Wireless Communication Policy - PowerPoint PPT Presentation

About This Presentation
Title:

Wireless Communication Policy

Description:

Wireless Communication Policy ... Connection point for WiFi network LAN Local Area Network WEP key Wired Equivalent ... Continued VPN Virtual Private Network ... – PowerPoint PPT presentation

Number of Views:56
Avg rating:3.0/5.0
Slides: 9
Provided by: Laure383
Category:

less

Transcript and Presenter's Notes

Title: Wireless Communication Policy


1
Wireless CommunicationPolicy
  • By Lauren Williams

2
Brief Overview of WiFi Networks
  • Technology is similar to walkie-talkies
  • Ability to transmit and receive radio signals
  • Transmit _at_ much higher frequencies
  • Simple to implement
  • WiFi card or built-in
  • Find hotspot once hardware/software installed

3
Relevant Definitions
  • Hotspot
  • Connection point for WiFi network
  • LAN
  • Local Area Network
  • WEP key
  • Wired Equivalent Privacy
  • Needed to gain access to a network
  • 2 variations 64-bit encryption (really 40-bit)
    and 128-bit encryption (really 104-bit)

4
Definitions Continued
  • VPN
  • Virtual Private Network
  • makes use of a public network (such as the
    Internet), while maintaining security and privacy
    through encryption and security procedures
  • SSID
  • Service Set Identifier
  • identifies a Wi-Fi network (manufacturer default)
  • secret key set by the network admin
  • must know the SSID to join an 802.11 network

5
Purpose Scope of SANS Policy
  • Purpose is to prohibit access to company networks
    via unsecured wireless communication
  • Policy should cover all data communication
    devices on all internal networks
  • PCs, cell phones, PDAs, etc.
  • Anything capable of transmitting packet data

6
Recommendations for Implementing Policy
  • 1. Register access points and cards
  • All wireless access points (WAPs) connected to
    network to be registered and approved by InfoSec
  • Subject to penetration tests and audits
  • All network interface cards (NICs) in use must
    also be registered
  • 2. Approved Technology
  • All LAN access must use corporate approved vendor
    products and security configurations

7
Recommendations Continued
  • 3. VPN Encryption Authentication
  • Use corporate approved VPN to drop all
    unauthenticated and unencrypted traffic
  • Must use point to point hardware encryption of at
    least 56 bits
  • Must support hardware address that can be
    registered and tracked (MAC address)

8
Recommendations Continued
  • 4. Setting the SSID
  • Should not contain any identifying information
    about the organization
  • Company name, division, employee name
  • 5. Enforcement
  • Employees may face disciplinary action or
    termination if policy is violated
Write a Comment
User Comments (0)
About PowerShow.com