netsose
Seguridades en WLAN

Beneficios del curso

Este curso le mostrara como dar seguridad a su red inalambrica y proteger los datos de ataques, asi como le proporcionara el conocimiento necesario para tener exito en el campo de la seguridad de Tecnologias de la Información y conseguir sus objetivos . El curso incluye actividades teórico prácticas para complementar el aprendizaje.

Areas tematicas:

Principios de seguridad en redes Inalambricas
Técnicas y Herramientas de Intrusión
Seguridad, WPA/WPA2/802.11i, 802.1x/EAp
Gateways inalmbricos y de Ecripcion
Gestion de WLAN y Bridging
VPN en nivel 2 y 3 inalambrico
WLAN switching, Wireless VLANs, VPN Routers

Quienes deben asistir?
 

Todas las personas responsables de la planificación y Diseño de redes coninalambricas contecnología WiFi

Metodología

El proceso enseñanza aprendizaje utiiza clases tutoriales y la realización de laboratorios.  

 

Prerequisitos
 
Es conveniente que , los participantes tengan conocimientos básicos de redes, networking, adicionalmente deben haber tomado un curso Redes LANs Inalambricas

Fecha de Inicio: Abril 2008

Dias : Viernes. y Sábado

Horarios: Viernes y Sábado de 8:00 a 17:00 horas

Lugar de Capacitación: Quito

Duración del curso : 24 horas

Inversión: 

El costo del curso incluye Coffe Breaks, Material impreso y CD con información relacionada al curso

El curso tiene un cupo máximo de participantes.

Al final del curso se entregara un certificado de participación las reservaciones de cupo deben realizarse vía emai para lo cual se debe incluir el formulario de Inscripción

Contenido del curso

1. Introducción a la tecnologias de seguridad en WLAN

Security policy, Security concerns
Security auditing practices
Application layer vulnerabilities and analysis
Data Link layer vulnerabilities and analysis
Physical layer vulnerabilities and analysis
802.11 security mechanisms

2. Tecnologías y Soluciones de seguridad pra SOHO
WLAN discovery equipment and utilities.
Legacy WLAN security methods, mechanisms, and exploits
Appropriate SOHO security
3. Soluciones de seguridad para nodos finales en WLAN Móviles
Personal-class mobile endpoint security
Enterprise-class mobile endpoint security
User-accessible and restricted endpoint policies
VPN technology overview
4.Soluciones y tecnologías de seguridad para oficinas remotas con WLAN
General vulnerabilities
Preshared Key security with RSN cipher suites
Passphrase vulnerabilities
Passphrase entropy and hacking tools
WPA/WPA2 Personal - how it works
WPA/WPA2 Personal - configuration
Wi-Fi Protected Setup (WPS)
Installation and configuration of WIPS, WNMS, and WLAN controllers to extend enterprise security policy to remote and branch offices
5. Monitoreo y gestión para WLAN Empresariales
Device identification and tracking
Rogue device mitigation
WLAN forensics
Enterprise WIPS installation and configuration
Distributed protocol analysis
WNMS security features
WLAN controller security feature sets
6. Soluciones y tecnologías para WLAN Empresariales
Robust Security Networks (RSN)
WPA/WPA2 Enterprise - how it works
WPA/WPA2 Enterprise - configuration
IEEE 802.11 Authentication and Key Management (AKM)
802.11 cipher suites
Use of authentication services (RADIUS, LDAP) in WLANs
User profile management (RBAC)
Public Key Infrastructures (PKI) used with WLANs
Certificate Authorities and x.509 digital certificates
RADIUS installation and configuration
802.1X/EAP authentication mechanisms
802.1X/EAP types and differences
802.11 handshakes
Fast BSS Transition (FT) technologies


 

Laboratoriios

1. Seguridad WLAN

Secure access to the WLAN controller using secure management protocols
Configuring multiple WLAN profiles, each with its own authentication and cipher suites including WPA/WPA2 Personal and Enterprise
Configuring the WLAN controller for RADIUS connectivity and authentication
Client station connectivity to the controller - including DHCP and browsing
Integrated rogue device discovery
2. Wireless Intrusion Prevention Systems (WIPS)
WIPS installation, licensing, adding/configuring sensors, and secure console connectivity
Configuration according to organizational policy
Properly classifying authorized, unauthorized, and external/interfering access points
Identifying and mitigating rogue devices
Identifying specific attacks against the authorized WLAN infrastructure or client stations
3. Herramientas de monitoreo
Installing and configuring a WLAN discovery tool, protocol analyzer, spectrum analyzer
Locating and analyzing 2.4 GHz and 5 GHz WLANs with a WLAN discovery tool and WLAN protocol analyzer
Capturing and analyzing a WPA2-Personal authentication in a WLAN protocol analyzer
Capturing and analyzing a WPA2-Enterprise authentication in a WLAN protocol analyzer
Capturing and analyzing Hotspot authentication and data traffic in a WLAN protocol analyzer
Capturing and analyzing Beacons, Probe Requests, Probe Responses, and Association Requests with a WLAN protocol analyzer
Viewing a normal RF environment, a busy RF environment, and an RF attack on the WLAN in a spectrum analyzer
4. Transiciones rápidas BSS
Configure a WLAN infrastructure with two controllers and two APs per controller. Configure APs for specific power and channel settings
Install and configure a RADIUS server for PEAP
Configure both controllers and an authorized client device for PEAP authentication using the CCMP cipher suite
Configure an 802.11 protocol analyzer to capture on a specific channel
Using an 802.11 frame generator function, deauthenticate the authorized client station to force intra- and inter-controller roaming
Perform a slow BSS transition within a controller as a baseline
Enable FT mechanisms within controllers and the client station
Perform a fast BSS transition within a controller as a comparison
Perform a slow BSS transition between controllers as a baseline
Perform a fast BSS transition (if vendor FT mechanisms permit) between controllers as a comparison

     

 

Copyright (c) 2005 NetSoSe. All rights reserved