You are previewing Cisco Wireless LAN Security.
O'Reilly logo
Cisco Wireless LAN Security

Book Description

Expert guidance for securing your 802.11 networks

  • Learn best practices for securely managing, operating, and scaling WLANs

  • Comprehend the security-related technological underpinnings of WLANs

  • Explore new security protocols in 802.11i and WPA and learn how they prevent attacks

  • Review centralized deployment models for wired/wireless integration

  • Deepen your knowledge of defense by understanding the tools that attackers use to perform reconnaissance and to attack authentication and encryption mechanisms

  • Understand how to design secure WLANs to support enterprise applications with the new standards and practices detailed in this book

  • Reference the next generation authentication standards and protocols

  • Find out about mobility, hotspots, and campus wireless networks

  • Grasp Open Authentication, MAC-based authentication, shared key authentication, EAP authentication protocols, WEP, WPA, and 802.11i

  • Cisco Wireless LAN Security is an in-depth guide to wireless LAN technology and security, introducing the key aspects of 802.11 security by illustrating major wireless LAN (WLAN) standards that can protect the entire network. Because a WLAN is less effective as an isolated piece of the network, this book emphasizes how to effectively integrate WLAN devices into the wired network while maintaining maximum security.

    Cisco Wireless LAN Security covers the spectrum of WLAN security, including protocols and specifications, vulnerabilities and threats, and, especially, deployment patterns and design guidelines. With a unique combination of theory and practice, this book addresses fundamental wireless concepts, such as WEP, and innovations, such as EAP, switching, and management. Each chapter includes detailed illustrations, checklists, design templates, and other resources. You will also find generic wireless deployment patterns based on real-world customer installations and functional examples of architecture, design, and best practices.

    Whether you currently design, configure, implement, and maintain WLANs or simply want to explore wireless security issues, Cisco Wireless LAN Security has everything you need to understand how to create a seamlessly secure, impenetrable 802.11 network.

    This book is part of the Networking Technology Series from Cisco Press┬┐ which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

    Table of Contents

    1. Copyright
    2. About the Authors
    3. Acknowledgments
    4. Icons Used in This Book
    5. Introduction
    6. Securing WLANs Overview
      1. WLAN: A Perspective
      2. Wireless LAN Components and Terminology
      3. WLAN Standards
      4. WLAN Security
      5. WLAN Security Domain Conceptual Model
      6. Navigating this Book and Chapter Contexts
      7. Summary
    7. Basic Security Mechanics and Mechanisms
      1. Security Mechanics
      2. Authentication and Identity Protocols
      3. Summary
    8. WLAN Standards
      1. Standards Organizations, Position, Context, and Influence
      2. Hardware/Radio/Waves and Modulation
      3. FCC Regulations
      4. Brief Discussion on Relevant Standards
      5. Summary
    9. WLAN Fundamentals
      1. WLAN: Elements and Characteristics
      2. WLAN Basic Topology
      3. WLAN Building Blocks
      4. WLAN State Diagram
      5. Basic Choreography
      6. Summary
    10. WLAN Basic Authentication and Privacy Methods
      1. Authentication Mechanics
      2. Open Authentication
      3. MAC-Based Authentication
      4. Shared-Key Authentication
      5. WEP Privacy Mechanics
      6. Summary
    11. Wireless Vulnerabilities
      1. Attacker Objectives
      2. Reconnaissance Attacks
      3. DoS Attacks
      4. Authentication Attacks
      5. WEP Keystream and Plaintext Recovery
      6. WEP Key Recovery Attacks
      7. Attacks on EAP Protocols
      8. Rogue APs
      9. Ad-Hoc Mode Security
      10. Summary
    12. EAP Authentication Protocols for WLANs
      1. Access Control and Authentication Mechanisms
      2. EAP
      3. PEAP
      4. 802.1x: Introduction and General Principles
      5. Cisco LEAP (EAP-Cisco Wireless)
      6. EAP-FAST
      7. Summary
    13. WLAN Encryption and Data Integrity Protocols
      1. IEEE 802.11i
      2. Encryption Protocols
      3. Key Management
      4. WPA and Cisco Protocols
      5. Security Problems Addressed
      6. Summary
    14. SWAN: End-to-End Security Deployment
      1. Overview of SWAN Security Features
      2. WLAN Deployment Modes and Security Features
      3. SWAN Infrastructure Authentication
      4. Radio Management and Wireless Intrusion Detection
      5. SWAN Fast Secure Roaming (CCKM)
      6. Local 802.1x RADIUS Authentication Service
      7. Summary
    15. Design Guidelines for Secure WLAN
      1. WLAN Design Fundamentals
      2. General Security Recommendations
      3. New WLAN Deployments
      4. Integration with Existing WLAN Deployments
      5. SWAN Central Switch Design Considerations
      6. Admission Control Design
      7. Summary
    16. Operational and Design Considerations for Secure WLANs
      1. Rogue AP Detection and Prevention
      2. WLAN Services Scaling
      3. Enterprise Guest Access
      4. Summary
    17. WLAN Security Configuration Guidelines and Examples
      1. Cisco Enterprise Class Wireless LAN Products
      2. WLAN Security Methods: Configuration Guidelines and Examples
      3. SWAN Nonswitching Deployment: Configuration Guidelines and Examples
      4. Securing Bridge-to-Bridge Links
      5. Secure WLAN Management Configuration Guidelines
      6. SWAN Central Switching Deployment: Configuration Guidelines and Examples
      7. Summary
    18. WLAN Deployment Examples
      1. Large Enterprise Deployment Examples
      2. Vertical Deployment Examples
      3. Small and Medium Businesses and SOHO WLAN Deployments
      4. Hotspot (Public WLAN) Deployment Examples
      5. Summary
    19. Resources and References
      1. General Tools
      2. Defensive Tools
      3. Cryptography and Cryptanalysis
      4. Wireless Standards and Associations
    20. Index