Solved

Wireless Security

Posted on 2006-11-02
6
297 Views
Last Modified: 2010-04-11
I need to make security recommendations for the following wireless-setup.  

ACS Server: Cisco Secure ACS 3.3
Access Point: Cisco AP 1242 AG
Controller: WCS 4400

Please let me know what is the most secure settings including encrytion etc for the above scenario. The compnay is looking to move towards RSA tokens for authnetication and already has Novell LDAP Directory server in place for authnetication.  these 2 pieces can be made part of the security solution.  

any related security advice and links to deploy secure wireless infrastructure will be much appreciated.

Thanks,
Net-Geek
0
Comment
Question by:net-geek
6 Comments
 
LVL 13

Accepted Solution

by:
mrroonie earned 25 total points
ID: 17865970
0
 
LVL 4

Assisted Solution

by:Smacky311
Smacky311 earned 25 total points
ID: 17866158
Heres the notes I took for my Security+ related to wireless..may help some.

Passive attacks on wireless simply view the data going through it (Sniffing or wardriving).  NetStumbler, a wireless network detector find networks then they are captured with Microsoft's network monitor or Linux's TCPDump.  Radio frequency spectrum analyzers can detect networks with hidden SSIDs then sniffers like Wild Packet's AiroPeek can decode and capture packets.  Active attacks generally have a militious intent.  Attackers can setup a rogue AP with a strong antenna and this can be used to discover the secret key being used for authentication.  NetStumbler and AiroPeek can be used to find rogue APs.

WLAN site surveys test wireless setups to make sure they work.  Site survey forms grab address of site, coverage required, type of existing WLAN, ceiling heights, usage of other radio technologies, availability of ladders and other access equipment.  You walk around a building after setting up AP's and measure signal strength and achieveable data rate.  Different antenna may help.  Mark coverage area on floor plan of building.  AP's should operate on different channels.  WLAN surveys should be done during normal business hours.  Even opening/closing doors affects signals.  You should be able to mount and power AP's w/o the need to depend on existing building services.  Your report should be very detailed and include antenna position.  
0
 
LVL 9

Expert Comment

by:paradoxengine
ID: 17877530
Before anything else, make sure to check some 802.1x solutions!
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question