Traditional Wired Network
In wired network, access to the internal resource from internet can be strictly managed and controlled by gateway firewall.
Wireless Security Concerns
Wireless changes the security paradigm. Radio waves cannot be stopped by walls and doors. As soon as you connect a wireless Access Point to the intranet, any traffic sent wirelessly is now visible in the enterprise’s parking lot. This introduces several new vulnerabilities that did not exist in the wired world. The most common problem is rogue wireless access. An employee or contractor might bring in an unauthorized AP and connect it to the intranet without enabling security. This rogue AP can then provide unrestricted access to hackers in the vicinity sniffing for open or poorly secured wireless APs. Similarly, authorized wireless APs may have weak security like WEP that can allow similar “behind the firewall” access to the sensitive enterprise internal network. Once on the “soft” internal network, hackers can mount several different attacks given the fact that intranets were designed to block attacks at the edge. Wireless also aggravates the “insider threat”. Users can connect their laptops to external wireless networks and bypass internet filters and enterprise proxy’s while being in the enterprise perimeter. Sometimes, laptops can simultaneous be connected to the wired and an unauthorized external wireless network. Many enterprises that have deployed wireless also have to deal with the support costs of managing and troubleshooting wireless connectivity and performance issues that are very different from wired access problems.
Summary of Wi-Fi Vulnerabilities.
Any wireless client that is not sanctioned connecting to your WLAN should be considered a rogue device until it is investigated. Any unsanctioned AP on your network is also a rogue until otherwise classified. It is important to coordinate the introduction of wireless devices with ADSP. This may require conversations with networking, desktop support and security departments prior to device deployment.
Extreme AirDepence Solution ( ADSP )
•Centralized, Hardened Appliance or VM – Secure System with Low-bandwidth Utilization
•Two Types of Sensors
- Integrated Sensors are Built into Extreme WiNG
Access Points
- Dedicated Sensor -Use One for Every 3-5 APs
- Radioshare Sensor for Part-time WIPS
•Centralized Reporting
•24x7 Monitoring
•Robust Alarm Management
•Automatic Mitigation & Escalation
•Forensic Analysis
•Multi-vendor Management
•Remote Troubleshooting
•Interference Detection
ADSP - Comprehensive Intrusion Detection
200+ Threats Detected
•Rogue Exploits, Extrusions, Vulnerabilities
•Denial of Service & Impersonation Attacks
•Key, Encryption, and Dictionary Attacks
•Security Policy Violations
Minimal False Positives
•Correlation Across Multiple Detection Engines Reduces False Positives
•Most Accurate Attack Detection
Automatic Threat Mitigation
•Wireless Termination
•Wired Port Suppression
•Wireless ACL
ADSP advanced Fornsics
Extensive Forensic Data
•325+ Statistics per Device per Minute
•Record of Device Connectivity
•Determine Exact Time & Impact of Security Incidents
•Historical Data Storage
•Supports trend analysis and anomaly detection
•Rewind-able visualizations
Infrastructure Forensics
•Extends Forensics Engine to Capture Polled Data:
•75 Statistics Per AP and Associated Stations
•40 Statistics Per WLAN Controllers
•Extensive Aupport for Trend Analysis and
Anomaly detection
Infrastructure Forensics
•Extends Forensics Engine to Capture Polled Data:
•75 Statistics Per AP and Associated Stations
•40 Statistics Per WLAN Controllers
•Extensive Aupport for Trend Analysis and
Anomaly detection
ADSP - Live View for Real-time Troubleshooting
Real-time View of WLAN
•Turn Any Sensor into a ‘Sniffer’
•Full Layer 2 Frame Capture
•Visualize Wireless Traffic Flow
•28 Different Graphical Views
Low Network Support Costs
•Real-time View of Remote WLAN
•Advanced Centralized Troubleshooting
•Reduced On-site Support Cost
•Increased WLAN Uptime
ADSP: Regulatory Compliance
No comments:
Post a Comment