Security Solutions [教程].ppt

Why Wireless Security? Heiko Kratz Aruba System Engineer Agenda Security Threads… What Doesn‘t Work… Aruba Security Solutions Aruba at ?22C3“ Congress So why Aruba Wireless Networks? Documentation Links Security Threads Internal Security Threats 50-80% of Security Attacks Now Originate Within the Firewall Source: Computer Security Institute, FBI Key Vulnerabilities Open Ports Employees, Partners, Guests The $39 Threat (Unsanctioned WiFi) “Firewalling the Intranet” A LAN-speed firewall for every user Blocks rogue users Enables guest access to Internet Opens network only to authorized users Conventional Perimeter Security Various Threats on WLANs WLAN Discovery DOS Attacks Surveillance Impersonation/Man-in-the-Middle Intrusion (Client-Client, Client-Network) Rogue Detection and Containment A Myriad of Intrusion Tools Wireless Intrusion Detection is KEY What Doesn’t Work… Doing Nothing Wireless LANs are cheap and easily available If the IT department doesn’t deploy wireless, someone else will Thousands of dollars worth of network security can be bypassed by a single “Rogue” Access Point If your organizational policy is to allow no wireless, there must be a realistic mechanism to enforce that policy The Existence of Wireless LANs is a Security Threat – A Case Study RF Engineering Using directional antennas to direct and limit RF coverage does not work RF is invisible Physical environments change Lowering transmit power or placing access points (APs) away from outside walls to limit RF “leakage” does not work Set RF coverage to optimize user experience – not to control leakage SSID Cloaking Some APs offer a feature to hide the SSID (Service Set Identifier or “wireless network name”) in advertisements Hiding the SSID will discourage only the casual “war-driver” looking for free Internet access A person intent on network intrusion can run a simple tool to instantly reveal the SSID The SSID should never be treated as though it were a password M