Provides reasonable security for low riskdata such as public internet traffic • Does not provide adequate security for critical systems (AIRSNORT) • WPA and 802.1x Can be used if supported

  13. Steps to Secure Wireless (Addresses) • MAC address filters • Difficult to manage, Not Scaleable • MAC Can easily be Spoofed • IP Address • Not using DHCP assigned addressescan be one more barrier • Do Not use default Addresses for access points

  14. Steps to Secure Wireless (Firewall) • Provide only limited (VPN Encrypted) connections to Internal network. • Treat Wireless machines as if they are public internet machines. (Use Host based Firewall Software for machines that are usually on) • Disable ALL unneeded services on Wireless Machines and regularly apply security patches • Use rules that require authentication to validate Network Access • Limit Bandwidth and usage times when possible

  15. Network Diagram http://www.vocera.com/products/vocera-new-graphics2.wmv

  16. Wireless Building Diagram