chapter 13 802.11 network security architecture

Post on 30-Dec-2015






Click to see full reader


Certified Wireless Network Administrator (CWNA) PW0-105. Chapter 13 802.11 Network Security Architecture. Chapter 13 Overview. 802.11 Security Basics Legacy 802.11 Security Robust Security Traffic Segmentation Infrastructure Security VPN Wireless Security. 2. - PowerPoint PPT Presentation


Certified Wireless Network Administrator (CWNA)PW0-105

Chapter 13802.11 Network Security Architecture

Chapter 13 Overview

• 802.11 Security Basics• Legacy 802.11 Security• Robust Security• Traffic Segmentation• Infrastructure Security• VPN Wireless Security

2Certified Wireless Network Administrator: CWNA – PW0-105

802.11 Security Basics

• Data privacy• AAA

Segmentation• Monitoring• Policy

3Certified Wireless Network Administrator: CWNA – PW0-105

Data Privacy

• About the protection of data and the prevention of unauthorized access to it

• Uses encryption– RC4– AES

• Exercise 13.1

4Certified Wireless Network Administrator: CWNA – PW0-105


• Authentication– Who are you?– What are you?

• Authorization– What can you do?

• Accounting– What did you do?

5Certified Wireless Network Administrator: CWNA – PW0-105



6Certified Wireless Network Administrator: CWNA – PW0-105


• Defines how computer systems must be implemented– Specific WiFi policies must be created– Traditional wired policies are not sufficient

7Certified Wireless Network Administrator: CWNA – PW0-105

Legacy 802.11 Security

• Legacy authentication– Open System– Shared Key

• Static WEP encryption• MAC filters• SSID cloaking or hiding

8Certified Wireless Network Administrator: CWNA – PW0-105

WEP Key and IV

9Certified Wireless Network Administrator: CWNA – PW0-105

Robust Security vs. Legacy Security

10Certified Wireless Network Administrator: CWNA – PW0-105

Robust Security Network (RSN)

11Certified Wireless Network Administrator: CWNA – PW0-105

• 802.11-2007, originally 802.11i, define an RSN– STAs must use the 4-way handshake– STAs must use CCMP or TKIP

• Pre-Shared Key (PSK)

• Proprietary PSK– Dynamic PSK and Private PSK are examples

• 802.1X/EAP

802.1X Comparison

12Certified Wireless Network Administrator: CWNA – PW0-105

WLAN Bridging and 802.1X

13Certified Wireless Network Administrator: CWNA – PW0-105

802.1X/EAP Architecture and Process

14Certified Wireless Network Administrator: CWNA – PW0-105

EAP Types

15Certified Wireless Network Administrator: CWNA – PW0-105

Traffic Segmentation

16Certified Wireless Network Administrator: CWNA – PW0-105

• VLANs– Guest– Voice– Data


Wireless VLANs

17Certified Wireless Network Administrator: CWNA – PW0-105

Infrastructure Security

18Certified Wireless Network Administrator: CWNA – PW0-105

VPN Wireless Security (Hotspot)

19Certified Wireless Network Administrator: CWNA – PW0-105

VPN Wireless Security (Site-to-Site)

20Certified Wireless Network Administrator: CWNA – PW0-105

Chapter 13 Summary

• 802.11 Security Basics• Legacy 802.11 Security• Robust Security• Traffic Segmentation• Infrastructure Security• VPN Wireless Security

21Certified Wireless Network Administrator: CWNA – PW0-105

top related