Transcript
HOLISTIC NETWORK SERVICE MANAGEMENT FOR WLAN
MOTOROLA AIRDEFENSE SOLUTIONS PRESENTER NAME | PRESENTER TITLE MOTOROLA SOLUTIONS
TRADITIONAL WIRED NETWORK SECURE INTERNAL NETWORK Well-defined Network Edge, Straightforward to Manage and Secure
Server
INTERNET Users
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved.
2
WIRELESS SECURITY CONCERNS Hacker in Parking Lot
Network Edge Blurred New Attack Vectors „Behind‟ the Firewall
Server Rogue AP
INTERNET Users
Mis-configured AP
Users Connecting to Neighboring Networks
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved.
3
WIRELESS BREACHES COST MILLIONS • Tens of Millions of Credit & Debit Card Numbers Have Been Stolen • Average Cost of a Data Breach is $300 per Compromised Record (Gartner) • Average Breach Cost is $6.6m (Network World) • Average Customer Turnover After a Breach is 3.6% 2000
2002
2004
2006
2008
2009
Attacks are no longer innocent attempts to gain notoriety – organized crime is hacking for profit MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
4
WLAN MANAGEMENT CONCERNS Vendor C: Acquired Business
Technology Concerns
• Difficulty in Managing Various Infrastructure Vendors with Multiple Consoles
More Devices, More Device Types Complex Management
Users
Vendor A: Legacy Deployment
Corporate Headquarters
• Diverse Environments Add Levels of Complexity to Manage, Leaving Networks with Inconsistent Configuration
Vendor B: Current Deployment Model
Client Devices
Users Wireless Switch
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved.
5
FACTORS AFFECTING WLAN RELIABILITY
Noise & Interference
Coverage & Capacity Roaming Issues
Unplanned Usage Patterns Client Devices
Environmental Changes Server
INTERNET
Users Trouble Connecting to WLANs
Connectivity Problems
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. © Motorola, Inc. 2010. All rights reserved.
6
MOTOROLA AIRDEFENSE SERVICES PLATFORM Improve Operations with proactive troubleshooting and analysis
Mitigate Risk; Assure Compliance Solutions for Any WLAN
Maximize efficiency with centralized management
Holistic Network Services Management for WLAN MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
7
SOLUTION ARCHITECTURE The Hardware
ADSP Appliance
• Centralized, Hardened Appliance – Secure System with Low-bandwidth Utilization Field Offices
• Two Types of Sensors • Integrated Sensors are Built into Motorola Access Points • Stand Alone Sensors are Separate Devices, Use One for Every 3-5 APs
Sensor
The AirDefense Services Platform • Centralized Reporting • 24x7 Monitoring
Wireless Switch
Field Offices
Security & Compliance
Infrastructure Management
Headquarters
Network Assurance
• Wireless IPS
• WLAN Management
• Advanced Forensics
• Automatic Mitigation & Escalation
• Wireless Vulnerability Assessment
• Spectrum Analysis
• Forensic Analysis
• Advanced Forensics
• Centralized Management Console
• Multi-vendor Management
• Mobile Workforce Protection
• Robust Alarm Management
• Remote Troubleshooting • Interference Detection
• Legacy Encryption Protection
• Access Point Testing • Client Connectivity Troubleshooting • LiveRF • Mobile Laptop Analyzer
AirDefense Services Platform MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
8
INDUSTRY FIRST: COMBINED AP & SENSOR One Device for Access and Sensing • Minimize Need for Expensive Cable Runs • Configure Motorola Dual-radio APs to Use One Radio for Dedicated WIPS Sensing
• Band Un-locked Hardware Makes Motorola Uniquely Suited for Dual Purpose Device • No Compromises: Device Offers Full-time AP Function & Full-time Security
AP 7131
AP 5131
• Never Drop a VoWLAN Call to Scan for Intruders and Never Reduce Security to Keep Clients Connected AP 650
Minimize deployment cost by leveraging a single device for full-time infrastructure & full-time sensing MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
9
SECURITY & COMPLIANCE
Solutions for Any WLAN
Security & Compliance
Infrastructure Management
Network Assurance
• Rogue Elimination
• Multi-vendor Management
• Solve Issues Remotely
• Intrusion Prevention
• Centralized Configuration
• Level 1 Helpdesk Support
• Automated Defenses
• Policy-based Fault Mgmt
• Proactive Monitoring
• Forensic Analysis
• Automated Discovery
• Spectrum Analysis
• Wireless Vulnerability Assessment
• Network Visualizations
• Interference Detection
• 24x7 Policy Monitoring
• Firmware Management
• Coverage Visualizations
• Custom Reporting: PCI, HIPAA, GLBA, US DoD, SOX Reports
• Remote Packet Capture
• Mobile Workforce Protection
• Mobile Laptop Analyzer
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
• Historical Analysis
10
AUTOMATED ROGUE DETECTION & ELIMINATION
Neighbor
Remote Office
Wireless IPS Module: • Enhanced Rogue Detection Uses Correlation of Traffic Between Wired and Wireless Network to Identify even Most Complex Rogues. • Differentiate Between Neighbors and Rogue Devices Automatically • Historical Record of Associations & Traffic • Automatic Elimination
Wired Network Monitoring: • Track and Identify New Non-Wireless Devices • Track Critical Assets to Identify Removal From Network
Soft AP
Rogue AP Behind Firewall
Dedicated Sensor
Encrypted Rogue AP
Open Rogue AP
AirDefense Detects Rogues Passively & Independent of Authentication or Encryption Utilized on the Rogue AP
Automatically detect and block all rogue devices MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
11
COMPREHENSIVE INTRUSION PREVENTION 200+ Threats Detected • Rogue Exploits, Extrusions, Vulnerabilities
Wireless Intrusion Prevention DISCOVERY
DETECTION
ANALYSIS
PREVENTION
• Denial of Service & Impersonation Attacks • Key, Encryption, and Dictionary Attacks • Security Policy Violations
Protocol Abuse
Anomalous Behavior
Signature Analysis
Policy Manager
Correlation Engines
Context-aware Detection Engines
Minimal False Positives • Correlation Across Multiple Detection Engines Reduces False Positives • Most Accurate Attack Detection
Automatic Threat Mitigation • Wireless Termination • Wired Port Suppression • Wireless ACL
Sensors
Detect threats with minimal false positives MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
12
ADVANCED FORENSICS Extensive Forensic Data • • • • • •
325+ Statistics per Device per Minute Record of Device Connectivity Determine Exact Time & Impact of Security Incidents Historical Data Storage Supports trend analysis, Rewindable visualizations
View Device Details
Infrastructure Forensics • Extends Forensics Engine to Capture Polled Data: • 75 Statistics Per AP and Associated Stations • 40 Statistics Per WLAN Controllers • Extensive Support for Trend Analysis and Anomaly detection
Benefits • Better Protection From Transient Threats • Simplify Analysis of Large Data sets • Reduce Need for 24/7 staffing
Perform Usage and Utilization Trend Analysis
Accelerate root cause determination and recovery MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
13
WIRELESS VULNERABILITY ASSESSMENT Identify Wireless Exposures • Remotely Scan All Locations Using Sensors • Simulate Wireless Attacks • Identify Sensitive Systems Exposed to Wireless Network • Identify Wireless & Wired-side Vulnerabilities • Schedule Scans to Automate the Process
Public Wireless Side
Sensitive Data
Benefits • Identify Wireless Vulnerabilities Before a Breach Occurs • Eliminate Onsite Visits by Conducting Scans Remotely • Automatically Validate PCI DSS Req 1.2.3: Validate Wireless Segmentation from Cardholder Data
Vulnerable Back-End System AirDefense Sensor Simulating a Wireless Attack
Support for PEAP &EAP-TLS Protected Networks
Proactively identify issues in best-of-breed wireless networks MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
14
REGULATORY COMPLIANCE Retail
Healthcare
Federal
Corporate
• Payment Card Industry (PCI) Data Security Standard (DSS)
• Health Insurance Portability and Accountability Act (HIPAA)
• Department of Defense 8100.2 Directive
• Sarbanes Oxley (SOX) Compliance
• Automated Wireless Scanning and Rogue Wireless Elimination
• Encryption Validation
• Must Have 24x7 Dedicated WIDS
• Security Configuration Management
• Applicable Regardless of WLAN Deployment
• Identify Wireless Vulnerabilities That Could Expose PHI (Patient Health Information)
• Common Criteria Certification Needed
• Wireless Intrusion Prevention
• Encryption Policy Enforcement
• Location Tracking Mandatory
• Gramm-Leach-Bliley Act (GLBA) • Protect Confidentiality and Integrity of Corporate Data Transmitted Wirelessly • Reporting and Audit Support
Minimize costs with better compliance MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
15
REGULATORY COMPLIANCE Compliance Monitoring • Collect Relevant Events Across All Locations and Sources • Automate Wireless Compliance Functions • Reduce Effort & Cost by Meeting All Wireless Compliance Mandates from Single System • Data Stored in Accordance with Mandated Retention Policies
Define
Monitor
Comply
Enforce
Compliance Reporting • Automated and Centralized Reporting • Compare Compliance Data with Company Policies • Prove Historical Compliance • Improved Audit Speed and Accuracy
Define Wireless Policy
Customizable Reporting
Automate and customize reporting for actionable information MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
16
INFRASTRUCTURE MANAGEMENT Solutions for Any WLAN
Security & Compliance
Infrastructure Management
Network Assurance
• Rogue Elimination
• Multi-vendor Management
• Solve Issues Remotely
• Intrusion Prevention
• Centralized Configuration
• Level 1 Helpdesk Support
• Automated Defenses
• Policy-based Fault Mgmt
• Proactive Monitoring
• Forensic Analysis
• Automated Discovery
• Spectrum Analysis
• Wireless Vulnerability Assessment
• Network Visualizations
• Interference Detection
• 24x7 Policy Monitoring
• Firmware Management
• Coverage Visualizations
• Custom Reporting: PCI, HIPAA, GLBA, US DoD, SOX Reports
• Remote Packet Capture
• Mobile Workforce Protection
• Mobile Laptop Analyzer
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
• Historical Analysis
17
CENTRALLY MANAGE MULTI-VENDOR DEPLOYMENTS Managing the Wireless Network • • • • •
Perform Device Configuration Automate Configuration Audit & Correction Monitor Device Health Receive Infrastructure Faults Collect Network Traffic Statistics
Identifying, Analyzing and Remediating Issues • • • •
Visualizing Network Topology Maintaining Consistent Configuration Monitoring and Prioritizing Critical Events Reporting on Network Health and Utilization
Holistic Visibility
Operate your entire wireless network from a single console MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
18
MANAGE NETWORKS RATHER THAN INDIVIDUAL DEVICES WLAN Management Module • Vendor and Device Agnostic UI Based Configuration • Inheritance Based Configuration/Profile Based Configuration • Normalized Alarms and Expert Help • Zero Touch Deployments with Reduced Staging and Provisioning Requirements
Device Agnostic UI
Control complex deployments with minimal effort MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
19
MANAGE LARGE DEPLOYMENTS Centralized Management Module • Holistic View of Events
• Global Network Visualizations • Configuration Once for Entire Deployment • Reduces Large Deployment Administrative Overhead • Ensures Consistency in Policies and Configuration • Focuses Attention on Actions That Most Benefit Network Performance
Simplified Single Console
Scalable management for very large networks MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
20
NETWORK ASSURANCE
Solutions for Any WLAN
Security & Compliance
Infrastructure Management
Network Assurance
• Rogue Elimination
• Multi-vendor Management
• Solve Issues Remotely
• Intrusion Prevention
• Centralized Configuration
• Level 1 Helpdesk Support
• Automated Defenses
• Policy-based Fault Mgmt
• Proactive Monitoring
• Forensic Analysis
• Automated Discovery
• Spectrum Analysis
• Wireless Vulnerability Assessment
• Network Visualizations
• Interference Detection
• 24x7 Policy Monitoring
• Firmware Management
• Coverage Visualizations
• Custom Reporting: PCI, HIPAA, GLBA, US DoD, SOX Reports
• Remote Packet Capture
• Mobile Workforce Protection
• Mobile Laptop Analyzer
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
• Historical Analysis
21
NETWORK ASSURANCE SOLUTIONS Centralized WLAN Troubleshooting End-user Feedback
Performance Alarms & Reports
Historical Troubleshooting
Real-time Troubleshooting
• Detailed Forensics
• LiveView
• Scope Forensics
• Client Connectivity Troubleshooting
• Alarm Forensics
• Access Point Testing • Spectrum Analysis
Proactive Prevention • Access Point Testing • Policy Compliance • Performance Policy • LiveRF
• LiveRF
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
22
REMOTE VISIBILITY WITH LIVEVIEW Real-time View of WLAN • • • •
Turn Any Sensor into a „Sniffer‟ Full Layer 2 Frame Capture Visualize Wireless Traffic Flow 28 Different Graphical Views
Frame Capture
Low Network Support Costs • • • •
Real-time View of Remote WLAN Advanced Centralized Troubleshooting Reduced On-site Support Cost Increased WLAN Uptime
Real-time Traffic
Connection Analysis
Troubleshoot remote WLANs in real-time MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
23
FORENSICS FOR TROUBLESHOOTING WLAN ISSUES Detailed Forensic Analysis
Traffic Analysis
• Graphical View of Minute-by-minute Stats • Device, Threats, Associations, Traffic, Signal and Location Tends • Adjustable Time Windows • Historical Location Tracking • Record of Wireless Performance and Connectivity Issues
Network Trend Analysis • Forensic Analysis and Audit Support • Allows Historical Analysis of Intermittent Wireless Problems • View Performance Trends and Establish Network Baselines
Event Sequence
Faster root cause determination and recovery MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
24
END TO END WIRELESS NETWORK TESTING Access Point Testing Module • End-to-end Network Connectivity Testing from a Wireless Perspective • Verify Access to Wireless Applications Servers • Proactively Perform Network Tests
Benefits • Find Problems Before End Users are Impacted • Classify Network Issues – Know the Source of the Problem, Wired or Wireless
Data Center
Application Server
WAN
• Verify Remediation without Local Support • Remote Testing Anywhere on the Network
Remote Location
Secure Server
• Run Tests Automatically or On-Demand
DHCP Server
Proactive penetration testing for wireless networks MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
25
CLIENT TROUBLESHOOTING Client Troubleshooting Module • Designed for Level 1 Helpdesk • Quickly Determine if it is a Wireless or Wired Network Issue • Simple Debugging of Wireless Issues
• Escalation Only if Necessary • Centralized Troubleshooting
Identify: • Device Issues • Wireless Network Health Problems • Wireless Network Availability • Device Wireless Network Connectivity Issues • Device Wired Network Connectivity Issues
Troubleshoot Connection Issues
Easily identify problems for quick escalation and remediation MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
26
NEXT GENERATION SPECTRUM ANALYSIS Spectrum Analysis Module
Granular Interference Detection
• Detect Non-802.11 Interference – Microwaves, Bluetooth, Frequency Hopping Devices, etc.
• Use Existing Sensors – No Special Hardware Needed • Proactive detection of application-impacting interference • Remote Real-Time Level1 Troubleshooting
Enhanced Detection and Classification • • • • •
Applicable to: High Resolution Spectral Analysis AP6511 Granular Interference Detection Simultaneous L1 and L2 Analysis Powerful visualizations for quick problem assessment Enables targeting of only interference sources impacting the specified WLAN
Classify Interference Sources
Easily identify the source of interference problems MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
27
FORENSIC LIVERF Real-time SnapshotsVisualizations of Historic Coverage, Noise, Applications • •Proactive Monitoring and Alerting of Coverage Troubleshoot/Verify/Analyze Coverage Issues Hours, Days, Weeks Problems after they Occur • •Application Specific Simulations – Voice, Video, Understand Changes Over Time Custom •Data, Track Transient Coverage Problems • •Historical Views of anyNormal LiveRFEnvironment Visualization Determine Baseline Historic Application • Side-By-Side Comparative Analysis Specific Analysis • Comparative Analysis of Current Environment to Known Healthy Environment
Configurable “Rewind” Time Range
• Building Aware Predictive Visualizations
• Simulate Network Changes – Perform “What-If” Design Simulations
Benefits • Troubleshoot/Verify/Analyze Coverage Issues Hours, Days, Weeks after they Occur • Understand Changes Over Time • Track Transient Coverage Problems • Determine Baseline of Normal Environment
Side-by-Side Comparative Analysis
Easily identify coverage & capacity issues MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
28
SUMMARY Security & Compliance •
Leading Vendor-Agnostic Wireless Monitoring System
•
Cost Effective Compliance with Regulatory and Industry Requirements.
•
Infrastructure Management •
Multi-vendor Control & Monitoring of Infrastructure and Devices.
•
Improve Wireless Availability and Network Reduce Downtime.
•
Holistic Network Management with a Single „Pane of Glass‟ for Central Management.
•
Reduce Operational Costs Associated with Wireless Performance and Maintenance.
•
Network Upgrades/Migrations are Simplified with Centrally Managed Infrastructure.
•
Resolve 70% of Wireless Trouble Tickets via Remote Management.
Prevention Cost is About 5% the Cost of the Data Breach.
Mitigate Risk & Assure Compliance
Network Assurance
Maximize Efficiency
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
Improve Operations
29
THANK YOU
MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola, Inc. All rights reserved.
30
