1 / 11

Real world application

Real world application. Corporate Wireless Networking Andrew Yeomans DrKW & Jericho Forum Board. Corporate laptops Use 802.11i (WPA2) Secure authenticated connection to LAN Device + user credentials Simple?. Servers. LAN. AD. Radius. Corporate. Secure wireless connection to LAN.

Download Presentation

Real world application

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Real world application • Corporate Wireless Networking • Andrew YeomansDrKW & Jericho Forum Board

  2. Corporate laptops Use 802.11i (WPA2) Secure authenticated connection to LAN Device + user credentials Simple? Servers LAN AD Radius Corporate Secure wireless connection to LAN

  3. But also… Audio-visual controllers Wi-Fi phones Servers LAN AD Radius Corporate AV Not just laptops

  4. Blinkenlights? • Play <Pong> with mobile phone! Photo: Dorit Günter, Nadja Hannaske

  5. Servers Internet LAN AD Radius Secure Insecure Guest Corporate AV Guest internet access too • Mixed traffic • Trusted or untrusted? • How segregated?

  6. VPN Servers 7491 7491 Internet LAN AD Radius Secure Costbucks coffee Insecure Guest Corporate AV Laptops also used at home or in café

  7. Security complexity • Need location awareness • 802.11i if corporate wireless link • VPN if not corporate • Still not perfect security, insecure connections needed to set up café/home connections • Security on direct connections too

  8. Servers Internet LAN AD QoS gate USB USB USB Secure application protocols Common authentication Inter-network roaming Costbucks coffee Guest Corporate AV Jericho visions

  9. VPN Servers 7491 7491 Internet LAN AD Radius Secure Costbucks coffee Insecure Guest Corporate AV Today’s complexity

  10. Challenges to the industry • Companies should regard wireless security on the air-interface as a stop-gap measure until inherently secure protocols are widely available • The use of 802.1x integration to corporate authentication mechanisms should be the out-of the box default for all Wi-Fi infrastructure • Companies should adopt an “any-IP address, anytime, anywhere” (what Europeans refer to as a “Martini-model”) approach to remote and wireless connectivity. • Provision of full roaming mobility solutions that allow seamless transition between connection providers

  11. Paper available from the Jericho Forum • The Jericho Forum Position Paper “Wireless in a de-perimeterised world” is freely available from the Jericho Forum website http://www.jerichoforum.org

More Related