802.1x Authentication & Authorization Deployment for Wireless Network at BYU-Hawaii Executive Summary: In this report we will have a detailed look in to BYU-Hawaii’s “Brigham Young University” current and suggested network layout with the help of diagrams and descriptions. BUY-Hawaii’s network consists of or approximately 3000 active user in which 2,500 are students and rest is staff. The main concern of BYU-Hawaii current network is that they have no authentication and authorization control so any one can easily access their network in nearby area of the campus and had no monitoring system that how the network is being utilized further more important information can easily be sniffed out by anyone on their network. In the proposed network we will be giving authentication and authorizations using firewalls, 802.1X and other technique for wired & wireless clients. Authentication can be achieved through 802.1X authentication server whereas authorization can be achieved using Radius. Furthermore we will be implementing WPA2 Personal “Wireless Protected Access version 2” on the access points through which we will get access point secured from unauthorized users by using setup password. Contents Executive Summary: 2 Introduction: 4 Current Network: 5 Description: 5 Current Network Diagram: 5 Proposed Network: 6 Proposed Network Diagram: 6 Security Requirements: 7 IEEE 802.1X: 7 Supplicant: 7 Authenticator: 7 Authentication Server: 7 RADIUS Servers: 8 Port-based Authentication: 8 WPA: 9 Equipment’s: 9 CISCO 7301 Router: 9 Switches: 10 Access Points: 12 Cisco Aironet 3502i Indoor Access Point: 14 Cabling: 15 Conclusion 15 References: 16 Introduction: In this report we ... ... middle of paper ... ...pa-and-wpa2-wireless-encryption-and-why-it-matters/: http://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/. [Accessed 27 May 2013]. [3] C. Australia, “Cisco Routers,” Cisco Pvt Ltd, 11 August 2008. [Online]. Available: http://www.cisco.com/c/en/us/products/collateral/routers/7301-router/product_data_sheet09186a008014611a.html. [Accessed 27 May 2014]. [4] C. America, “Cisco Switch,” Cisco Pvt Ltd, 10 August 2010. [Online]. Available: http://www.cisco.com/c/en/us/products/collateral/interfaces-modules/catalyst-4500-series-supervisor-engine-ii-plus-ts/product_data_sheet0900aecd8017a0c5.html. [Accessed 27 May 2014]. [5] Cisco, “Cisco Access Point,” Cisco Pvt Ltd, [Online]. Available: http://www.cisco.com/c/en/us/products/wireless/aironet-3500-series/index.html. [Accessed 27 May 2014].
Smith, Daniel. “Review Analysis of Redwall - Redwall 1.” Allreaders.com. n.p. n.d. Web. 24 Mar. 2011
Cisco Designs, manufactures, and sells Internet Protocol (IP) - based networking and other products related to the communications and information technology (IT) industry and provide services associated with these products and their use. The company provides products for transporting data, voice within buildings, across campuses and globally. The products are utilized at enterprise businesses, public institutions, telecommunications companies and other service providers, commercial businesses, and personal residences. Cisco conducts its business globally and manages its business geographically. Its business is divided into the following three geographic segments: The Americans; Europe, M...
RADIUS avoids such problems. IT managers can use a single RADIUS server to authenticate users dialing into multiple remote-access servers. With RADIUS, IT managers maintain a single authentication database. All users dialing into a network are authenticated against this database.
The deployed wireless network automatically disables rogue access points when required. In order to connect to the wireless network, all wireless laptops are required to be the current domain members. A group policy is enforced to all domain members so as to lock their system to SSID access point. For network layer protection, firewalls must be installed throughout the network. Wireless connections should always be WPA2 secured. All systems must have anti-virus software which provides protection from viruses. To ensure that only valid users access the network system, server certificates are installed in the
During 2003-2007, cisco registered a top durable top line growth period. They take a strong ability to manufacture and design new products with how the new world processes information. They have strong strategic industry partners and they have a good customer relationship. Cisco is a company that focuses on their core competencies. When they monitor and manage more than 10,000 devices, it becomes time consuming. Even with these problems cisco systems does have many strength...
Disclaimer; this is intended to be an introductory technical article; certain details have been excluded in the interests of space and clarity. Network design examples are presented to illustrate specific technical points and are not intended to fully complete.
In conclusion, the information covered in this paper shows the different types of security that is associated with each level of the standard OSI model. From the physical layer to the application layer, each layer has a different type of security which must be applied at each layer to prevent any security leaks, spoofing, and infinite loops. These are just a few of the different vulnerabilities that must be protected on a WLAN or LAN.
The procedure that will take place during the audit will be thorough. All five buildings will be tested, inside and outside. The audit will test for user authentication, firewalls, penetration, eavesdropping, human error, surveillance, user access and Wi-Fi access. It will also inspect the security of the central hub with connected servers. There are five buildings on campus all connected to a campus area network. Each individual building has its own Wi-Fi LAN. None of the five buildings allow internet service outside the campus. The buildings connect to one another by a central hub. This central hub has a blade database server, internet/email server, a backup server and a router. During the testing time, outside audits will be conducted and inside on campus as well. The architecture of the network needs to be tested making sure that network ...
Orman, N. (2001). Cisco move: Risky business. Silicon Valley/San Jose Business Journal, 19(18), 13. Retrieved from http://ezproxy.snhu.edu/login?url=http://search.proquest.com/docview/217033005?accountid=3783
Abstract— Trusted Computing Group (TCG) is providing a great effort to provide network security at every level, that’s why the technologies of trusted computing group are spreading very rapidly and will become the most leading technologies in next few years. Always there are Threats to networks, which create need for some features to secure the network at end point admission. The flow of information must be confident and data integrity measures should also be followed. The models provided by trusted computing group provides high and powerful security features, TNC: Trusted Network Connect is a technology provided by TCG, which provides security both at hardware and software platforms. TNC is basically used for NAC (Authentication Purpose). The Architecture of NAC provides a clear background of how a network can be made secure and how to avoid unauthorized access. IEEE 802.1x is a standard which provide port based network access control and protect the network from unauthorized access. If the access register is unauthorized then access is given but access is not given when the access is unauthorized. IEEE 802.1x is basically used for authentication and authorization purpose. This paper aims to review the literature of trusted computing in context of trusted network connect and 802.1x port based authentication using NAC.
Wi-Fi facilitates ease of use and is getting increasingly popular with homes and businesses. Multiple Wi-Fi Access Points can be located in a given area. Wi-Fi security issues continue to be a problem, as the number of Access Points grows.
WLAN (Wireless Local Area network) and its components: The task of developing a WLAN on commercial front possesses a greater challenge. Developing initial design, purchasing and installing components, managing and providing maintenance to the systems are the main basic parts of the WLAN. When we use WLAN on a commercial front then we may face the security and privacy concerns. The total area of that particular commercial area should be accessible. This is only possible with installing huge number of access points. The various components of the WLAN are
For mini project of this subject, I choose to analyze performance management of different Wi-Fi based on context Wi-Fi service provided in my house area which is SriPuteri WifiNet. To analyze the performance management, I have to identify the problem statement, scope and method to use. In Local Area Network (LAN), although multiple device such as PC, laptop, mobile phone and many more can connected to Wi-Fi but as the increasing of device used, the network can become slower because of data traffic congestion. To overcome the problem, it is essential to have a good Network Management plans.
Kayseri is very important city in middle Anatolia. Also Abdullah Gül University (AGU) is new university that is constructed on old factory in Kayseri. AGU had accepted 120 students in this year. About 110 of these students stay at AGU’s dormitory, which is placed in AGU’s campus for free, thanks to their scholarship. All of students who are staying at that dorm have MacBook or iPad, furthermore each section of dorm has Wireless Router, which is connected to Internet, therefore they can access to Internet with their devices whenever they want.
This proposal is for a small office that will have users who are connected by Wi-Fi or cable. The network will include devices and resources that is shared among all the users. The network will need to have security measures in place to protect the entire network and keep the wireless access secure and available only to employees of the company.