WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR
description
Transcript of WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR
WIRELESS SECURITYDEFENSE
T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR
May 30, 200905/30/2009
T-Bone & Tonic
Problem Overview
Corporate governance for wireless, wired access, and intranet security used to be governed separately, however, it can no longer be so for the following two reasons:
05/30/2009
1. Security threats need to be addressed on an enterprise wide-level
2. Mobility is a critical component of IT infrastructure access today
2
T-Bone & Tonic
Increase in Corporate Mobility
05/30/2009F
Figure 1 Figure 2
3
T-Bone & Tonic
Proposed Solution
• Cisco Wireless and Network Security Integration – Provides the architectural, design, and
implementation framework in deploying the Cisco Unified Network
– Enables an enterprise to deploy and enforce a common network security policy
– Consistent end-to-end policy enforcement as well as a highly effective threat detection and mitigation capability
– WLAN/LAN integrated and layered security protocol solution
05/30/2009
4
T-Bone & Tonic
Integration Points
05/30/2009
5
T-Bone & Tonic
Why use a Layered Approach?• 802.1x is the IEEE standard that provides the
layered approach• Initiate protection at layer 2 switches and layer 3
routers• Secure authentication of Wireless Access Points
with solid protocols such as WPA2-ENT with EAP-TLS
• Use a secure server to authenticate authorized users with Access Control Servers (Cisco, RADIUS)
• Educate users and administrators on properly securing the network
05/30/2009
6
T-Bone & Tonic
Why Cisco?
• Cisco is unique in occupying 3 industry spaces:– Core Wired Networking products– Wireless Communications– Network Security
05/30/2009
7
T-Bone & Tonic
The Cisco Unified Network
Cisco Unified Network is the marriage of the following 3 Cisco components:
• Cisco Secure Wireless Architecture• Cisco Campus Architecture• Cisco Branch Architecture
05/30/2009
8
T-Bone & Tonic
Cisco Secure Wireless Architecture
05/30/2009
9
T-Bone & Tonic
Cisco Secure Wireless Architecture• Cisco Unified Wireless Network• Cisco Security Agent (CSA)• Cisco Network Admission Control (NAC)
Appliance• Cisco Firewall• Cisco IPS• CS-MARS
05/30/2009
10
T-Bone & Tonic
CS-MARS
• Cisco Security Monitoring, Analysis, and Reporting• Hardened Linux server that monitors the network using
SNMP, SSH, Telnet, Layer 2 & 3 switches and routers• Gathers 15,000 events per second• Cisco ContextCorrelation – Cisco defined rules that
monitor for events• Provides visualizations of network topology and “hot-
spots”• Presents administrators with timely per-device
commands so that threats can be contained quickly• Identifies “chokepoint” devices that can be used to
isolate threats
05/30/2009
11
T-Bone & Tonic
CS-MARS Visualization
05/30/2009
12
T-Bone & Tonic
NAC – Network Access Control• 4 Main Capabilities
– Securely Identify Devices and Users– Enforce Consistent Policy– Quarantine and Remediate– Configure and Manage
• Access is controlled from all entry points to the network – LAN, WLAN, VPN, Internet, Guest
• Can be used to tier access levels• Be careful with quarantine policies, isolate as much
as possible• Uses Cisco Trust Agent and Cisco Security Agent to
verify “security posture”05/30/2009
13
T-Bone & Tonic
NAC - Overview
05/30/2009
14
T-Bone & Tonic
CTA & CSA
• Cisco Trust Agent Components– Network clients– Network Access Devices– ACS – Secure Access Control Server
• Provides Posture Token – Healthy, Infected, Unknown, etc.
– Posture Validation Servers – Third Party – Optional
• Cisco Security Agent– Installed on Network Clients– Limits network access until user and device is
validated– Provides access to remediation areas only
05/30/2009
15
T-Bone & Tonic
CSA – End User View
05/30/2009
16
T-Bone & Tonic
Cisco Campus Architecture
• Provision proper network access to:– Data Centers– Servers– User Devices
• Provide the necessary internal routing and switching capabilities
05/30/2009
17
T-Bone & Tonic
Campus - Illustrated
05/30/2009
18
T-Bone & Tonic
Cisco Branch Architecture
• Branch Architecture ties together the different infrastructure, application and computing resources across various organizational divisions and hierarchies.
05/30/2009
19
T-Bone & Tonic
Branch - Illustrated
05/30/2009
20