CWNA Summary Notes: 802.11 Network Security Architecture

Posted on Updated on


Components of a Secure Network

Required components when securing a network are:

Data Privacy and Integrity

Access to Wireless medium is unrestricted hence the use of cipher encryption technologies is needed for proper data privacy.

A cipher is an algorithm that is used to perform encryption:

  • RC4 algorithm ( Ron’s Code / Rivest Cipher)
    • It encrypts data in a continuous stream (streaming cipher)
    • Used in technologies used to protect Internet traffic eg SSL (Secure Socket Layer)
    • Incorporated into 2 legacy encryption methods: WEP and TKIP
  • Advanced Encryption Standard Algorithm (AES) / Rijndael Algorithm
    • Encrypts data in fixed blocks
    • Much stronger than RC4
    • Uses Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) encryption method
    • Encryption key strength options are 128, 192 or 256 bits.

To ensure that the data has not been tampered the encryption menthods use data Integrity Checks.

  • WEP uses Integrity Check Value ( ICV)
  • TKIP – Message Integrity Check (MIC)
  • CCMP – Message Integrity Check (MIC) but stronger than for TKIP

Authentication, Authorization and Accounting (AAA)

Defines the protection of network resources.

Authentication

  • Refers to the verification of Identity and credentials
  • Multifactor authentication is more secure and requires the use of at least 2 different types of credentials

Authorization

  • Determines whether or not a devices is authorized to access network resources
  • Only happens after successful authentication

Accounting

  • Helps to track the use of network resources by users and devices

Segmentation

  • This is the separation of user traffic within the network
  • Achieved by the use of VLANs and Identity based mechanisms (firewalls, VPNS, routers)

Monitoring

Wireless Intrusion Detection Systems (wIDS) can be used to monitor. It protects against possible attacks.

Policy

This is needed to cement all the above components. It protects against possible attacks.

References:

  1. CWNA Certified Wireless Network Administrator Study Guide by David D. Coleman and David A. Westcott.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s