Wireless
Security
2
Contents
Wireless
Overview
Wireless Security Risks
Enhance Wireless Security
Wireless diagram for finance organization
3
I.
Wireless Overview
More
convenience than wired LAN
Easy to connect, easy to share
High Transport Speed. 802.11ac standard can archive
maximum 1,69 Gbit/s
Most technology devices support WLAN
(802.11a/b/g/n/ac): computer, phone, tablet, camera,
printer, television, memory stick,…
Municipal wireless network: some cities have coverage
wireless such as Bangkok, Singapore, Ha long, Hoi an, Da
nang, Hue
4
II. Wireless security risk
Weak
encryption WEP
MIM - Man in the middle
Easy bridge to wired LAN
Rouge AP, evil twin,…
Untrusted providers: Firmware, Embedded
wireless chip on Housewares such as clothes iron,
water heater,…
5
III. Enhance Wireless Security
1.
2.
3.
4.
Create a Wireless Security Policy
Secure the WLAN
Protect Your Company from Outside Threats
Security Awareness Training
6
1. Create a Wireless Security Policy
Acceptable
use policy
E-mail and communications activities
Antivirus policy
Identity policy
Password policy
Encryption policy
Remote access policy
7
2. Secure the WLAN
Use strong encryption: WPA, WPA2
Change the default SSID, default administrator
account/ password.
Use VLANs or MAC address control lists
Disable SSID broadcast
Guest access SSID
AP Isolation
Secure management ports
Secure communications
Physical secure Access points
Limit Wireless range
Turn off Wireless when not use
Regularly changing encryption keys
8
3. Protect Your Company from Outside Threats
802.1X
authentication: RADIUS
Assign Static IP
Network Firewall and personal firewall software
VPN: Virtual Private Network
NAC: Network Access Control
Wireless IPS: Prevent unauthorized, rogue AP, evil
twin and other wireless threats
Wireless Security Endpoints: BYOD
Wireless Management System
Logging
9
4. Wireless Security Awareness Training
Train
users for using wireless securely.
Understand Wireless Security Policy and follow
the policy.
Do Not Auto-Connect to Open Wi-Fi Networks
10
IV. Wireless diagram for finance organization
Requirements:
Wireless used for customers and VIP employees,
especially for HO and meeting rooms.
Highest security, prevent any wireless threats.
11
Wireless diagram for finance organization
Diagram
1
12
Wireless diagram for finance organization
Diagram
2
13
Comparison
Method
Diagram 1:
Advantage
Design
Diagram 1:
Disadvantage
Diagram 2:
Advantage
Equip Firewall,
private Internet line
for Branches
No need to equip
private Internet
line for Branches
Diagram 2:
Disadvantage
Performance
Fast Internet
access, low
delay
Slow Internet
access, high delay,
can effect WAN
connection
Security
Secure Internal
LAN, Internet
access cannot
go inside
Passthough WAN
Infrastructure, hard
to control security
Availability
Keep access
Internet as if
WAN line lost
Cannot access
Internet if WAN
line lost
Operation
Hard operation as
must control
separate Internet
line of branches
Easy to control
because of
central Internet
management at
HO
14
Which diagram is the best for your company?
It
depends on what you need.
If Wireless is deployed for several branches,
diagram 1 should be the best.
If Wireless is deployed for huge branches, diagram
2 should be considered.
15
Wireless Solution Providers
Airtight
Cisco
Aruba
Ruckus
Juniper
Meraki
HP
16
References
http://
www.cisco.com/web/solutions/smb/need_to/five_w
ays_to_improve_your_wireless_security.html
http://
compnetworking.about.com/od/wirelesssecurity/tp/
wifisecurity.htm
17
Questions and Answers
Please
contact:
THANK YOU!