This course is designed for experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the measures that must be employed to prevent them from doing so.
This course is appropriate for:
- Systems and Network Administrators.
- Systems and Network Engineers.
- Systems and Network Analysts.
- Technical Support Staff.
- Implementation Engineers.
- IT Security Professionals.
- Technical Consultants.
- Network Architects.
Delegates should have acquired the CWNA certification prior to attending this course.
5 days. Hands on.
This course is available on site only. Please call for details.
On completing this course, delegates will be able to:
- Understand in-depth the vulnerabilities inherent in 802.11 wireless networks.
- Demonstrate the risks of Packet Analysis and MAC address Spoofing.
- Demonstrate the dangers of Rogue Hardware and Default Settings for WLAN equipment.
- Demonstrate the effects of RF Jamming and Data Flooding, and describe how to counter these threats.
- Demonstrate the susceptibility of wireless-enabled laptops to Peer attacks and corporate Information Theft.
- Demonstrate the risks posed by Wireless Hijacking and Denial of Service (DoS) attacks.
- Analyse 802.11 network operation using industry-leading protocol analysis tools.
- Employ WEP effectively in situations for which WEP is appropriate.
- Use EAP - Cisco Wireless (LEAP) for secure wireless networking.
- Upgrade current WLAN products and configure them to use Wi-Fi Protected Access (WPA) correctly.
- Employ 802.1x with EAP-TLS, EAP-TTLS or Protected EAP (PEAP) for secure, mutual authentication.
- Employ Cisco LEAP and 802.1x/EAP for secure Wireless bridge links.
- Employ VPN technologies for layered security in Wireless bridge links.
- Design and configure Access Point-based VPNs using PPTP, IPSec, VPN Pass-through and VPN Hopping.
- Configure and demonstrate VPN roaming across access points.
- Configure and demonstrate SSH2 Tunneling and Local Port Redirection for secure access to systems, applications and services.
- Employ Scalable Wireless VPN solutions using Industry-leading Layer 2 encryption gateways and the Advanced Encryption Standard (AES).
- Design and implement Layered Wireless Security using Enterprise Wireless Gateways from Bluesocket and Vernier Networks.
- Design and write Wireless Security Policy into the Coprorate IT Security Policy.
- Incorporate a diverse range of advanced, vendor-neutral security solutions into corporate wireless networks.
Assets to protect.
Threats to protect against.
Basic security measures.
Threat Analysis and Hacking Methodology
Malicious data insertion.
Denial of Service (DoS).
Rudimentary Security Measures
Intermediate Security Measures
Wireless segment configuration.
Advanced Security Measures
Wireless security policy.
Authentication and encryption.
Wireless DMZ and VLANs.
Traffic pattern analysis.
Wireless LAN Auditing Tools
Network management and control.
Wireless protocol analyzers.
Antennas and WLAN equipment.
OS fingerprinting and port scanning.
Network discovery and management.
RF Jamming and Data flooding tools.
Hardware and Software Solutions
RADIUS with AAA Support.
Static and Dynamic WEP and TKIP.
Extensible Authentication Protocol (EAP).
MobileIP VPN Solutions.
Enterprise Wireless Gateways.
Switches, VLANs, and Hubs.
SSH2 Tunneling and Port Redirection.
Thin Client Solutions.
Prevention and Countermeasures
US Federal and state laws.
Implementation and Management
Design and implementation.
Equipment configuration and placement.
Interoperability and layering.
All attendees receive hands on practical experience configuring, testing and implementing a wide variety of Layer 2, and Layer 3 and Layer 7 wireless security solutions using hardware and software from the following vendors: AirMagnet, AirDefense, BlueSocket, Colubris Networks, Cisco Systems, Fortress Technologies, Intermec, Funk Software, Microsoft, Proxim, Orinoco, Symbol Technologies, TamoSoft, Zoom Telephonics, SafeNet, SnapGear, System Tools, Van Dyke Software, WildPackets, IPSwitch, Young Design.