Скачать презентацию Setting up and securing a campus wide WIFI Скачать презентацию Setting up and securing a campus wide WIFI

62ea33fc61ecc0aeb4b53eedafd59ab7.ppt

  • Количество слайдов: 33

Setting up and securing a campus wide WIFI network Lessons Learned @ Georgia Cumberland Setting up and securing a campus wide WIFI network Lessons Learned @ Georgia Cumberland Academy Ernest Staats [email protected] org MCSE, CNA, CWNA, CCNA, Security+, I Net+, Network+, Server+, A+ and all around Nerd URL http: //www. gcasda. org/tech/index. asp? id=118

Wifi : 802. 11 • Apa yang diketahui ttg Wi. Fi? 1. 2. Julio Wifi : 802. 11 • Apa yang diketahui ttg Wi. Fi? 1. 2. Julio : Koneksi Tanpa kabel Aldo : Area Sebaran sinyal Tebatas/bisa dibatasi, Bisa kirim data. 3. Ardi : Terdapat berbagai Standar Wi. Fi a/b/g/n/ 4. Anita : Kecepatan Berbeda tgt Standarnya 5. Nobertus : Cakupan Area terbatas 6. M Nahak : Bisa untuk distribusi VLAN 7. Fitri : bisa berhubungan dg Internet 8. Ahmad I : Konek ke Wifi bisa bebas/security 9. IP bisa dibuat Dinamic/Static tergantung pada Router yg mengelola. Wifi bisa sebagai penerus (Switch/Router) 10. Bisa untuk Sharing data

Tentang Wi. Fi • Jenis Antena beragam Vertikal/Horisontal, Onmi Directional, Sectoral, pengarah, Dish, dll. Tentang Wi. Fi • Jenis Antena beragam Vertikal/Horisontal, Onmi Directional, Sectoral, pengarah, Dish, dll. • Wifi bisa Indoor/Outdoor. • Misalnya : Software Wifi + Perangkat di Mikrotik untuk manage User. • Frekuensi (2, 4 dan 5, 7 Ghz) : Kanal Terbatas • Software : Wi. Fi dilengkapi dengan Firmware bisa di Konfigurasi : IP, SSID, Kanal, Daya, Security, Mode operasi, Standar.

Apa yang diketahui ttg Wi. FI • Perangkat punya keterbatasan Kapasitas/ kemampuan yang bisa Apa yang diketahui ttg Wi. FI • Perangkat punya keterbatasan Kapasitas/ kemampuan yang bisa terhubung dalam waktu bersamaan. • Sebaran sinyal wifi bisa terserap /terpantul /berkurang oleh berbagai halangan : Tembok, Besi, Air, Gunung/bukit, dll

802. 11 family 802. 11 family

MIMO MIMO

Testing di Wi. Fi Apa saja? • Keamanan (security) : Security testing. (Penetration tesing) Testing di Wi. Fi Apa saja? • Keamanan (security) : Security testing. (Penetration tesing) • Bandwidth Test : Throughput Test • Survey / mapping : Coverage area/ Wi. Fi Mapping. Penentuan jumlah & lokasi penempatan AP yang tepat. • Simulasi untuk Hotmap Wi. Fi : Design Wi. Fi.

Testing / Software ? ? • • Software/Alat apa saja? Bagaimana menggunakan? Hasil bagaimana? Testing / Software ? ? • • Software/Alat apa saja? Bagaimana menggunakan? Hasil bagaimana? Yang bagus seperti apa? Manfaat dari Testing apa saja? Siapa yang bisa melakukan testing? Profesional testing bagaimana?

Define your WIFI needs: • • Types of connections Speed of connection Acceptable uses Define your WIFI needs: • • Types of connections Speed of connection Acceptable uses Cost and redundancy

Site Survey: • What types of interference are you going to contend with • Site Survey: • What types of interference are you going to contend with • What distances do you need to broadcast • What types of data are you going to support over WIFI (data/voice) Network access • Setup worst case scenario for testing • Know what your signal to Noise ratio • You should be expect an interview before any testing is done (how many users, roaming, location of wiring closets)

Site Survey: Report • Describe survey’s basis, approach and results. • Define all requirements, Site Survey: Report • Describe survey’s basis, approach and results. • Define all requirements, and assumptions • Describe RF interference found • Identify recommended installations locations and channels for Access Points • Give a map with listing of RF strength, and list any dead spots Adapted from: Certified Wireless Network Administrator certification Course available at: : http: //www. cwnp. com/

Self Installation: • Do you have the skills/ time for self installation • Software Self Installation: • Do you have the skills/ time for self installation • Software for testing • Equipment for testing—use the same equipment you plan to deploy

Consultant Installation: • How and what are they using for a site survey • Consultant Installation: • How and what are they using for a site survey • The Ping of Death True load testing S/N • Ask for guarantee of results and be a part of the testing process

Vendors : • So many choices—which one is right for you? • Standardize on Vendors : • So many choices—which one is right for you? • Standardize on ONE vendor for a given application • The type of network may determine what vendor you choose

Vendor Relations • Establishing Constructive Relationships • Types of Hardware Support – Vendor – Vendor Relations • Establishing Constructive Relationships • Types of Hardware Support – Vendor – 3 rd party – Self • Two way Problem Resolution Adapted from: MSIA Seminar 2 Week 2 M. E. Kabay, Ph. D, CISSP Program Director, MSIA Norwich University

Establishing Constructive Relationships Avoid the bleeding edge Price should not be the only factor Establishing Constructive Relationships Avoid the bleeding edge Price should not be the only factor Evaluate sales contact from vendor Specify who has what responsibility in the contract • Never buy under pressure (FUD) • Write down details of meetings and distribute to all participants • • Adapted from: MSIA Seminar 2 Week 2 M. E. Kabay, Ph. D, CISSP Program Director, MSIA Norwich University

Securing the network: • First, secure your wired network • Then secure your wireless Securing the network: • First, secure your wired network • Then secure your wireless network • Security methods for WIFI – Radius – Wi Fi Protected Access (WPA) – WEP (easier to crack) (Change your Keys) • Airsnort, Airfart, Air. Crack, and others

A Case study—GCA: • GCA has two separate WIFI networks one is secured and A Case study—GCA: • GCA has two separate WIFI networks one is secured and one is open. • Providing wireless ISP services for another school (secured) • Giving access to all staff on campus homes (secured) • The campus WIFI network for student access (not secure) • What went wrong • What was done to solve the issues

Campus Map External WIFI Campus Map External WIFI

Campus Map Internal WIFI Campus Map Internal WIFI

Hardware: Used @ GCA • • Amplifier (now removed from system) Bridges 3 COM Hardware: Used @ GCA • • Amplifier (now removed from system) Bridges 3 COM work Access Points Client cards

Photos Outside WIFI network 3 com Building to Building Bridge 3 Com 11 Mbps Photos Outside WIFI network 3 com Building to Building Bridge 3 Com 11 Mbps Wireless LAN Workgroup Bridge 3 Com 13 d. Bi Directional Sector Panel Antenna (Homes) 3 Com 18 d. Bi Directional Sector Panel Antenna (Ad Building and Coble)

Outside WIFI network cont. AMP 244 500 m. W Outdoor Amplifier Pigtail 3 Com Outside WIFI network cont. AMP 244 500 m. W Outdoor Amplifier Pigtail 3 Com Workgroup Bridge SMA Cable Adapter 3 Com 20 foot Antenna Cable 15 d. Bi Omni-Directional Antenna Used Radio Shack TV Antenna mast

Inside WIFI Installing Meru A P (what is wrong? ) Meru AP 100 Access Inside WIFI Installing Meru A P (what is wrong? ) Meru AP 100 Access Point Meru Controller 1100 Blade

Security: used @ GCA • Building to building Networks – Used non WIFI Compatible Security: used @ GCA • Building to building Networks – Used non WIFI Compatible settings – WEP – MAC Address Filtering • Campus in the buildings – Separate from main school network – Open system – Radius ?

Tips • Use at least four devices to test the AP at the same Tips • Use at least four devices to test the AP at the same time • Use same equipment in test as will be used in real life • Understand what will cause issues Metal heat ducts, placement of AP, 2. 4 gig Phones, etc. • Understand co channel interference

Tugas NIM Mahasiswa GENAP 1. Terkait Software untuk Testing Coverage (Cakupan)/Pemetaan area Wi. Fi Tugas NIM Mahasiswa GENAP 1. Terkait Software untuk Testing Coverage (Cakupan)/Pemetaan area Wi. Fi Hotspot. Berikan : a) Contoh Software b) Fitur yang disediakan Software c) Lisensi Software d) Tampilan (Screenshoot) 2. Jika kita menggunakan banyak Wi. Fi Access Point, bagaimana melihat Spektrum Frekuensi dari Wifi. Apakah Kanal kanal yang digunakan sudah tepat atau belum?

Tugas NIM Mahasiswa GASAL 1. Terkait Software Air. Check™ Wi Fi Tester Berikan : Tugas NIM Mahasiswa GASAL 1. Terkait Software Air. Check™ Wi Fi Tester Berikan : a) Fitur yang disediakan Software b) Digunakan untuk apa? c) Lisensi Software d) Tampilan (Screenshoot) 2. Bagaimana menguji /test Kapasitas Wi. Fi apakah sudah sesuai dengan yang diharapkan. Serta Software apa yang bisa digunakan?

Pengumpulan • Paling Lambat Jam 23. 00 tanggal 8 November 2014. • Email saja Pengumpulan • Paling Lambat Jam 23. 00 tanggal 8 November 2014. • Email saja : [email protected] com • Subject : 21 TJ NIM • Bentuk File : doc / pdf

Resources: Software • Air Magnet http: //www. airmagnet. com/products/demo download. php • Dr. Wi Resources: Software • Air Magnet http: //www. airmagnet. com/products/demo download. php • Dr. Wi Fi • Net Stumbler –Free http: //www. netstumbler. com/downloads/ • Mini Stumbler –Free http: //www. netstumbler. com/downloads/ • Aircrack 2. 1 802. 11 sniffer and WEP key cracker for Windows and Linux. Free http: //www. cr 0. net: 8040/code/network/

Resources: Links • CWNP Learning Center has over 1000 free white papers, case studies: Resources: Links • CWNP Learning Center has over 1000 free white papers, case studies: http: //www. cwnp. com/learning_center/index. html • free electronic site survey forms (excellent): http: //www. cwnp. com/mlist/subscribe. php • GUIDE TO MASTERING NEGOTIATIONS: http: //common. ziffdavisinternet. com/download/0/ 2537/whiteboardtoview. pdf • List of Equipment used at GCA: http: //www. gcasda. org/uploaded. Files/ tech/gcaeq. pdf