Security of Integrated Wireless Networks - Salman

8/7/2019 Security of Integrated Wireless Networks - Salman

1/31

IntegratedWireless Networks

Salman Maqsood

L1F09MSCS1027


2/31

Presentation Outline

Introduction to Integrated Wireless

Networks

Why we need them? Architectural Detail

Homogeneous Integration

Heterogeneous Integration Security Analysis

Conclusion


3/31

Introduction

Integration of different wireless networks into one single

unit, so that a mobile usercan continue his work without

getting disconnected from his session.

The connection switches from one network coverage areato another network coverage area without interrupting

the user.


4/31

Introduction


5/31

Introduction


6/31

Introduction


7/31

Need ofIWN

Mobility of user

E-commerceeverywhere

Always stay-in-touch No restriction of a single network coverage


8/31

Types of Wireless Devices


9/31

Types ofIntegration of Wireless

Networks

Homogeneous Wireless Networks Integration

Heterogeneous Wireless Networks Integration


10/31

Homogeneous WINSeveral types of WLANs are emerging and become profusely used, allowing

users to roam inside their home, enterprise or campus without interrupting their

communication sessions.

They are organized in form of hotspots, i.e. relatively small networks covering a

particular location providing broadband and easy-to-use Internet access to theircustomers while supporting high traffic load.

Classical hotspot examples are airports, hotels, dense urban areas, campuses,

and private offices.

Using hot-spots, providers can offersubscribers not only wide-area connectivitythrough the cellular infrastructure, but also increased bandwidth via Wi-Fi

access points deployed in high concentration areas.


11/31

Homogeneous WIN

Similar kind of wireless networks are integrated together.

A single wireless networks has small range. So by integrating with

other wireless servers whose areas overlaps, the area of the

wireless zone can be increased.

For example, there is a wireless network at UCP. Another nearby

wireless LAN can be at Shaukat Khanam. And they both have some

overlapping area. There is a third wireless LAN which is distant from

UCP but overlaps some wireless area of SK. So the three wirelessservers can be integrated to make one big wireless network which

will have in result a biggerarea as combination of the areas covered

by all of these networks.


12/31

Homogeneous WIN

Same is the case with mobile networks integrity.

Roaming Facility is an example of Mobile Networks Integrity.

For instance, ufone works in most parts of the famous countries. Itsbecause they have a limited integration with the companies in thoseareas with an appropriate Service Level Agreement.

The switching of one network to another is automated.

Similarly all the mobile companies in the country can be integratedwith theirappropriate SLA to provide coverage in the entire country.


13/31

Homogeneous WIN


14/31

Homogeneous WIN


15/31

Scalability of homogenous IWN

Limitless scalability if the end hot-spots have a

neighboring hot-spot with an overlapping area.

Two hot-spots agree on a specific SLA and

allow to share each others bandwidth.


16/31

Security Analysis

If simple browsing, least security is required.

If any private conversations, or file transfer,

encryption and key locking can be used.

Every user can have a firewall installed on his

laptop to protect it f rom outside un-ethicalaccesses.

AAA implemented at routers


17/31

CISCO Routers Analysis

These services help you to:

Improve the reliability and resiliency of your wireless network by identifying architectural

gaps and deviations from best practices

Improve the performance of your wireless LAN network to strengthen network service forbusiness-critical mobility applications

Optimize your RF coverage to reduce the risk of service disruption for mission-critical

business applications

Strengthen the security of your wireless LAN infrastructure by identifying vulnerabilities

and deviations from best practices

Benefits

The Cisco Wireless LAN Network Assessment Service and Cisco Wireless LAN Performance

Analysis Service provide a comprehensive approach to assessing the architecture,

performance, and security of your current wireless network. These services are delivered by

wireless experts who draw on their extensive wireless experience in wireless network

architectural design and RF engineering. This expertise is supported by a combination of

best-in-class tools, methodologies, and superior access to Cisco product development

engineers to help you make the most of the sophisticated performance and security features

of your Cisco Unified Wireless Network.


18/31

CISCO Routers AnalysisCisco 890 Series Router

Unified Wireless Management: Configuration and management of access

points is automated and simplified without manual intervention.

Zone-based Policy Firewall

Stateful inspection transparent firewall

Advanced application inspection and control

HTTPS, FTP, and Telnet authentication proxy Dynamic and static port security

Firewall stateful failover

VRF-aware firewall

Content Filtering Subscription-based content filtering with

Trend Micro

Support forWeb-sense and Smart-filter

Cisco IOS Software black and white lists

Integrated Threat ControlIPS

Control PlanePolicing

FlexiblePacket Matching

Network foundation protection


19/31

CISCO Routers AnalysisCisco 890 Series RouterWLAN Security Features

Standard 802.11i

WPA and AES (WPA2)

EAP authentication: Cisco LEAP, PEAP, Extensible Authentication Protocol Transport LayerSecurity (EAP

TLS), Extensible Authentication Protocol- Flexible Authentication via Secure Tunneling (EAP-FAST),

Extensible Authentication Protocol-Subscriber Information Module (EAP-SIM), Extensible AuthenticationProtocol-Message Digest Algorithm 5 (EAP-MD5), and Extensible Authentication Protocol-Tunneled TLS

(EAP-TTLS)

Static and dynamic Wired Equivalent Privacy (WEP)

Temporal Key Integrity Protocol/Simple Security Network (TKIP/SSN) encryption

MAC authentication and filter

Userdatabase forsurvivable local authentication using LEAP and EAP-FAST

Configurable limit to the numberof wireless clients

Configurable RADIUS accounting forwireless clients

Preshared keys (PSKs) (WPA-small office orhome office [WPA-SOHO])


20/31

CISCO Routers Analysis

Cisco 890 Series Router


21/31

Heterogeneous WINWireless access technologies have characteristics that perfectly complement eachother.

Cellular systems and 3G provide wide coverage areas, full mobility and roaming,

but traditionally offerlow bandwidth connectivity and limited support fordata traffic.

On the other hand, WLANs provide high data rate at low cost, but only within alimited area

WiMAX can supply mobile broadband for anyone, anywhere, whatever the

technology and access mode.

More specifically, WLANs are expected to provide access to IP-based services(including telephony and multimedia conferencing) at high data rates and reduced

coverage in public and private areas. In particular, current WLANs offera bit rate of

54 Mbps with IEEE 802.11g in the 2.4 GHz frequency band


22/31

Heterogeneous WINIn order to provide the mobile users with the requested multimedia services and

corresponding quality of service (QoS) requirements, these radio access technologies will

be integrated to form a heterogeneous wireless access network.

Such a network will consist of a number of wireless networks will form the 4th generation

(4G) or next-generation of wireless networks. Heterogeneous wireless access, extensive

support of IP-based traffic and excellent mobility support are among the main drivers for

the architecture of such generation.

The 4G wireless networks will offer several advantages for both users and network

operators.

Users will benefit from the different coverage and capacity characteristics of each

network throughout the integrated networks. In this way, a large set of available resources

will allow them to seamlessly connect, at any time and any place, to the access

technology that offers the best possible quality.

For the network operators, the integration of all these technologies provides more

efficient usage of the network resources, and may be the most economic and

technologically diversified means of implementing the future anywhere, anytime, always-

on visions, providing both universal coverage and broadband access.


23/31

Heterogeneous WIN

Integration of heterogeneous wireless access networks.


24/31

Heterogeneous WIN

An example of Heterogeneous Networking Scenario


25/31

Heterogeneous WIN

Different Mobile Networks connected to a Core Network


26/31

Heterogeneous WIN

Loose Coupling Scenario Tight Coupling Scenario


27/31

Heterogeneous WIN

Categories of handoff Facilities

Vertical macro mobility: Different wireless access network under differentadministrative domains.

Horizontal macro mobility: Same type of wireless access networks under differentadministrative domains.

Vertical micro mobility: Different wireless access networks under sameadministrative domain.

Horizontal micro mobility: Same type of wireless access networks under sameadministrative domain.


28/31

Existing Wireless Technologies


29/31

Signal Exchange during connection establishment

RNC : Radio Network ControllerSGSN: Service GPRS Support Node

GIF: GPRS Internetworking Function


30/31

Signal Exchange during UMTS-WLAN Handoff

RNC : Radio Network ControllerSGSN: Service GPRS Support Node

GIF: GPRS Internetworking Function


31/31

Conclusion

Formation of a global network

No limitation of area orcoverage

Stay connected any time, any where. And last but not least, u will neverget lost.

Documents

Security of Integrated Wireless Networks - Salman