Beruflich Dokumente
Kultur Dokumente
AGENDA
>Module 1: WLAN Technology Overview >Module 2: WLAN Architecture >Module 3: RF Fundamentals >Module 4: WLAN Security >Module 5: Site Survey & WLAN Design
3Com Confidential
WIRELESS NETWORKS
802.11a/b/g/n
UMTS Wireless Wide GSM Area Network IEEE 802.16 MAN & 802.20 WAN
GPRS
Wireless Personal Area Network Wireless Local Area Network IEEE 802.15.1
1
3Com Confidential
3Com Confidential
OBJECTIVES
3Com Confidential
WLAN INTRODUCTION
3Com Confidential
WLAN BENEFITS
>Increased user mobility >Increased user productivity >Network flexibility and portability >Ease and speed of deployment >Cost and/or time savings >Improved aesthetics >Shared resources >Increased connectivity options >Improved efficiency and reduced costs
3Com Confidential
3Com Confidential
WLAN OVERVIEW
>Defined by the IEEE 802.11 specifications >Also known as Wi-Fi and/or Hot Spots
3Com Confidential
WLAN CONCEPTS
Radio Antenna
>Uses RF technology to transmit and receive data >RF signals pass through most objects >Not immune to signaling issues: Absorption, Reflection, Refraction, Diffraction, and Scattering
3Com Confidential
3Com Confidential
OVERALL SPECTRUM
> Regulated by individual countries > WLANs operates within the unlicensed 2.4 GHz ISM and 5 GHz U-NII bands Hz AM Radio 550 - 1700kHz
VLF LF MF HF
UHF TV 460-600MHz
VHF UHF SHF
Medical X-ray
UV X Gamma Cosmic
Unlicensed Bands
3Com Confidential
Channel ID 1 2 3 4 5 6 7 8 9 10 11 12 13 14
3Com Confidential
Frequency (GHz) 2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472 2.484
Spain X31
France X32
Japan X40
Japan X41 X X X X X X X X X
X X
X X X X X
X X X X
3Com Confidential
2.417
2.427
2.437
2.447
2.457
2.467
5 4 3 2 1
2.412 2.422 2.432
10 9 8 7 6
2.442 2.452
14 13 12 11
2.462 2.472 2.484
3Com Confidential
10
Uses Complimentary Code Keying 1Mbps (CCK) modulation Transmission rates: 11 Mbps, 5.5 Mbps, 2 Mbps, 1 Mbps 2.417 2.427 2.437 2.447 2.457 2.467 Range: 100 m 5 10 4 9 Availability: H1CY00 3 8 13 2 7 12 1 6 11
2.412 2.422 2.432 2.442 2.452 2.462 2.472 2.484
11
3Com Confidential
3Com Confidential
Complimentary Code Keying (CCK) is the basic modulation format for current Wi-Fi (IEEE 802.11b) systems CCK is a single carrier system. In other words, all of the data is transmitted by modulating a single radio frequency, or carrier
SPREAD SPECTRUM
>FHSS systems use a radio carrier that hops from frequency to frequency in a pattern known to both transmitter and receiver
Easy to implement Resistant to noise Limited throughput (1-3 Mbps @ 2.4 GHz)
>DSSS & HR/DSSS systems convert data bits to a wide bit pattern called a chip
Updated definition, HR/DSSS provides higher throughput than FH (up to 11 Mbps @ 2.4 GHz) Better range or coverage Less resistant to noise (made up for by redundancy)
3Com Confidential
13
3Com Confidential
5 GHz BAND
3Com Confidential
14
20
1W
1,3,4
4-255
Reserved
Reserved
Reserved
Reserved
Reserved
3Com Confidential
15
3Com Confidential
Channel Set 34,38,42,46 8,12,16 8,12,16 8,12,16 8,12,16 8,12,16 184,188,192,196 184,188,192,196 184,188,192,196 184,188,192,196 34,38,42,46 7,8,9,11
Behavior Limits Set 1,2,6 5,6,7 5,6,8 5,6,7 5,6,8 5,6,8 5,6,7 5,6,8 5,6,7 5,6,8 5,6,8 5,6,7
16
Channel Set 7,8,9,11 7,8,9,11 7,8,9,11 8,12,16 183,184,185, 187,188,189 183,184,185, 187,188,189 183,184,185, 187,188,189 183,184,185, 187,188,189 Reserved
Behavior Limits Set 5,6,8 5,6,7 5,6,8 5,6,7 5,6,8 5,6,7 5,6,8 5,6,8 Reserved
17
3Com Confidential
5 GHz frequency range Potentially uses licensed band 8 non-overlapping channels Uses Orthogonal Frequency Division Multiplexing OFDM modulation Transmission rate: 54 Mbps or 6, 9,12,18,24,36,48 (6,12, 24 mandatory) Range 50 m High power consumption Availability: H1CY02
3Com Confidential
18
54 18m
48 25m
36 30m
24 35m
18 40m
12 45m
9 48m
6 50m
3Com Confidential
19
3Com Confidential
10
802.11a SUMMARY
>Will not interoperate with 802.11b/g systems >Global deployment issues may exist
3Com Confidential 20
802.11b/g SUMMARY
>Coverage up to 100 meters (328 feet) >Most commonly implemented standard, Wi-Fi >Crowded frequency band
3Com Confidential
21
3Com Confidential
11
802.11 COMPARISONS
802.11a
Up to 54 Mbps
802.11b
Up to 11 Mbps (11, 5.5, 2, & 1 Mbps) 100 Meters 2.4 GHz ISM DSSS
802.11g
Up to 54 Mbps (54, 33, 22, 11, 5.5, 2, and 1 Mbps) 100 Meters 2.4 GHz ISM DSSS, OFDM, and modified versions
Data rates
(54, 48, 36, 24, 18, 12 and 6 Mbps) 50 Meters 5 GHz U-NII
OFDM
3Com Confidential
22
>Data rates will drop as distance to AP increases as a result of reduced signal quality >Actual throughput is about onehalf of actual data or link rate >Throughput rates affected by:
Multicast rate (defaults at a rate of 1 Mbps) Framing overhead Collision avoidance mechanisms
3Com Confidential
23
3Com Confidential
12
3Com Confidential
24
> Allows 108 Mbps through-put > Bonds two channels in the 5ghz spectrum > When turning it on you no longer can select a channel to run in. It will constantly be checking open channels to be able to bond two of them together
3Com Confidential
25
3Com Confidential
13
>802.11c Bridge Operation Procedures >802.11d Country Compatibility (Roaming)1 >802.11e QoS Enhancements >802.11f Inter-Access Point Protocol (IAPP)2
3Com Confidential
26
>802.11h Spectrum and Power Control Management3 >802.11i Enhanced Security4 >802.11j Channel Selection for Japan5 >802.11k Radio Resource Measurement Enhancements >802.11l (letter skipped) >802.11m Maintenance of the IEEE Standard >802.11n Enhancement for Higher Throughput
Published Date > 3 - 2003 > 4 - 2004 > 5 - 2004
3Com Confidential
27
3Com Confidential
14
>802.11p - Wireless Access for the Vehicular Environment (WAVE) >802.11r - Fast roaming >802.11s - Wireless mesh networking >802.11T - Wireless Performance Prediction (WPP) >802.11u - Interworking with non-802 networks >802.11v - Wireless network management
3Com Confidential
28
>802.3af Power Over Ethernet6 >802.1X Authentication7 >LWAPP Lightweight Access Point Protocol >CAPWAP Control and Provisioning of Wireless Access Points
3Com Confidential
29
3Com Confidential
15
http://www.ieee.org/
http://www.fcc.gov/
http://www.wi-fi.org/
3Com Confidential
30
3Com Confidential
31
3Com Confidential
16
WIRELESS COMPONENTS
>Distribution system
Stations
3Com Confidential
32
ESS
BSS BSS BSS
Stations Only
33
3Com Confidential
17
WIRELESS BRIDGE
>Connects two remote sites wirelessly >A.K.A. Wireless Distribution System (WDS) >Implemented by enabling a configuration option on an AP
3Com Confidential
34
> Control
Request-to-Send Clear-to-Send Acknowledgement
> Data
3Com Confidential
35
3Com Confidential
18
802.2 ENCAPSULATION
3Com Confidential
36
>Scanning >Station (user) Authentication and Association >Beacon Management >Power Management Mode >DRS and ARS
3Com Confidential
37
3Com Confidential
19
SCANNING
>Station identifies if wireless network present >Passively listens for or actively probes for beacon frames >Builds a table of APs from the beacons >Begins authentication and association process
Probe Sent
Passive Scanning
3Com Confidential
Active Scanning
38
3Com Confidential
20
3. IAPP 4. IAPP
Original Association
5. Buffered Frames
3Com Confidential
40
1. Request 2. Response
>Disassociation ends the association relationship and removes the station from the WLAN >Deauthentication breaks the authentication between a station and AP >Used when the station has not properly joined a network, performed an incorrect operation, or has left the cell service area
3Com Confidential 41
3Com Confidential
21
BEACON MANAGEMENT
>Used during scanning to identify presence of a WLAN >Used in both FHSS and DSSS WLANs >Transmitted at regular intervals
About 10 times per second
>Provide network parameters for joining >Stations must be close enough to hear beacons from an AP >Provides time synchronization between station and AP >Provides channel usage information >Beacons are transmitted from the AP at the lowest supported (configured) data rate
3Com Confidential
42
>Allows stations to go into sleep mode to conserve battery power >Defines how long a station will be down (in milliseconds) >Frames to be buffered at the AP until station wakes up >Relies on the time synchronization performed through beacon management >Station wakes up after predetermined interval and receives any buffered frames from the AP >Two modes:
Power Save Polling Mode (PSP) station using power saving when available Continuous Aware Mode (CAM) power saving is not in use and the station is always on and ready to transmit and receive
3Com Confidential
43
3Com Confidential
22
RF FUNDAMENTALS
Module 3
44
Radio Signal
Omnipole Antenna
3Com Confidential
45
3Com Confidential
23
SIGNAL CHARACTERISTICS
Frequency Amplitude
Cycle
3Com Confidential
46
SIGNAL PHASE
90
180 360
270
3Com Confidential
47
3Com Confidential
24
SIGNAL PROPAGATION
Signal 2
Signal 1 Signal 3
3Com Confidential
48
dBm 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
3Com Confidential
dBm 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Watts 40 mW 50 mW 63 mW 79 mW 100 mW 126 mW 158 mW 200 mW 250 mW 316 mW 398 mW 500 mW 630 mW 800 mW 1.0 W 1.3 W
dBm 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
3Com Confidential
25
SIGNAL LEVELS
Antenna (Gain)
Antenna (Gain)
Amplifier (Gain)
Amplifier (Threshold)
Transmitter
3Com Confidential
Receiver
50
OMNIPOLE ANTENNA
> Transmits signals equally on a horizontal plane > Coverage cell is best horizontally but not vertically
Round (horizontal plane) Donut shaped (on all three dimensions)
> Typically used indoors > Low gain between 3-10 dBi of gain (low gain)
3Com Confidential
51
3Com Confidential
26
DIPOLE ANTENNA
> Figure 8 transmission pattern > Low gain though it achieves greater distance > Typically used indoors for hallways or corridors > Not as good for ceiling mounting
3Com Confidential
52
> Semi-directional, more focused transmission pattern > Provides moderately high gain, 12-18 dBi > Flat in design so it can be used against a wall or in a corner > Has an extended forward reach which is good for indoor and/or outdoor use
Short to medium range bridging Along narrow hallways and corridors
3Com Confidential
53
3Com Confidential
27
> Semi- or highly-directional, more focused, narrower transmission pattern > Can provide up to 24 dBi in gain (regulatory concerns) > Good for indoor or outdoor use
Along narrow hallways and corridors Highly-directional designs cover distances of up to 20 miles
3Com Confidential
54
3Com Confidential
55
3Com Confidential
28
WLAN SECURITY
Module 4
56
>Design characteristics
Easy Accessibility for Users Optimal Coverage Data Privacy Network Security
3Com Confidential
57
3Com Confidential
29
> Broadcast Monitoring (snooping) > RF Jamming > Rogue Access Point
Man-in-the-Middle Masquerading
Internet
Firewall
Trusted
war driving
Open System!
58
3Com Confidential
>Implementation hierarchy
Open Access Open system authentication, no encryption Baseline security Open system authentication, WEP Enhanced security 802.1x authentication, AES or TKIP encryption
3Com Confidential
59
3Com Confidential
30
SECURITY PROTOCOLS
>Local MAC Filtering >Wired Equivalent Privacy (WEP) >Wi-Fi Protected Access (WPA)
Temporal Key Integrity Protocol (TKIP)
>802.1X Authentication
Several types of EAP (Extensible Authentication Protocol) Several types of PEAP (Protected EAP) 3Com Dynamic Security Link Lightweight Extensible Authentication Protocol (LEAP)
3Com Confidential
60
>Issues
Forged MAC address Not totally secure Administratively difficult to maintain in large networks
3Com Confidential
61
3Com Confidential
31
> A shared key encryption and authentication mechanism for 802.11 WLANs
Original 802.11 security implementation Improves privacy and integrity
> Used between the station and AP only > Only payload data, not header, is encrypted
> Management and control frames not encrypted
3Com Confidential
62
3Com Confidential
63
3Com Confidential
32
3Com Confidential
64
>Each key is used to encrypt one and only one data packet
3Com Confidential
65
3Com Confidential
33
>Enhances the current 802.11 MAC to provide improvements in security and authentication mechanisms >Based on federal encryption standard AES (Advanced Encryption Standard)
Replaces Triple DES (Data Encryption Standard) Requires hardware acceleration Rijndael algorithm Symmetric block cipher Keys 128, 192, 256 bits
3Com Confidential
66
802.1x AUTHENTICATION
>Framework for authenticating and controlling user traffic to protect wired and wireless LANs
Centralized authentication rather than distributed at each AP
> Messages forwarded to RADIUS authentication server
>Uses dynamically varying encryption keys >Supported in Microsofts Windows XP, Funk, and Meeting House operating systems (supplicant and authenticator) >Scales well for large enterprise networks
3Com Confidential
67
3Com Confidential
34
>EAP-MD5 (Extensible Authentication Protocol-Message Digest 5) >EAP-TLS (EAP-Transport Layer Security) >EAP-TTLS (EAP-Tunneled TLS) / MSCHAPv2 (Microsoft Challenge Handshake Protocol) >EAP-SIM (Subscriber Identity Module) >PEAPv0 (Protected EAP) / EAP-MSCHAPv2 >PEAPv1/EAP-GTC (Generic Token Card) >3Com Dynamic Security Link >Lightweight Extensible Authentication Protocol (LEAP)
3Com Confidential
68
SECURITY CHECKLIST
1. 2. 3. 4. 5. 6. 7.
Change default settings on the access point Disable SSID broadcast Change the default radio channel Isolate APs into an untrusted zone Enable some form of encryption Limit RF coverage Restrict traffic to specific applications
3Com Confidential
69
3Com Confidential
35
8. 9.
10. Maximize IP address assignments if using DHCP 11. Centralize authentication services 12. Perform regular scans and audits 13. Restrict use to authorize personnel 14. Integrate user policies 15. Implement VPNs to secure trusted WLANs
3Com Confidential
70
3Com Confidential
36