Upload
bertha-powell
View
218
Download
0
Tags:
Embed Size (px)
Citation preview
Copyright © 2002-2005 AirDefense Proprietary and Confidential.www.airdefense.net
Copyright © 2002-2005 AirDefense Proprietary and Confidential.
What is your Current Wireless Strategy?
Current Policy AP Deployment Wireless Laptops Wireless Printers Pilots/Test-beds Special Wireless Applications
Official Rollouts Number of Sites, APs, Users AP Vendor & Management Software Authentication & Encryption Methods Client Supplicant & Associated Security Features Any Mission-Critical Wireless Installations Any Tools in Place for Planning or Troubleshooting
Top concerns about security exposures from wireless Regulatory requirements for network security
What Makes Wireless Risky?
Wireless Exposes Your Wired Network
Hotspot
Physical Boundaries Protect your Network
Corporate Network
Wireless is in every network & is a shared & uncontrollable medium
Barcode Scanner
Authorized AP
Authorized Station
Hacker
Rogue Devices connected to the network open doors
for hackers!
Wireless is an inherently weak protocol and is
easy to attack
Probing Laptop
Rogue AP
Hacker
Confidential Data
Evil Twin
Wireless Hacking Tools
Low
High
1980 2005
Attack Sophistication
Knowledge Required by Intruder
Increasing Sophistication of Attacks
Wireless Intrusions are HappeningA North Carolina Medical
Consulting FirmBroke into the computer system of a local medical consulting firm & illegally accessed information of hundreds of patients, including checks and insurance forms
Wireless hackingbust in Michigan
Two Michigan men repeatedly cracked Lowe’s nationwide network from a 1995 Pontiac Grand Prix parked outside a suburban Detroit store.
Charged with penetrating and intentionally damaging a Lowe’s system.
First hopped onto the Wi-Fi network at the store to access the company’s central data center at Lowe’s headquarters.
Deployed hacking software, in one case crashing the point of sale terminals.
A California Public School District
Unprotected WLAN allowed full unauthorized access to sensitive
files & enabled hackers to upload their own files into servers
A Texas County CourtHackers accessed information filed by the clerk of courts by using only a laptop & wireless card
BJ’s Wholesale Club
Hacked via wireless network at a store location, credit card data was stolen AND used to the tune of $20M. The lax security found by the FTC to be an “unfair trade practice”; now under 9 years of probation and have to institute security measures and hire 3rd party auditor
Security causes Best Buy register ban
Best Buy banned the use of wireless cash registers at its 492 stores after learning a hacker may have intercepted a customer’s credit card number.
http://www.airdefense.net/education/video/
Minneapolis News Station
LONDON, England -- "Evil twins" are the latest menace to threaten the security of Internet users, experts in the UK are warning.An "evil twin" is a bogus base station that latches on to someone using new "Wi-Fi" wireless technology.Victims think their laptops or mobile phones are connected to bona fide wireless internet connections.
Layered Approach to Wireless Security
Deploy enterprise-class APs Enable 802.1x authentication Secure data with strong
encryption 802.11i/WPA2 is preferable
Hotspot
Install a personal firewall to protect against viruses, trojans
Use a wireless security client to protect against phishing and other redirection attacks
Probing Stations Misconfigured Devices Rogue Devices Protocol Vulnerabilities Laptop Bridging
Install a 24x7 IPS system to provide protection for:
Similar to wired network security, wireless networks require layers of protection to guard against all threats.
AirDefense Solution
AirDefense’s Role in Wireless Security
Hotspot
Corporate Network
Barcode Scanner
Authorized AP
Authorized Station
Hacker
Probing Laptop
Rogue AP
Hacker
Confidential Data
Guards Your Wireless Deployments and Areas without Wireless Protects End-Users
as They Travel
AirDefense HighlightsPioneered Wireless Intrusion Prevention Technology & MarketProtection for all wireless devices anywhere including Mobile workers
17 Patents Granted or Pending Covering Fundamentals of Wireless Security; Common Criteria Certified
Triple digit Compounded Annual Growth Rate; 4 years of Continued Growth; Profitable and Cash-Flow Positive
500+ Customers including Market Leaders in all Major Industries and Government
Strategic Relationships with Key Industry Leaders such as IBM, CSC, Symbol Technologies, Trapeze Networks and others
Won Numerous Industry Awards for Innovation and Growth; Recommended by Industry Analysts (InfoWorld, Red Herring)
Focus
Innovation
Growth & Profitability
Customers
Partners
Awards
Growing Base of Blue Chip Customers
UNITED STATES
AIR FORCE ACADEMY
Department ofVeterans Affairs
AirDefense Enterprise Solution Deployed in 35 of 100 Fortune 100 Companies:
Top 4 Global Telecom Carriers Largest Logistics & Distribution companies in the world with
presence in 200 countries Major Retailers with hundreds of locations Global Financial Institutions Worldwide Manufacturing companies Major HealthCare Organizations Department of Defense (Army, Joint Forces, Navy, DoD) Department of Homeland Security Department of Energy (Nuclear facilities) National Security Agency FAA, FCC, Treasury, Social Security, Dept of State, Capitol Hill Major International Airports including the busiest in the world
AirDefense Product Family
Real-time snapshot of local wireless networks
Locate wireless devices quickly
Troubleshot and solve connectivity problems
Monitors airwaves for Bluetooth devices
Identity insecure connectivity
Sensors
Enterprise Server
3 4
WLAN Analyzer Bluetooth Analyzer
Protect in-building wireless deployment Rogue detection, analysis & mitigation Policy enforcement & Forensic analysis
1 Protect mobile workers as they
travel to hotspots & vulnerable networks
2
Mobile Worker Security
24x7 Monitoring & IPS
AirDefense Solution
AirDefense Technologies: A True IPS System
AirDefense Server ApplianceDISCOVERY DETECTION ANALYSIS
ProtocolAbuse
AnomalousBehavior
SignatureAnalysis
Policy Manager
Co
rrel
atio
n A
cro
ss S
enso
rsS
tati
stic
al A
nal
ysis
Ala
rm C
orr
elat
ion
WLAN Infrastructure Mgmt Systems
Other threats require correlation across
sensors
Day Zero attacks require anomalous behavior analysis
Correlation across multiple detection
engines reduces false positives
AirDefenseSensors
AirDefense Personal
AirDefense Mobile
Other Sensors
Some threats & issues can be detected
at the sensor
Remote Troubleshooting
- Real-time Live View of Network
Automated Protection
- Wired-side Suppression
- AirTermination
Historical Analysis
- RF RewindTM with Forensic Analysis
Context-Aware Detection Schemes
Wired Network Switches
AirDefense Functionality
RF Rewind with Forensic Analysis
Rogue Threat Management& Mitigation
360º Threat Assessment &
Response
Policy Monitoring &
Compliance Management
Operational Performance & Troubleshooting
MobileWorkforceProtection
Vulnerability Assessment
AirDefense IntelliCenter
AirDefense Advantages Unprecedented Scalability – 300,000 devices
Identification of True Threats – assessment provided based on 270 data points minimizes false positives
Reliable Protection – termination methods effective and highly focused
Accurate Investigations – RF Rewind with minute-by-minute detail
Uninterrupted Mobile Worker Protection – users are safe in the building and at hotspots around the world
Ease of Use – administrators have detailed dashboards with wizards to help solve problems
Solid & Secure Platform – Common Criteria certified platform using FIPS 140-2 compliant encryption modules
Copyright © 2002-2005 AirDefense Proprietary and Confidential.
17
Summary
AirDefense Secures your Wireless Network and Protects your overall Security Investment
…enabling mobile Employees to Safely Work Anywhere, Anytime
…so You can Take Your Business as Far as it can go!
Wireless is a business enabler and is a part of every network
Unmonitored wireless networks can make the entire network vulnerable
Lack of policy compliance can result in regulatory liabilities
AirDefense offers market-leading solutions to provide visibility and control of all wireless assets, regardless of location
AirDefense solutions are trusted by the most security-sensitive organizations in the world
AirDefense solutions are cost-effective & provide the lowest TCO