Solved

Wireless Security

Posted on 2006-11-02
6
298 Views
Last Modified: 2010-04-11
I need to make security recommendations for the following wireless-setup.  

ACS Server: Cisco Secure ACS 3.3
Access Point: Cisco AP 1242 AG
Controller: WCS 4400

Please let me know what is the most secure settings including encrytion etc for the above scenario. The compnay is looking to move towards RSA tokens for authnetication and already has Novell LDAP Directory server in place for authnetication.  these 2 pieces can be made part of the security solution.  

any related security advice and links to deploy secure wireless infrastructure will be much appreciated.

Thanks,
Net-Geek
0
Comment
Question by:net-geek
6 Comments
 
LVL 13

Accepted Solution

by:
mrroonie earned 25 total points
ID: 17865970
0
 
LVL 4

Assisted Solution

by:Smacky311
Smacky311 earned 25 total points
ID: 17866158
Heres the notes I took for my Security+ related to wireless..may help some.

Passive attacks on wireless simply view the data going through it (Sniffing or wardriving).  NetStumbler, a wireless network detector find networks then they are captured with Microsoft's network monitor or Linux's TCPDump.  Radio frequency spectrum analyzers can detect networks with hidden SSIDs then sniffers like Wild Packet's AiroPeek can decode and capture packets.  Active attacks generally have a militious intent.  Attackers can setup a rogue AP with a strong antenna and this can be used to discover the secret key being used for authentication.  NetStumbler and AiroPeek can be used to find rogue APs.

WLAN site surveys test wireless setups to make sure they work.  Site survey forms grab address of site, coverage required, type of existing WLAN, ceiling heights, usage of other radio technologies, availability of ladders and other access equipment.  You walk around a building after setting up AP's and measure signal strength and achieveable data rate.  Different antenna may help.  Mark coverage area on floor plan of building.  AP's should operate on different channels.  WLAN surveys should be done during normal business hours.  Even opening/closing doors affects signals.  You should be able to mount and power AP's w/o the need to depend on existing building services.  Your report should be very detailed and include antenna position.  
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17877530
Before anything else, make sure to check some 802.1x solutions!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ForeFront TMG error 7 19
Windows 2012 PKI in a hybrid org 3 57
Home wireless security 10 62
Lightweight Networking 9 61
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question