Week 3 Details

0 comments

Discussion – Due Feb/18

Prior to beginning work on this discussion, read the Five Steps to Securing Your Wireless LAN and Preventing Wireless Threats (Links to an external site.) and Network Design Manual: Designing and Building the Best Small Office Network From the Ground Up (Links to an external site.) online articles, and review any relevant information in this week’s lecture.

The president of your company would like to deploy a wireless networking solution at the company’s headquarters to help improve productivity. He understands the benefits of wireless networking, but he has reservations due to the potential security risks. He reaches out to you, the company’s knowledgeable networking administrator, for advice. In your initial post, explain the different types of wireless security options, including the protocols and encryption levels necessary. Provide an evaluation of the security differences between the security options. Explain any risks or other technical considerations of which the president should be aware. Propose a wireless solution for the company, supporting your recommendations with evidence from the readings.

Your initial post should be a minimum of 300 words.

Assignment – Due Feb/22



Components and Topologies of a Client/Server Network

Prior to beginning work on this assignment read Chapters 4 and 5 in the text book as well as the Breeding online resource (Links to an external site.), and review any relevant information in this week’s lecture.

For this assignment you will take on the role of an interviewee for an IT network admin position. As part of the interview process, you are provided with the following scenario and tasks to complete.

A group of four friends has been working out of a garage with a unique business model that has caught the eye of a venture capitalist. They are now ready to expand into a more appropriate two story building and hire more employees. You have been hired as a consultant by the group to explain their network needs based on their expanding business partners and customers. Apply standard principles of design to implement a plan to build them a network to keep them connected internally. The company will start off with 25 employees and will need plenty of room for growth. The network will require the following six elements.

  • Network to support data, voice, power, and video
  • LAN and WLAN with latest encryption and security protocols
  • Local file and printing services
  • Access to a cloud vendor for applications and data storage capabilities
  • Workstations will be a mix of Windows and Macs
  • Servers will be a mix of Windows and Linux

Research a minimum of two professional sources on this topic. (Access the MISM Credible Resource Guide for assistance with finding appropriate credible professional resources.) As part of your process, you will evaluate the given requirements. Apply your network technical knowledge to the project explain the network topology that best fits the scenario. You will create a high level network diagram to show the layout of the specified requirements. Beneath your diagram provide a written discussion of the network diagram explaining your logic and thought process for the design. Explain how your choices will help your client’s business efficiency and growth. Support your statements with evidence from the required resources and at least two additional professional sources.

Weekly Lecture :



Week Three Lecture

This week’s lecture will describe the development of WiFi and the security standards that support it today. The security standard for wireless LANs is the 802.11 core security standard. The 802.11 core security standards provide protection between the wireless access point and the wireless host. This protection includes confidentiality, authentication, and message integrity. So, drive-by hackers cannot intercept traffic to read it or send their own messages through the access point.

However, this protection only extends between the wireless access point and the wireless host. It does not provide end-to-end protection between the wireless client host and the server host on the wired LAN (or the server host on the Internet). From this you can see that the 802.11 core security standard has a very limited objective. So what, then, is the solution?

When the 802.11 Working Group created its first standards in 1997, it only included a very basic core security standard called wired equivalent privacy (WEP). However, it was a rather weak security standard. With WEP, everyone sharing an access point had to use the same security key, and WEP had no automated mechanism for changing this key. In nearly all cases, a firm with many access points and users, usually gave all access points the same WEP key. Everybody in the firm knew the WEP key, so many employees thought it was not really secret and often were willing to share the key with unauthorized users.

In addition, because there was no automated way to change all of the access point keys when an employee left or was terminated, companies continued to use the same key even when there were clear security threats. Also, WEP had several other serious design problems. By 2001, software that would crack WEP keys quickly was readily available for download. Initially, cracking a WEP key with one of these programs took one or two hours. Today, it often takes only about 10 minutes. So as you can imagine, it’s not a good security option, and if one is using WEP on their home wi-fi network, it’s strongly recommended that it be changed to a more secure standard.

Using a weak core security protocol is a terrible security policy. So, because WEP was unsecure, many companies began putting the brakes on WLAN implementations, and some even pulled out their wireless access points altogether. Additionally, despite the known problems with WEP, some companies continued to use it long after better 802.11 core security standards became available. In today’s environment, even though some of today’s access points continue to offer WEP as a security option only the newer security protocols should be used as they provide better security options.

There’s an important technology body called the Wi-Fi Alliance. It is an industry trade group that certifies 802.11 products for inter-operability. Normally, the Wi-Fi Alliance leaves standards creation to the 802.11 Working Group. However, when WEP’s fatal flaws were discovered in 2000 and 2001, the market for wireless products began to falter. Furthermore, a new security standard, called 802.11i security standard, was being developed by the 802.11 Working Group, but that was going to take years to be ratified. Until 802.11i could be developed, the Wi-Fi Alliance created an interim security standard called Wireless Protected Access (WPA) as a stop-gap measure, based on an early draft of the 802.11i core security standard (WiFi Alliance, n.d.). So in order for WPA to be used with older wireless access points, the Wi-Fi Alliance watered down the 802.11i draft standard, using weaker security protocols. It announced this standard in 2002 and began certifying products for compliance in early 2003. Despite its weaknesses, WPA was much stronger than WEP, so companies began to use it.

Then in 2004, the 802.11 Working Group finally ratified the 802.11i standard. Most important, the 802.11i standard uses extremely strong AES-CCMP encryption. AES stands for Advanced Encryption Standard, and CCMP stands for Cipher Code Mac Protocol. The beauty of AES-CCMP is that it has 128-bit keys, which is a strong encryption, and it also has a key management method for automatically changing keys (Microsoft, n.d.). Remember that these two issues were limitations with WEP. Not to confuse you, but the Wi-Fi Alliance also refers to the 802.11i standard as WPA2, two different terms that generally mean the same thing.

However, before 802.11i appeared, most companies had already implemented WPA on their access points and wireless hosts. Reconfiguring all of these devices to work with 802.11i can be expensive, and until there were known security vulnerabilities for WPA, many companies were reluctant to make this investment. However, this changed in 2009, when a partial vulnerability was identified in WPA. Companies that care strongly about WLAN security have transitioned to or are moving rapidly to 802.11i.

References

HGT. (n.d.). The difference between WEP, WPA, and WPA2 wireless encryption (and why it matters) (Links to an external site.). Retrieved from http://www.howtogeek.com/167783/htg-explains-the-d…

Microsoft. (n.d.). AES-CCMP (Links to an external site.). Retrieved from https://msdn.microsoft.com/en-us/library/windows/h…

WiFi Alliance. (n.d.). Who we are (Links to an external site.). Retrieved from http://www.wi-fi.org/who-we-are

About the Author

Follow me


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}