105 Pages, Chapter 1-5
MS Word
08062235854
The Wireless LAN (WLAN) industry is the fastest growing networking market, only overcome by limitations to secure it. Wireless LAN technology is recognized, accepted and adopted by many organizations worldwide. Many companies and government entities are realizing the competitive advantage of deploying wireless technology in the workplace. Wireless technologies are continually evolving and providing advancements in speed, bandwidth, and security. However, large enterprises have been reluctant to deploy wireless networks due to perceived limitations in wireless security and the risks it poses to the organization. Simply, WLAN’s are a disruptive technology that has many challenges with securing its networks. Today, the WLAN industry can be categorized as “overheated”, where technology adoption is being driven by an impatient user base demanding more features, and an all out effort by vendors to address known wireless security vulnerabilities. There is a high priority in the industry, especially with the U.S government, to push the technology to a point where the risk of compromise is minimized. The intent of this project is to address the security issues surrounding wireless networks in an enterprise environment. This project will provide a high level overview of all the challenges and components associated with securing a wireless network. The fundamental question plaguing the industry today is if wireless networks can be deployed securely. There is a mindset prevailing that wireless networks are inherently insecure. Can this be actually true, a fact or fabrication? What known security holes limit enterprise deployments of a WLAN and can they be fixed? This project will shed light on these questions and detail how wireless networks are secured and point out their limitations. Additionally, this project will explore current and future initiatives to secure wireless networks in a large enterprise environment, and provide a roadmap where wireless security is headed in the future.
TABLE OF CONTENTS
CHAPTER ONE: WIRELESS LAN SECURITY SYSTEMS
1.0 INTRODUCTION
1.4 scope of study
1.5 research methodology
1.6 Organization of work
CHAPTER TWO: LITERATURE REVIEW
WIRELESS LAN ATTACKS AND SECURITY TECHNOLOGIES
2.1.1 EXTENDING THE RANGE
2.4 WIRELESS LAN SECURITY TECHNOLOGIES
2.4.1 WIRED EQUIVALENT PRIVACY (WEP)
2.4.2 WI-FI PROTECTED ACCESS (WPA)
2.4.3 IEEE 802.11i
2.4.4 IEEE 802.1X
2.4.5 AUTHENTICATION
2.4.5.1 EXTENSIBLE AUTHENTICATION PROTOCOLS (EAP)
2.4.5.2 LIGHTWEIGHT EXTENSIBLE AUTHENTICATION PROTOCOL (LEAP)
2.4.5.3 PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL (PEAP)
2.4.5.4 EAPOL
2.4.5.5 EAP-FAST
2.4.6 SUMMARY
CHAPTER THREE: DESIGN
Wireless Security Architectures
3.0 INTRODUCTION
3.1 STATIC WEP WIRELESS ARCHITECTURE
3.2 VPN
3.2.1 TECHNOLOGY OVERVIEW
3.2.1.1 IPSec
3.2.1.2 ISAKMP
3.2.1.3 INTERNET KEY EXCHANGE (IKE)
3.2.1.4 AH
3.2.1.5 ESP
3.3 WIRELESS VPN ARCHITECTURE OVERVIEW
3.4 VPN POLICY ASPECT
3.5 WIRELESS GATEWAY SYSTEMS
3.6 802.1x
3.7 COMPARISON OF WIRELESS SECURITY ARCHITECTURES
3.7.1 WEP ARCHITECTURE
3.7.2 WIRELESS VPN ARCHITECTURE
3.7.3 WIRELESS GATEWAY OR FAREWALL ARCHITECTURE
3.7.4 WIRELESS 802.1X ARCHITECTURE
CHAPTER FOUR
CORPORATE SECURITY POLICIES IMPLEMENTATION
4.0 INTRODUCTION
4.1 ORGANISATIONS AND SECURITY SOLUTION DEPLOYMENT
4.2 PRACTICAL ADVICE:CHOOSING A SECURITY MECHANISM
4.3 SECURITY REQUIREMENTS
4.3.1 ORGANIZATION A: CENTRALIZED OFFICES WITH VLANS
4.3.2 ORGANIZATION B: DEPARTMENTAL ACCESS-POINTS
4.4 ENABLING ACCURATE THREAT DETECTION AND PREVENTION
4.5 CORPORATE SECURITY POLICIES
4.5.1 KEEP SENSITIVE INFORMATION PRIVATE
4.5.2 PHYSICAL SECURITY
4.5.3 WIRELESS LAN EQUIPMENT INVENTORY AND SECURITY AUDITS
4.5.4 USING ADVANCED SECURITY SOLUTIONS
4.5.5 PUBLIC WIRELESS NETWORKS
4.5.6 LIMITED AND TRACKED ACCESS
4.5.7 SECURITY NEEDS
CHAPTER FIVE: CONCLUSION AND RECOMMENDATION
5.1 CONCLUSION
5.0 RECOMMENDATIONS
REFERENCES