Download - Wireless Security: Key Trends and Issues
![Page 1: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/1.jpg)
Wireless Security: Key Trends and Issues
David C. King CEO, AirTight Networks
www.airtightnetworks.net
![Page 2: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/2.jpg)
Wireless Breaks the Wired Security Model
Network & Personal Firewalls, IP-SEC VPN
SSL VPN, Network IDS, Host IDS
Anti-virus/spyware/malware/spam
URL filters, Web proxies, IDS
Layer 3 (IP)
Layer 4 (TCP)
Layer 5 (Session)
Layer 6 (Apps)
Layer 2 (MAC)
Layer 1 (PHY)
Unprotected
Unprotected
![Page 3: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/3.jpg)
Wi-Fi Threat Environment
Common Vulnerabilities• Rogue Access Points• Mis-configured APs• Unauthorized clients• Client mis-associations• Ad hoc connections
Malicious Threats• Honeypot APs• Denial of Service• MAC Spoofing APs
Wired Security and WPA2 Do Not Address These Threats
Enter
prise Ne
twork
Neigh
boring
Network
?Ad Hoc
Denial of Service Attack
AP MAC Spoofing
Rogue AP
Mis-configured APUnauthorized Client
Mis-association
Honeypot
![Page 4: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/4.jpg)
Wireless Breaches Pose Serious Business Risks
Privacy
Operations
Compliance
Brand
Legal action
Productivity loss
Fines/penalties
Customer/revenue loss
Vulnerabilities compromise Consequences
![Page 5: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/5.jpg)
TJX Breach Illustrates the Risk
• Marshalls stores hacked wirelessly
• Hackers accessed TJX network & multiple servers for 18+ months
• 94 million payment card accounts compromised
• Estimated liabilities >$4.5B– Over 15 lawsuits already filed– Battle over responsibility
• Who will 60 Minutes profile next?
![Page 6: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/6.jpg)
Four Elements of a Wireless Security Policy
Control wireless access to wired network Prevent unauthorized wireless “back doors”
Enforce wireless policy outside of the officeKeep clients from attaching to other networks
![Page 7: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/7.jpg)
Market and Technology Forces
Infrastructure
Client Devices
Compliance
Threat Environment
Wireless
Security
Requirements
• New hacking tools• Evolving attack scenarios• Organized crime
• 802.11a,b,g � 802.11n
• VoWiFi• FMC
• Legacy WEP• Wi-Fi laptops
• iPhones
• PCI• HIPAA• GLBA
![Page 8: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/8.jpg)
802.11n Amplifies Existing Threats
• 802.11n accepted by consumers and SMBs
• Majority of rogue APs are consumer APs – Router (NAT) APs
– Turbo/Super G APs
– DRAFT 802.11n and Pre-802.11n APs
• Greater range of spillage extends vulnerability– Your APs visible to more unauthorized users
– More external APs visible with neighboring spillage
• “Outside-in” spillage may create interference or DoS
![Page 9: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/9.jpg)
Voice over Wi-Fi Threats
• Mission critical applications in key industries
• Latency and interference are biggest issues
• Placement of APs & sensors poses challenges
• DoS prevention is paramount
![Page 10: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/10.jpg)
iPhone: Wireless Security Paradigm Shift
• Device is showing up everywhere
• Users seek free Wi-Fi wherever its available
• New wave of wireless security events
• Network boundaries completely blurred
![Page 11: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/11.jpg)
Differing Security Requirements
Budget$ $$$
Remediation
Assessment
Compliance
Government
Financial Services
Retail Healthcare
Education
Legal
Technology
High security, high budget.
Telecom
![Page 12: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/12.jpg)
Evolution of Wireless Security
WEP ����WPA
� Encryption� Authentication
� Prevent� Locate
� Monitor� Detect
� Assessment� Compliance� Remediation
Intrusion
DetectionIntrusion
Prevention
Vulnerability
Management
![Page 13: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/13.jpg)
Trend Towards 24X7 Visibility
Visibility into Wireless
Security Posture
Regulatory Compliance
Reporting
Wireless Breach
Protection
Handheld
Scanner
Real Business
Needs
No consolidated reporting
No historical reportingNot possible
Point in time view
Lack of central visibility
Remote ops not possible
� 24x7 wireless scanning
� Identify & prioritize all
wireless devices
� Scan and classify
wireless vulnerabilities
� On demand & scheduled
reporting
Assessment Compliance Remediation
� Wireless compliance
assessment
� Pre-defined regulatory
reports including PCI,
SOX, HIPAA, GLBA
� On demand & scheduled
reporting
� Instant notification of
wireless vulnerabilities
� Automated or manual
threat remediation
� Threat location tracking
� Visibility into wireless
signal spillage
Wireless Vulnerability Management
![Page 14: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/14.jpg)
Wireless Security Landscape
WEP � WPA
WIDS
WIPS WirelessVulnerability Management
Overlay
Infrastructure
• Scales seamlessly for all size organizations
• Solves different problems for different organizations
• Addresses specific needs at specific times
![Page 15: Wireless Security: Key Trends and Issues](https://reader034.vdocument.in/reader034/viewer/2022042700/557649bdd8b42ac31b8b50ad/html5/thumbnails/15.jpg)
Wireless Security: Key Trends and Issues
David C. King CEO, AirTight Networks
www.airtightnetworks.net