1 / 22

The Ultimate Guide to Wireless Network Security

SIM313. The Ultimate Guide to Wireless Network Security. Hasain Alshakarti Senior Security Advisor TrueSec. Agenda. The Evolution of WiFi Security Weaknesses & Attack Scenarios Best Practice Protecting the Enterprise Best Practice Protecting the Mobile Client.

tuesday
Télécharger la présentation

The Ultimate Guide to Wireless Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SIM313 The Ultimate Guide to Wireless Network Security HasainAlshakarti Senior Security Advisor TrueSec

  2. Agenda • The Evolution of WiFi Security • Weaknesses & Attack Scenarios • Best Practice Protecting the Enterprise • Best Practice Protecting the Mobile Client

  3. The Evolution of WiFiSecurity Security Management Compatibility • Proprietary • WEP • WPA • WPA2

  4. The Evolution of WiFi Authentication Security Management Compatibility • Proprietary • Open • Shared • PSK • 802.1x

  5. WiFi Security – The Wrong Way • MAC address filtering • Disable SSID broadcast • Static IP Addressing • Rogue AP Detection & Wireless IPS

  6. Weaknesses & Attack Scenarios • Attacking the client • Open Networks • Fake AP / EvilTwin • Weak Authentication • Attacking the Infrastructure • Crackthe secret • Brute force • Weak Encryption

  7. Free WIFI anybody? demo

  8. Sniffing, Cracking & Forgery demo

  9. Best Practice Protecting the Enterprise • Managed Configuration • Security misconfigurations are common! • 802.1x & WPA2 • Sufficient Authentication • Sufficient Encryption • Network Access Protection • Added Benefits!

  10. Best Practice Protecting the Enterprise • Managed Configuration • Group Policy • No Client/Local Override! • Identity Management • Active Directory & Certificate Services • Server Validation • Server Certificates • Network Segmentation • Guest Access, Corp Access, Quarantine etc.

  11. Best Practice Protecting the Enterprise • 802.1x & WPA2 • EAP-types • PEAP [Extensibility] • EAP-TLS [Compatibility] • Mutual Authentication • Strong Encryption [AES] • Redundant Radius(NPS) servers • Availability

  12. Best Practice Protecting the Enterprise • Network Access Protection • Computer AND User Authentication • Health Validation • Auto Remediation • Quarantine Non-Healthy Clients

  13. What & How - Managed Configuration demo

  14. Knock knock, who is there - 802.1x demo

  15. What if - Network Access Protection demo

  16. Best Practice Protecting the Mobile Client • User Awareness • Is this my network? • Strong Mutual Authentication • Do not forget the Server! • Combine with “VPN” on Open Networks • Disable AD-Hoc • Host Firewall • WLAN interface = Public Profile • LAN/WLAN Switching • Disable Windows 7 Wireless Hosted Network

  17. Trustworthy Computing Safety and Security Center http://www.microsoft.com/security Security Development Lifecycle http://www.microsoft.com/sdl Security Intelligence Report http://www.microsoft.com/sir End to End Trust http://www.microsoft.com/endtoendtrust

  18. Resources • Connect. Share. Discuss. http://northamerica.msteched.com Learning • Sessions On-Demand & Community • Microsoft Certification & Training Resources www.microsoft.com/teched www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers http://microsoft.com/technet http://microsoft.com/msdn

  19. Complete an evaluation on CommNet and enter to win!

More Related