SlideShare una empresa de Scribd logo

Top 5 wi fi security threats

Descargar como PPTX, PDF
gruzabb
gruzabb
Tecnología
1 de 15
Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15

Recomendados

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)
Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD Era
Kappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
AirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial Industry
James Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow Devices
Forescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
Block Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk Report
Forescout Technologies Inc
 

Recomendados

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)
Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD Era
Kappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
AirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial Industry
James Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow Devices
Forescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
Block Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk Report
Forescout Technologies Inc
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey Results
ForeScout Technologies
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8
Phillip LiPari
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
Liora R. Herman
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
AirTight Networks
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security Tips
Centextech
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
Bangladesh Network Operators Group
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
Christopher Frenz
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Design World
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
Frank Siepmann
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
Nick Allott
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
Mark Benson
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
Clare Nelson, CISSP, CIPP-E
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
PROFIBUS and PROFINET InternationaI - PI UK
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - Slides
ezSec
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile Enterprise
Itai Bass
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
Mary McEvoy Carroll
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
Sophos
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
AirTight Networks
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
hemantchaskar
 

Más contenido relacionado

La actualidad más candente

Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
Liora R. Herman
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security Tips
Centextech
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
Mark Benson
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
PROFIBUS and PROFINET InternationaI - PI UK
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile Enterprise
Itai Bass
 

La actualidad más candente (20)

SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey Results
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security Tips
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - Slides
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile Enterprise
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 

Similar a Top 5 wi fi security threats

The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
IJCSIS Research Publications
 

Similar a Top 5 wi fi security threats (20)

Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
 
AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
 
CEH Domain 6.pdf
CEH Domain 6.pdfCEH Domain 6.pdf
CEH Domain 6.pdf
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
itmsday2.pptx
itmsday2.pptxitmsday2.pptx
itmsday2.pptx
 
Wireless security
Wireless securityWireless security
Wireless security
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep Dive
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptx
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOW
 

Último

Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
UXDXConf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 

Último (20)

Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 

Top 5 wi fi security threats

  • 1. Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
  • 2. Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
  • 3. TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
  • 4. Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
  • 5. Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
  • 6. Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
  • 7. Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
  • 8. Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
  • 9. Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
  • 10. MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
  • 11. NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
  • 12. Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
  • 13. Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
  • 14. Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
  • 15. Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15