NetSoSe
Seguridades en WLAN
Networking Solutions & Services

Beneficios del curso

Este curso le mostrara como dar seguridad a su red inalambrica y proteger los datos de ataques, asi como le proporcionara el conocimiento necesario para tener exito en el campo de la seguridad de Tecnologias de la Información y conseguir sus objetivos . El curso incluye actividades teórico prácticas para complementar el aprendizaje.

Areas tematicas:

Principios de seguridad en redes Inalambricas
Técnicas y Herramientas de Intrusión
Seguridad, WPA/WPA2/802.11i, 802.1x/EAp
Gateways inalmbricos y de Ecripcion
Gestion de WLAN y Bridging
VPN en nivel 2 y 3 inalambrico
WLAN switching, Wireless VLANs, VPN Routers

Quienes deben asistir?
 

Todas las personas responsables de la planificación y Diseño de redes coninalambricas contecnología WiFi

Metodología

El proceso enseñanza aprendizaje se realizará mediante la realización clases tutoriales.  

  

Prerequisitos
 
Es conveniente que , los participantes tengan conocimientos básicos de redes, networking, adicionalmente deben haber tomado un curso Redes LANs Inalambricas

Fecha de Inicio: Abril 2008

Dias : Viernes. y Sábado

Horarios: Viernes y Sabado de 8:00 a 17:00 horas

Lugar de Capacitación: Quito

Duración del curso : 24 horas

Inversión: 

El costo del curso incluye Coffe Breaks, Material impreso y CD con información relacionada al curso

El curso tiene un cupo máximo de participantes.

Al final del curso se entregara un certificado de participación las reservaciones de cupo deben realizarse vía emai para lo cual se debe incluir el formulario de Inscripción
Contenido del curso

1. Introduction to WLAN Security Technology
Security policy
Security concerns
Security auditing practices
Application layer vulnerabilities and analysis
Data Link layer vulnerabilities and analysis
Physical layer vulnerabilities and analysis
802.11 security mechanisms
Wi-Fi Alliance security certifications
2. Small Office / Home Office WLAN Security Technology and Solutions
WLAN discovery equipment and utilities.
Legacy WLAN security methods, mechanisms, and exploits
Appropriate SOHO security
3. WLAN Mobile Endpoint Security Solutions
Personal-class mobile endpoint security
Enterprise-class mobile endpoint security
User-accessible and restricted endpoint policies
VPN technology overview
4. Branch Office / Remote Office WLAN Security Technology and Solutions
General vulnerabilities
Preshared Key security with RSN cipher suites
Passphrase vulnerabilities
Passphrase entropy and hacking tools
WPA/WPA2 Personal - how it works
WPA/WPA2 Personal - configuration
Wi-Fi Protected Setup (WPS)
Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices
5. Enterprise WLAN Management and Monitoring
Device identification and tracking
Rogue device mitigation
WLAN forensics
Enterprise WIPS installation and configuration
Distributed protocol analysis
WNMS security features
WLAN controller security feature sets
6. Enterprise WLAN Security Technology and Solutions
Robust Security Networks (RSN)
WPA/WPA2 Enterprise - how it works
WPA/WPA2 Enterprise - configuration
IEEE 802.11 Authentication and Key Management (AKM)
802.11 cipher suites
Use of authentication services (RADIUS, LDAP) in WLANs
User profile management (RBAC)
Public Key Infrastructures (PKI) used with WLANs
Certificate Authorities and x.509 digital certificates
RADIUS installation and configuration
802.1X/EAP authentication mechanisms
802.1X/EAP types and differences
802.11 handshakes
Fast BSS Transition (FT) technologies


  

LaboratorioS

1. WLAN Controller Security

Secure access to the WLAN controller using secure management protocols
Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
Configuring the WLAN controller for RADIUS connectivity and authentication
Client station connectivity to the controller - including DHCP and browsing
Integrated rogue device discovery
2. Wireless Intrusion Prevention Systems (WIPS)
WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
Configuration according to organizational policy
Properly classifying authorized, unauthorized, and external/interfering access points
Identifying and mitigating rogue devices
Identifying specific attacks against the authorized WLAN infrastructure or client stations
3. Using Laptop Analyzers
Installing and configuring a WLAN discovery tool, protocol analyzer, spectrum analyzer
Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool and WLAN protocol analyzer
Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer
4. Fast BSS Transitions (FT)
Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
Install and configure a RADIUS server for PEAP
Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
Configure an 802.11 protocol analyzer to capture on a specific channel
Using an 802.11 frame generator function, deauthenticate the authorized client station to force intra- and inter-controller roaming
Perform a slow BSS transition within a controller as a baseline
Enable FT mechanisms within controllers and the client station
Perform a fast BSS transition within a controller as a comparison
Perform a slow BSS transition between controllers as a baseline
Perform a fast BSS transition (if vendor FT mechanisms permit) between controllers as a comparison

     

 

Copyright (c) 2005 NetSoSe. All rights reserved