New Windows build with WLAN access

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "New Windows build with WLAN access"

Transcription

1 New Windows build with WLAN access SecRep May 2016 Ahmed Benallegue/Hassan El Ghouizy/Priyan Ariyansinghe ECMWF ECMWF May 19, 2016

2 Introduction Drivers for the new WLAN access Security challenges and how they were addressed The WLAN access for the new laptop build Wi-Fi authentication for the new laptop build 2

3 Drivers for the new WLAN access New desktop strategy One image for workstations and laptops provided by ECMWF Requirements for wireless LAN connectivity (WLAN) 3

4 Security challenges and how they were addressed Challenges Workstations do not move but laptops go everywhere and try to connect to any available Wifi Result: the new ECMWF standard build needs a strong protection Approach 1. The Server and Desktop section defined a standard build 2. The standard build was deployed on an ECMWF laptop 3. The laptop was provided to an external company for an assessment of the security configuration Lost/Stolen scenario Patch level assessment Account/User management Breakout and escalation 4

5 Security challenges and how they were addressed Results of the review Attention required 5 high risk issues 17 medium risk issues 15 low risk issues Action taken Work hand in hand with the Server and Desktop section All 5 high risk issues were addressed 9 medium risk issues addressed and 8 rejected Rejected = user awareness/will be addressed otherwise/reviewed in the future 5

6 The WLAN access for the new laptop build Business need New SSID for laptops in ECMWF domain, connected to the LAN Assumption: new standard build is secure Deployment 2 New VLANs for WLAN SSID Use of DHCP service on Infoblox DDI appliances 6

7 The WLAN access for the new laptop build Infrastructure Security Before Cisco 2 controllers ~30 APs Client connected to the DMZ PAP authentication for visitors EAP-TLS for staff Aerohive 1 management system ~50 APs Client connected to the DMZ PAP for external users EAP-TLS for staff Aerohive 1 management system ~80 APs User connected to DMZ / LAN MS CHAP auth EAP-TLS for DMZ access Laptop certificate & user auth for LAN access. Enhanced services Autonomous wireless network Easy to set up. Outdoor coverage. Eduroam network. WLAN 7

8 The WLAN access for the new laptop build 8

9 The WLAN access for the new laptop build New VLAN deployment: good opportunity to deploy a new DHCP service: Use Infoblox DHCP failover association Simply put, a failover association defines the relationship between a pair of DHCP servers. DHCPDISCOVER packet is received by DHCP servers but only one peer will respond to this request The default is a 50/50 split, so each peer will respond to requests on a (roughly) equal basis. 9

10 Wi-Fi authentication for the new laptop build Why wireless security is important? Wired networks: Can t intercept the signals down the wire. Controlled environment High security Wireless networks: Data transmitted by WLAN could be intercepted and viewed by an attacker. Unlicensed frequency bands 2.4 GHz and 5Ghz 10

11 Wi-Fi authentication for the new laptop build Why it s important get the security right for the ECSTAFF wireless network? ECMWF data/research data must be protected Only authorised Devices must be allowed Users don t care about the Security 11

12 Wi-Fi authentication for the new laptop build Challenges: Secure software, hardware Strong Encryption Access control Strong Authentication 12

13 Wi-Fi authentication for the new laptop build Secure software, hardware Client Side: Windows 7 SP1 + Windows WLAN controller Aerohive AP120/AP330/AP320/AP170 Server Side: FreeRADIUS Version 2.2.6, SLES SP3 NTLM Auth Kerberos Strong encryption WPA2, AES 13

14 Wi-Fi authentication for the new laptop build Access control Client Side Authorised Windows 7 Laptops (joined to the domain) Self signed Certificate (Computer level) 14

15 Wi-Fi authentication for the new laptop build Access control(contd.) Server Side Authorised Windows Laptops E.g: authorise { sql if (!ok) { reject } EAP and PEAP check: EAP-Type == PEAP Auth-Type == eap 15

16 Wi-Fi authentication for the new laptop build Access control(contd.) Server Side Authorised Access points E.g. client xxx.xxx.xxx.xxx/32 { secret = ****************** shortname = ah-ap-51-rec } 16

17 Wi-Fi authentication for the new laptop build Strong Authentication: EAP-TLS PEAP-MSCHAP EAP-TLS EAP-TLS Linux Platform Microsoft Platform (Freeradius) PEAP-MSCHAP (NPS) PEAP+MACHAP Linux Platform (Freeradius) Advantages: Advantages: Advantages: Advantages: PEAP+MACHAP Microsoft Platform (NPS) +Secure + Secure +Cross platforms +Easy to Manage +Cross platforms + Ease of Management + Trusted Devices + Trusted devices +Skills +Trusted devices + Defence in depth + Secure + Secure + Skills Disadvantages: Disadvantages: Disadvantages: Disadvantages: - Admin Overhead - No PKI in place - Less secure compared to TLS - Less secure compared to TLS - Certificate - Out of Control -Less involvement - No PKI in place management (PKI) - Untrusted devices - Doesn t support cross platform - Misconfiguration - Out of Control - Doesn t support cross platform 17

18 Wi-Fi authentication for the new laptop build 18

19 New Windows build with WLAN access Radius LOGS Thu Apr 7 09:38: : Auth: Login OK: [host/xxxxx.ad.ecmwf.int] (from client ah-ap-lan168-f3 port 0 via TLS tunnel) Thu Apr 7 09:46: : Auth: Login OK: [host/yyyyy.ad.ecmwf.int] (from client ah-ap-lan168-f3 port 0 via TLS tunnel) Thu Apr 7 09:47: : Auth: Login OK: [host/zzzzz.ad.ecmwf.int] (from client ah-ap-lan168-f3 port 0 via TLS tunnel) 19

20 New Windows build with WLAN access 20

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers

More information

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS)

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) HOME SUPPORT PRODUCT SUPPORT WIRELESS CISCO 4400 SERIES WIRELESS LAN

More information

Instructions for connecting to winthropsecure

Instructions for connecting to winthropsecure Instructions for connecting to winthropsecure Windows 7/8 Quick Connect Windows 7/8 Manual Wireless Set Up Windows 10 Quick Connect Windows 10 Wireless Set Up Apple Quick Connect Apple Settings Check Windows

More information

How to connect to Wi-Fi

How to connect to Wi-Fi 41 How to connect to Wi-Fi LSBU uses the eduroam service to connect Wi-Fi devices. Once you are set up you will automatically be connected whenever you are in range. Wireless Internet access is available

More information

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server Document ID: 112175 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Windows

More information

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc.

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc. A Division of Cisco Systems, Inc. Dual-Band 5 GHz 802.11a + GHz 2.4 802.11g WIRELESS Dual-Band Wireless A+G Notebook Adapter User Guide Model No. WPC55AG Copyright and Trademarks Specifications are subject

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter User Guide Model No. WUSB54G Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Prerequisites An activated MyID account is required to use ResNet s wireless network. If you have not activated your MyID account,

More information

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

802.1X: Deployment Experiences and Obstacles to Widespread Adoption 802.1X: Deployment Experiences and Obstacles to Widespread Adoption Terry Simons University of Utah; open1x.org Terry.Simons@utah.edu Jon Snyder Portland State University jon@pdx.edu 802.1X Adoption Ratified

More information

Campus Wi-Fi. Set up access to eduroam: the University Wi-Fi network

Campus Wi-Fi. Set up access to eduroam: the University Wi-Fi network Campus Wi-Fi Set up access to eduroam: the University Wi-Fi network Contents Before you get online... 2 Using eduroam... 3 Connect a phone/tablet... 3 Connect a PC/laptop... 4 Troubleshooting... 6 Help

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

Release Notes for Avaya WLAN 9100 Software Patch Release WLAN Release Notes

Release Notes for Avaya WLAN 9100 Software Patch Release WLAN Release Notes WLAN 9100 Release Notes Release Notes for Avaya WLAN 9100 Software Patch Release AP Operating System Rel 7.2.8 Wireless LAN Orchestration System Rel 7.4.2 Avaya Inc - External Distribution Avaya Inc -

More information

Network Security 1. Module 7 Configure Trust and Identity at Layer 2

Network Security 1. Module 7 Configure Trust and Identity at Layer 2 Network Security 1 Module 7 Configure Trust and Identity at Layer 2 1 Learning Objectives 7.1 Identity-Based Networking Services (IBNS) 7.2 Configuring 802.1x Port-Based Authentication 2 Module 7 Configure

More information

Exam Questions SY0-401

Exam Questions SY0-401 Exam Questions SY0-401 CompTIA Security+ Certification https://www.2passeasy.com/dumps/sy0-401/ 1. A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened

More information

VOCOM II. WLAN Instructions. VOCOM II Tough

VOCOM II. WLAN Instructions. VOCOM II Tough WLAN Instructions VOCOM II Tough 88894000 1 Please make sure the VOCOM II is connected to the computer via USB. Open the VOCOM II Configuration Application. Located under the START menu. The VOCOM II should

More information

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide Table of Contents INTRODUCTION... 4 DISCOVER AND PAIR GWN76XX ACCESS POINTS... 5 Discover GWN76xx... 5 Method 1: Discover

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

Configuring the Client Adapter

Configuring the Client Adapter CHAPTER 5 This chapter explains how to configure profile parameters. The following topics are covered in this chapter: Overview, page 5-2 Setting General Parameters, page 5-3 Setting Advanced Parameters,

More information

Internet access system through the Wireless Network of the University of Bologna (last update )

Internet access system through the Wireless Network of the University of Bologna (last update ) Internet access system through the Wireless Network of the University of Bologna (last update 7.03.2012) Printable service summary document: the updated version is available online at the following address

More information

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Best Practice Document Produced by the UNINETT-led Campus Networking working group Authors: Tom Myren (UNINETT), John-Egil

More information

Wireless LANs Designing, Deploying, Managing and Securing an Enterprise Wireless Network

Wireless LANs Designing, Deploying, Managing and Securing an Enterprise Wireless Network Wireless LANs Designing, Deploying, Managing and Securing an Enterprise Wireless Network Oisin Mac Alasdair IT Program Manager Wireless Strategy and Architecture Intelligent Network Solutions 1 Agenda

More information

802.1x. ACSAC 2002 Las Vegas

802.1x. ACSAC 2002 Las Vegas 802.1x ACSAC 2002 Las Vegas Jeff.Hayes@alcatel.com 802.1 Projects The IEEE 802.1 Working Group is chartered to concern itself with and develop standards and recommended practices in the following areas:

More information

Configuring the Client Adapter through the Windows XP Operating System

Configuring the Client Adapter through the Windows XP Operating System APPENDIX E Configuring the Client Adapter through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in

More information

Release Notes for Avaya WLAN 9100 Access Point Operating System (AOS) Release

Release Notes for Avaya WLAN 9100 Access Point Operating System (AOS) Release WLAN 9100 Release Notes Release Notes for Avaya WLAN 9100 Access Point Operating System (AOS) Release 8.4.3-7312 Avaya Inc - External Distribution PRODUCT: Avaya WLAN 9100 Access Point Operating System

More information

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003 PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003 Document ID: 72013 Contents Introduction Prerequisites Requirements Components Used Network Diagram Conventions Windows Enterprise

More information

Configuring FlexConnect Groups

Configuring FlexConnect Groups Information About FlexConnect Groups, page 1, page 3 Configuring VLAN-ACL Mapping on FlexConnect Groups, page 8 Information About FlexConnect Groups To organize and manage your FlexConnect access points,

More information

SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION. Table of Contents

SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION. Table of Contents SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION Table of Contents 1. Introduction...2 1.1 System Requirement...2 1.2 Objects Counting...2 2. Installation...2 2.1 Install Wireless PCI Adapter...3 2.2 Install

More information

eduroam Web Interface User Guide

eduroam Web Interface User Guide eduroam Web Interface User Guide Contents Introduction 3 Login Page 3 Main Page 4 Managing your Radius Servers 5 Managing your Realms 8 Managing the Test Users 10 Managing the Access Points 12 Information

More information

LAB: Configuring LEAP. Learning Objectives

LAB: Configuring LEAP. Learning Objectives LAB: Configuring LEAP Learning Objectives Configure Cisco ACS Radius server Configure a WLAN to use the 802.1X security protocol and LEAP Authenticate with an access point using 802.1X security and LEAP

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

WLAN Connection Manual SPP-R410. Mobile Printer Rev

WLAN Connection Manual SPP-R410. Mobile Printer Rev WLAN Connection Manual SPP-R410 Mobile Printer Rev. 1.00 http://www.bixolon.com Table of Contents 1. Manual Information... 3 2. Precautions... 3 3. How to Connect... 4 3-1 Android Soft AP mode... 6 3-2

More information

Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3

Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3 Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3 Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Configuration Declare RADIUS Server on WLC Create

More information

Configuring OfficeExtend Access Points

Configuring OfficeExtend Access Points Information About OfficeExtend Access Points, page 1 OEAP 600 Series Access Points, page 2 OEAP in Local Mode, page 3 Supported WLAN Settings for 600 Series OfficeExtend Access Point, page 3 WLAN Security

More information

Unified Services Routers

Unified Services Routers Product Highlights Comprehensive Management Solution Active-Active WAN port features such as auto WAN failover and load balancing, ICSA-certified firewall, and D-Link Green Technology make this a reliable,

More information

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. PCI Adapter WIRELESS. with SpeedBooster WMP54GS (EU/UK/LA) Model No.

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. PCI Adapter WIRELESS. with SpeedBooster WMP54GS (EU/UK/LA) Model No. A Division of Cisco Systems, Inc. GHz 2,4 802.11g WIRELESS Wireless-G PCI Adapter with SpeedBooster User Guide Model No. WMP54GS (EU/UK/LA) Copyright and Trademarks Specifications are subject to change

More information

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions MERUNETWORKS.COM February 2013 1. OVERVIEW... 3 2. AUTHENTICATION AND ACCOUNTING... 4 3. 802.1X, CAPTIVE PORTAL AND MAC-FILTERING...

More information

Configuring Funk Odyssey Software, Avaya AP-3 Access Point, and Avaya

Configuring Funk Odyssey Software, Avaya AP-3 Access Point, and Avaya Configuring Funk Odyssey Software, Avaya AP-3 Access Point, and Avaya 802.11a/b Wireless Client for User Authentication (802.1x) and Data Encryption - Issue 1.0 Abstract These Application Notes describe

More information

Wireless-N Business Notebook Adapter

Wireless-N Business Notebook Adapter Wireless-N Business Notebook Adapter USER GUIDE BUSINESS SERIES Model No. WPC4400N Model Model No. No. Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered

More information

Configuring Cipher Suites and WEP

Configuring Cipher Suites and WEP 10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast

More information

300M Wireless-N Mini USB Adapter

300M Wireless-N Mini USB Adapter Model No. ib-wua300nm Ver.: 1.0.0 FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed

More information

ilight/gigapop eduroam Discussion Campus Network Engineering

ilight/gigapop eduroam Discussion Campus Network Engineering ilight/gigapop eduroam Discussion Campus Network Engineering By: James W. Dickerson Jr. May 10, 2017 What is eduroam?» eduroam (education roaming) is an international roaming service for users in research,

More information

Wireless LAN Controller Web Authentication Configuration Example

Wireless LAN Controller Web Authentication Configuration Example Wireless LAN Controller Web Authentication Configuration Example Document ID: 69340 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Web Authentication Process

More information

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide CUA-854 Wireless-G Long Range USB Adapter with Antenna User s Guide Table of Contents Chapter 1. Introduction...5 1.1. About CUA-854...5 1.2. Key Features...5 1.3. Package Included...5 Chapter 2. Connect

More information

Configure 802.1x - PEAP with FreeRadius and WLC 8.3

Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Install httpd Server and MariaDB Install PHP 7 on CentOS 7

More information

Edith Cowan University Information Technology Services Centre

Edith Cowan University Information Technology Services Centre Information There are three wireless networks on campus which give you access to the ECU website, the staff intranet, the internet and other ECU resources: ECU This is the easiest to use and safest wireless

More information

Wireless-G USB Network Adapter with Wi-Fi Finder

Wireless-G USB Network Adapter with Wi-Fi Finder USER GUIDE Wireless-G USB Network Adapter with Wi-Fi Finder Model: WUSBF54G About This Guide About This Guide Icon Descriptions While reading through the User Guide you may see various icons that call

More information

802.1x Port Based Authentication

802.1x Port Based Authentication 802.1x Port Based Authentication Johan Loos Johan at accessdenied.be Who? Independent Information Security Consultant and Trainer Vulnerability Management and Assessment Wireless Security Next-Generation

More information

Rhodes University Wireless Network

Rhodes University Wireless Network Rhodes University Wireless Network Like many organisations, Rhodes aims to secure its wireless network against unauthorised use. This document explains how this is achieved. Network Overview The University

More information

Configuring WPA2 for Windows XP

Configuring WPA2 for Windows XP Configuring WPA2 for Windows XP Requirements for wireless using WPA2 on Windows XP Your wireless card must support 802.1x, AES, and WPA2. Your computer must have Windows XP service pack 2 installed and

More information

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask Network Requirements, page 1 Wireless LAN, page 2 Wi-Fi Network Components, page 3 802.11 Standards for WLAN Communications, page 6 Security for Communications in WLANs, page 9 WLANs and Roaming, page

More information

GWN7600/GWN7600LR Firmware Release Note

GWN7600/GWN7600LR Firmware Release Note GWN7600/GWN7600LR Firmware Release Note Table of Content FIRMWARE VERSION 1.0.4.12... 2 PRODUCT NAME... 2 DATE... 2 ENHANCEMENT... 2 BUG FIX... 2 KNOWN ISSUE... 3 NEW FEATURE OVERVIEW... 3 FIRMWARE VERSION

More information

Using the Cisco Unified Wireless IP Phone 7921G Web Pages

Using the Cisco Unified Wireless IP Phone 7921G Web Pages CHAPTER 4 Using the Cisco Unified Wireless IP Phone 7921G Web Pages You can use the Cisco Unified Wireless IP Phone 7921G web pages to set up and configure settings for the phone. This chapter describes

More information

Securewireless Windows 7 Setup Guide

Securewireless Windows 7 Setup Guide Securewireless Windows 7 Setup Guide 1. Click on the wireless icon in the lower right-hand corner of the taskbar and then click on Open Network and Sharing Center. 2. From the Network and Sharing Center

More information

TITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF:

TITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF: CASE STUDY Ruckus Enrollment System (ES) software is a security and policy management platform that enables IT to easily and definitively secure the network, secure users and secure wired and wireless

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

Introduction to eduroam

Introduction to eduroam Introduction to eduroam eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Poll Brief History eduroam initiative

More information

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide The Cisco Structured Wireless-Aware Network (SWAN) provides the framework to integrate and extend wired and wireless networks to deliver

More information

Building a Secure Wireless Network. Use i and WPA to Protect the Channel and Authenticate Users. May, 2007

Building a Secure Wireless Network. Use i and WPA to Protect the Channel and Authenticate Users. May, 2007 Agenda: Securing Wireless Networks Building a Secure Wireless Network Joel M Snyder Senior Partner Opus One jms@opus1.com Using encryption and authentication Handling unauthenticated users Managing RF

More information

ISE Primer.

ISE Primer. ISE Primer www.ine.com Course Overview Designed to give CCIE Security candidates an intro to ISE and some of it s features. Not intended to be a complete ISE course. Some topics are not discussed. Provides

More information

Securing Wireless LANs with Certificate Services

Securing Wireless LANs with Certificate Services 1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the

More information

Network Access Flows APPENDIXB

Network Access Flows APPENDIXB APPENDIXB This appendix describes the authentication flows in Cisco Identity Services Engine (ISE) by using RADIUS-based Extensible Authentication Protocol (EAP) and non-eap protocols. Authentication verifies

More information

Simple, full featured and budgetary deployment of single AP or distributed APs Hot-Spot for small scale projects.

Simple, full featured and budgetary deployment of single AP or distributed APs Hot-Spot for small scale projects. Colubris Wireless Hot-Spot solution for small and medium scale deployments 1. Definitions, goals, and objectives Simple, full featured and budgetary deployment of single AP or distributed APs Hot-Spot

More information

Configuring Settings on the Cisco Unified Wireless IP Phone

Configuring Settings on the Cisco Unified Wireless IP Phone CHAPTER 5 Configuring Settings on the Cisco Unified Wireless IP Phone The Settings menu on the Cisco Unified Wireless IP Phone 7921G provides access to view and change network profile settings and several

More information

The Launch GDS can be updated via a wireless internet connection as well as by USB or cat5 cable.

The Launch GDS can be updated via a wireless internet connection as well as by USB or cat5 cable. LAUNCH Wifi Setup Procedure The Launch GDS can be updated via a wireless internet connection as well as by USB or cat5 cable. If you are in a wifi hotspot or have an open network available simply choose

More information

DEPLOYING BASIC CISCO WIRELESS LANS (WDBWL)

DEPLOYING BASIC CISCO WIRELESS LANS (WDBWL) [Type a quote from the document or the summary of an interesting point. You can position the text box anywhere in the document. Use the Drawing Tools tab to change the formatting of the pull quote text

More information

Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients

Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients Document ID: 64067 Contents Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Service Installation

More information

What Is Wireless Setup

What Is Wireless Setup What Is Wireless Setup Wireless Setup provides an easy way to set up wireless flows for 802.1x, guest, and BYOD. It also provides workflows to configure and customize each portal for guest and BYOD, where

More information

TL-WN353GD 54M Wireless PCI Adapter

TL-WN353GD 54M Wireless PCI Adapter TL-WN353GD 54M Wireless PCI Adapter Rev: 1.0.1 1910010046 COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other brands

More information

Grandstream Networks, Inc. Captive Portal Authentication via RADIUS

Grandstream Networks, Inc. Captive Portal Authentication via RADIUS Grandstream Networks, Inc. Table of Content SUPPORTED DEVICES... 4 INTRODUCTION... 5 SYSTEM OVERVIEW... 6 CAPTIVE PORTAL SETTINGS... 7 Policy Configuration Page... 7 Landing Page Redirection... 9 Pre-Authentication

More information

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author:

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Klaas Wierenga SURFnet bv P.O. Box 19035 3501 DA Utrecht The Netherlands e-mail: Klaas.Wierenga@SURFnet.nl Keywords:

More information

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples Part Number: 5200-1385 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document

More information

Configuring 802.1X Authentication Client for Windows 8

Configuring 802.1X Authentication Client for Windows 8 Configuring 802.1X Authentication Client for Windows 8 1. At the Metro Screen, press the windows key on your keyboard together with the alphabets x to go to the Control Panel. Page 1 1.1 In the Control

More information

WDT3250 RF Setup Guide

WDT3250 RF Setup Guide WDT3250 RF Setup Guide 2008 Wasp Technologies Table of Contents Overview...1 Using the Summit Client Utility Software...2 Main Window...2 Profile Window...3 Status Window...5 Diags Window...6 Global Window...6

More information

IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT

IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT Hüseyin ÇOTUK Information Technologies hcotuk@etu.edu.tr Ahmet ÖMERCİOĞLU Information Technologies omercioglu@etu.edu.tr Nurettin ERGİNÖZ Master Student

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

Cisco Meraki. Spectralink VIEW Certified Configuration Guide Spectralink VIEW Certified Configuration Guide Cisco Meraki Meraki Cloud-Controlled APs MR26, MR30H, MR32, MR33, MR34, MR42, MR52, MR53, MR72, MR74, MR84 721-1013-000 Rev: A August 2017 Copyright Notice

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

Wired Dot1x Version 1.05 Configuration Guide

Wired Dot1x Version 1.05 Configuration Guide Wired Dot1x Version 1.05 Configuration Guide Document ID: 64068 Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Services Installation Install the Microsoft Certificate

More information

Software Manual Net Configuration Tool Rev. 4.05

Software Manual Net Configuration Tool Rev. 4.05 Software Manual Net Configuration Tool Rev. 4.05 http://www.bixolon.com Introduction 1. About this manual... 3 2. Supported Operating Systems... 3 3. Supported Printers... 4 4. Before Startup... 5 5. Installation

More information

Configuring 802.1X Settings on the WAP351

Configuring 802.1X Settings on the WAP351 Article ID: 5078 Configuring 802.1X Settings on the WAP351 Objective IEEE 802.1X authentication allows the WAP device to gain access to a secured wired network. You can configure the WAP device as an 802.1X

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 10 Authenticating Users Learning Objectives Explain why authentication is a critical aspect of network security Explain

More information

Connecting to the Eduroam WiFi

Connecting to the Eduroam WiFi Connecting to the Eduroam WiFi The following guide illustrates the steps required to configure a Windows XP installation and internet browser ready for Eduroam use. Instructions for other versions of the

More information

Activity Configuring and Securing a Wireless LAN in Packet Tracer

Activity Configuring and Securing a Wireless LAN in Packet Tracer Activity Configuring and Securing a Wireless LAN in Packet Tracer Objectives: 1. Configure a Wireless Access Point (WAP) local IP address. 2. Configure a WAP with an SSID. 3. Change the administrator s

More information

From wired internet to ubiquitous wireless internet

From wired internet to ubiquitous wireless internet WlanSmartcard.org Technical Committee Wireless LAN A primer guide. Paris, February 5 th Pascal.Urien@enst.fr From wired internet to ubiquitous wireless internet 1 Classical intranet. Network access is

More information

Architecting Network for Branch Offices with Cisco Unified Wireless

Architecting Network for Branch Offices with Cisco Unified Wireless Architecting Network for Branch Offices with Cisco Unified Wireless Karan Sheth - Sr. Technical Marketing Engineer Objective Design & Deploy Branch Network That Increases Business Resiliency 2 Agenda Learn

More information

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD. V100R002C10 Permission Control Technical White Paper Issue 01 Date 2016-04-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form

More information

CertifyMe. CertifyMe

CertifyMe. CertifyMe CertifyMe Number: 642-681 Passing Score: 800 Time Limit: 120 min File Version: 8.5 http://www.gratisexam.com/ CertifyMe 642-681 Exam A QUESTION 1 Select two activities that form part of the wireless migration

More information

Configuring a Wireless LAN Connection

Configuring a Wireless LAN Connection CHAPTER 9 The Cisco Secure Router 520 Series routers support a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and flexibility with the enterprise-class features required

More information

Cisco Systems, Inc. Aironet Access Point

Cisco Systems, Inc. Aironet Access Point RSA SecurID Ready Implementation Guide Partner Information Last Modified: November 18, 2013 Product Information Partner Name Web Site Product Name Version & Platform Product Description Cisco Systems,

More information

Introduction to Technology

Introduction to Technology Introduction to 802.11 Technology Suebpong Nitichai Email: sniticha@cisco.com 1 IEEE 802.11 Family Technology Overview IEEE 802.11 Standard define : A Physical layer Radio Frequencies, Data Modulation,

More information

INTEROPERABILITY REPORT Ascom Myco Aerohive Networks, AP130, 230, 250, 330, 350,

INTEROPERABILITY REPORT Ascom Myco Aerohive Networks, AP130, 230, 250, 330, 350, [ ] INTEROPERABILITY REPORT Ascom Myco Aerohive Networks, AP130, 230, 250, 330, 350, HiveOS version 6.8r3 (Ap 130/230 6.8.r1, AP330/350-6.541, AP 250 7.0r1) Ascom Myco version 5.5.0 Ascom, Gothenburg August

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

Advanced Security and Mobile Networks

Advanced Security and Mobile Networks Advanced Security and Mobile Networks W.Buchanan (1) 9. GSM/3G Unit 7: Mobile Networks. Wireless. Security. Mobile IP. Mobile Agents. Spread spectrum. Military/Emergency Networks 8. Ad-hoc 7. Mobile Networks

More information

Verify Radius Server Connectivity with Test AAA Radius Command

Verify Radius Server Connectivity with Test AAA Radius Command Verify Connectivity with Test AAA Radius Command Contents Introduction Prerequisites Requirements Components Used Background Information How The Feature Works Command Syntax Scenario 1. Passed Authentication

More information

Configuring the WMIC for the First Time

Configuring the WMIC for the First Time Configuring the WMIC for the First Time This document describes how to configure basic settings on a Cisco Wireless Mobile Interface Card (WMIC) for the first time. Before You Start Before you install

More information

U S E R M A N U A L b/g PC CARD

U S E R M A N U A L b/g PC CARD U S E R M A N U A L 802.11b/g PC CARD Table of Content CHAPTER 1 INTRODUCTION... 1 1.1 WIRELESS LAN FEATURE FUNCTIONS... 1 1.2 REGULATORY NOTICE... 1 1.2.1 FCC Class B Statement...1 1.2.2 Canadian Regulatory

More information

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points)

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points) Product Name: Manufacturer: - Model Number: 901-1106-UK00 Please Note: The Ruckus ZoneDirector 1106 has been discontinued. For an alternative, we recommend the Ruckus ZoneDirector 1205. Ruckus ZoneDirector

More information

EVR b/g/n VPN Router PRODUCT DESCRIPTION

EVR b/g/n VPN Router PRODUCT DESCRIPTION 802.11b/g/n VPN Router 2.4GHz 300Mbps Gigabit 11N VPN PRODUCT DESCRIPTION is a 2T2R Wireless 11N Gigabit VPN Router that delivers up to 6x faster speeds and 3x extended coverage than 802.11g devices. supports

More information