Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | amela-herring |
View: | 82 times |
Download: | 5 times |
Certified Wireless Network Administrator (CWNA)PW0-105
Chapter 13802.11 Network Security Architecture
Chapter 13 Overview
• 802.11 Security Basics• Legacy 802.11 Security• Robust Security• Traffic Segmentation• Infrastructure Security• VPN Wireless Security
2Certified Wireless Network Administrator: CWNA – PW0-105
802.11 Security Basics
• Data privacy• AAA
Segmentation• Monitoring• Policy
3Certified Wireless Network Administrator: CWNA – PW0-105
Data Privacy
• About the protection of data and the prevention of unauthorized access to it
• Uses encryption– RC4– AES
• Exercise 13.1
4Certified Wireless Network Administrator: CWNA – PW0-105
AAA
• Authentication– Who are you?– What are you?
• Authorization– What can you do?
• Accounting– What did you do?
5Certified Wireless Network Administrator: CWNA – PW0-105
Segmentation
• LANs• WANs• VLANs
6Certified Wireless Network Administrator: CWNA – PW0-105
Policy
• Defines how computer systems must be implemented– Specific WiFi policies must be created– Traditional wired policies are not sufficient
7Certified Wireless Network Administrator: CWNA – PW0-105
Legacy 802.11 Security
• Legacy authentication– Open System– Shared Key
• Static WEP encryption• MAC filters• SSID cloaking or hiding
8Certified Wireless Network Administrator: CWNA – PW0-105
WEP Key and IV
9Certified Wireless Network Administrator: CWNA – PW0-105
Robust Security vs. Legacy Security
10Certified Wireless Network Administrator: CWNA – PW0-105
Robust Security Network (RSN)
11Certified Wireless Network Administrator: CWNA – PW0-105
• 802.11-2007, originally 802.11i, define an RSN– STAs must use the 4-way handshake– STAs must use CCMP or TKIP
• Pre-Shared Key (PSK)
• Proprietary PSK– Dynamic PSK and Private PSK are examples
• 802.1X/EAP
802.1X Comparison
12Certified Wireless Network Administrator: CWNA – PW0-105
WLAN Bridging and 802.1X
13Certified Wireless Network Administrator: CWNA – PW0-105
802.1X/EAP Architecture and Process
14Certified Wireless Network Administrator: CWNA – PW0-105
EAP Types
15Certified Wireless Network Administrator: CWNA – PW0-105
Traffic Segmentation
16Certified Wireless Network Administrator: CWNA – PW0-105
• VLANs– Guest– Voice– Data
• RBAC
Wireless VLANs
17Certified Wireless Network Administrator: CWNA – PW0-105
Infrastructure Security
18Certified Wireless Network Administrator: CWNA – PW0-105
VPN Wireless Security (Hotspot)
19Certified Wireless Network Administrator: CWNA – PW0-105
VPN Wireless Security (Site-to-Site)
20Certified Wireless Network Administrator: CWNA – PW0-105
Chapter 13 Summary
• 802.11 Security Basics• Legacy 802.11 Security• Robust Security• Traffic Segmentation• Infrastructure Security• VPN Wireless Security
21Certified Wireless Network Administrator: CWNA – PW0-105