WIRELESS SECURITYDEFENSE

T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR

May 30, 200905/30/2009

T-Bone & Tonic

Problem Overview

Corporate governance for wireless, wired access, and intranet security used to be governed separately, however, it can no longer be so for the following two reasons:

05/30/2009

1. Security threats need to be addressed on an enterprise wide-level

2. Mobility is a critical component of IT infrastructure access today

2

T-Bone & Tonic

Increase in Corporate Mobility

05/30/2009F

Figure 1 Figure 2

3

T-Bone & Tonic

Proposed Solution

• Cisco Wireless and Network Security Integration – Provides the architectural, design, and

implementation framework in deploying the Cisco Unified Network

– Enables an enterprise to deploy and enforce a common network security policy

– Consistent end-to-end policy enforcement as well as a highly effective threat detection and mitigation capability

– WLAN/LAN integrated and layered security protocol solution

05/30/2009

4

T-Bone & Tonic

Integration Points

05/30/2009

5

T-Bone & Tonic

Why use a Layered Approach?• 802.1x is the IEEE standard that provides the

layered approach• Initiate protection at layer 2 switches and layer 3

routers• Secure authentication of Wireless Access Points

with solid protocols such as WPA2-ENT with EAP-TLS

• Use a secure server to authenticate authorized users with Access Control Servers (Cisco, RADIUS)

• Educate users and administrators on properly securing the network

05/30/2009

6

T-Bone & Tonic

Why Cisco?

• Cisco is unique in occupying 3 industry spaces:– Core Wired Networking products– Wireless Communications– Network Security

05/30/2009

7

T-Bone & Tonic

The Cisco Unified Network

Cisco Unified Network is the marriage of the following 3 Cisco components:

• Cisco Secure Wireless Architecture• Cisco Campus Architecture• Cisco Branch Architecture

05/30/2009

8

T-Bone & Tonic

Cisco Secure Wireless Architecture

05/30/2009

9

T-Bone & Tonic

Cisco Secure Wireless Architecture• Cisco Unified Wireless Network• Cisco Security Agent (CSA)• Cisco Network Admission Control (NAC)

Appliance• Cisco Firewall• Cisco IPS• CS-MARS

05/30/2009

10

T-Bone & Tonic

CS-MARS

• Cisco Security Monitoring, Analysis, and Reporting• Hardened Linux server that monitors the network using

SNMP, SSH, Telnet, Layer 2 & 3 switches and routers• Gathers 15,000 events per second• Cisco ContextCorrelation – Cisco defined rules that

monitor for events• Provides visualizations of network topology and “hot-

spots”• Presents administrators with timely per-device

commands so that threats can be contained quickly• Identifies “chokepoint” devices that can be used to

isolate threats

05/30/2009

11

T-Bone & Tonic

CS-MARS Visualization

05/30/2009

12

T-Bone & Tonic

NAC – Network Access Control• 4 Main Capabilities

– Securely Identify Devices and Users– Enforce Consistent Policy– Quarantine and Remediate– Configure and Manage

• Access is controlled from all entry points to the network – LAN, WLAN, VPN, Internet, Guest

• Can be used to tier access levels• Be careful with quarantine policies, isolate as much

as possible• Uses Cisco Trust Agent and Cisco Security Agent to

verify “security posture”05/30/2009

13

T-Bone & Tonic

NAC - Overview

05/30/2009

14

T-Bone & Tonic

CTA & CSA

• Cisco Trust Agent Components– Network clients– Network Access Devices– ACS – Secure Access Control Server

• Provides Posture Token – Healthy, Infected, Unknown, etc.

– Posture Validation Servers – Third Party – Optional

• Cisco Security Agent– Installed on Network Clients– Limits network access until user and device is

validated– Provides access to remediation areas only

05/30/2009

15

T-Bone & Tonic

CSA – End User View

05/30/2009

16

T-Bone & Tonic

Cisco Campus Architecture

• Provision proper network access to:– Data Centers– Servers– User Devices

• Provide the necessary internal routing and switching capabilities

05/30/2009

17

T-Bone & Tonic

Campus - Illustrated

05/30/2009

18

T-Bone & Tonic

Cisco Branch Architecture

• Branch Architecture ties together the different infrastructure, application and computing resources across various organizational divisions and hierarchies.

05/30/2009

19

T-Bone & Tonic

Branch - Illustrated

05/30/2009

20