I’m currently studying for the CCNP Wireless Security Exam (642-737) but that goes hand-in-hand with the CWSP exam so why not kill two birds with one stone? The CWNP track provides a great vendor-agnostic cert path that compliments any of the Cisco/Aruba/Aerohive programs.
Before I began these notes I took the pre-book quiz and managed 13/20 so I’m feeling good about this already! Many of the topics overlap with the CWNA/CWDP exams which I’ve already passed. After this it’s just the tricky CWAP (Analysis) to tackle in this level.
WLAN Security Overview
ISO – International Standards Organisation – created the OSI model used worldwide
IEEE – Institute of Electrical and Electronics Engineers – Not just a wireless organisation. They create standards companies like Cisco, Broadcom and Intel will design their equipment around. For example, 802.1X is an IEEE standard.
IETF – Internet Engineering Task Force – They create Internet standards. Important but not brought up as much with wireless things.
Wi-Fi Alliance – Responsible for performing certification testing for interoperability. They basically compliment the IEEE by ensuring the vendors mentioned above conform to particular guidelines/programs and can work together. You’ll often see the Wi-Fi alliance logo on the boxes when you go to buy a Wireless NIC or Router.
These programs are extremely important and really do ensure that wireless networks work properly. Some examples are:
WPA2 Security – Security standardisation.
WMM Power Save (WMM-PS) – Helps devices maximise the power efficiency whilst on the wireless to conserve battery.
802.11 Networking Basics
Wireless operates at the first 2 layers of the OSI model – Physical and Data Link.
The first layer involves the Radio Frequency Fundamentals and the second becomes a little more complicated (I guess that’s subjective) with two sub layers of Logical Link Control (LLC) and Media Access Control (MAC).
802.11 Security Basics
The largest risk with wireless is that it is all transmitted in the open air which is sniffable. Someone could sit quite far away from a network with a high gain sensitive antenna and sniff traffic all day without being detected. This means some serious security is needed to ensure the traffic is not only safe during live transition but, where possible, it is safe from offline attacks when the hackers spend time trying to decrypt the captured packets.
To secure wireless networks, devices use encryption ciphers (known as key or ciphers) to encrypt the data going over the air.
AAA – Authentication, Authorisation and Accounting is a commonly used term within securing networks. When initially connecting to a network you will go through authentication with your credentials e.g. username/password. Once connected, you may then try to access a network resource like a shared drive and go through the authorisation process. Once you do access resources and alter something this will be recorded via accounting. This is useful for historical auditing.
Segmentation through layer 2 (VLANs), layer 3 (subnets/VLANs) and other means such as VPNs is important but now that security methods within wireless have vastly improved they aren’t considered so vulnerable or unsafe.
Monitoring is arguably more important with wireless as rogue APs, honeypots, RF Jammers and man-in-the-middle attacks are all high on the threat list. Utilising appropriate software along with Wireless Intrustion Detection Systems (WIDs) and Wireless Intrusion Prevention Systems (WIPs) will help mitigate these risks.
802.11 Security History
Wired Equivalent Privacy (WEP) was the original way of securing networks with 64-bit static encryption. This was cracked fairly quickly and led to dynamic WEP which was also cracked.
802.11i (2004) defined the Robust Secure Network (RSN) which included stronger encryption methods and authentication methods. This went a long way to bringing wireless security standards up to a strong level with wired networks.
This was later improved in 802.11i 2007 standard which defines various methods for securing both home and enterprise networks.
My study book is from 2010 so it’s a little out of date! Without going into much detail, the 802.11r and 802.11k standards are highlighted as particularly important which we are now starting see 5-6 years on and it should be interesting to see how that pans out!