How To Create A Virtual Network With A Router And Network Operating System (Ip) For A Network (Ipv) (Ip V2) (Netv) And A Virtualization) (Network) (Wired) (Virtual) (Wire)
|
|
- Chastity Adams
- 3 years ago
- Views:
Transcription
1 Post-IP technologies virtualization and security Guy Pujolle 1
2 Virtualization for a post-ip network 2
3 Geni Intel would like to propose a generic router Intel proposes to have a generic hardware with virtual network operating system A router can support simultaneously CISCO IOS and dj Juniper Junos and dal Alcatel los and dn Nortel los OS, etc. Cisco reaction was to virtualize the different releases of IOS. 3
4 Virtual router Network A Network D Network B Network C 4
5 Virtualization of the Control Plane Control algorithms NOS NOS NOS NOS NOS Control Control Control Control Control Hypervisor 5
6 Why virtualization? A better use of the resources Sharing of the resources for the routing schemes Security of the machines against attacks Isolation of the traffic in the virtual machines Management and control Need an hypervisor How to move et the virtual entities ttes(oute,etc) (router, etc.) 6
7 Virtualization of the Management Plane NM NM NM NM NM System System System System System Hypervisor 7
8 Protocol virtualization A B C D = E A = IP stack is mandatory in the core network within the virtual protocol 8
9 Virtualization of the Data Plane 9
10 Virtualization of the Data Plane 10
11 Virtualization of the protocols A D E A B C D E A B D E A A E A B C D E A C D E 11
12 Post-IP security through a strong authentication and closed traceability
13 Why two-factor authentication is needed Password issues Attackers can sniff out what's typed on keyboards, simply by recording keystroke sounds Recommendation to enhance security with two-factor authentication that combines passwords with one-time- password tokens or smartcards,, or with biometric recognition, like fingerprint readers A well known two-factor authentication device is the RSA SecurID token This token works with a proprietary authentication infrastructure called ACE.
14 Two-factor authentication Our proposal Tokens are based on the Java Card technology They execute Java applications supported by the open code project OpenEapSmartcard. The authentication platform is fully based on IETF standards (mainly the Extensible Authentication Protocol,, EAP), no proprietary features Our authentication scenario deals with the classical SSL/TLS protocol (more precisely EAP TLS), which is widely deployed through the WEB, and which relies on Public Key Infrastructure (PKI)
15 What is EAP? EAP is an IETF standard d The Extensible Authentication Protocol (EAP) was introduced in 1999, in order to define a flexible authentication framework. EAP,, RFC 3748, "Extensible Authentication Protocol, (EAP)" EAP TLS,, RFC 2716, "PPP EAP TLS Authentication Protocol EAP SIM,, RFC 4186, " Extensible Authentication Protocol Methodfor Global Systemfor Mobile Communications (GSM) Subscriber Identity Modules (EAP SIM) EAP AKA,, RFC 4187, " Extensible Authentication Protocol Method for 3 rd Generation Authentication and Key Agreement (EAP AKA) AKA)
16 What is EAP? 1 Request 2 Response 3 Success 4 Failure 1 Identity 2 Notification 3 NAK 4 MD5 challenge 13 EAP-TLS 18 EAP-SIM Packet Identifier Packet Length Code Identifier Length Type Type-Data EAP Message Format.
17 What is EAP? An Esperanto for Access Control in IP infrastructures. Wireless LAN Wi Fi, IEEE 802.1x WiMAX mobile, IEEE e, PKM EAP Wired LANs ETHERNET, IEEE PPP, RFC 1661, The Point to Point Protocol (PPP) VPN (Virtual Private Network) technologies PPTP, RFC 2637, " Point to Point Tunnelling Protocol " L2TP, RFC 2661, " Layer Two Tunnelling Protocol " IKEv2, RFC 4306, "Internet Key Exchange Protocol Authentication Server RADIUS, RFC 3559, RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) DIAMETER, RFC 4072, "Diameter Extensible Authentication Protocol Application Voice Over IP UMA, Unlicensed Mobile Access, org
18 What is EAP? EAP components According to RFC 3748, EAP implementations conceptually consist of the four following components: 1 The lower layer is responsible for transmitting and receiving EAP frames between the peer and authenticator. 2 The EAP layer receives and transmits EAP packets via the lower layer, implements duplicate detection and retransmission, and delivers and receives EAP messages to and from EAP methods. 3 EAP peer and authenticator layers. Based on the Code field, the EAP layer de multiplexes incoming EAP packets to the EAP peer and authenticator layers. 4 EAP methods implement the authentication algorithms, and receive and transmit EAP messages. EAP methods can be implemented in Java Card systems.
19 Ordinateurcentral What is EAP? EAP Java Card gy Full Software 4 EAP method EAP method EAP method EAP method Technology 3 EAP-Peer Peer Layer EAP-Auth. Auth. Layer Implementations 2 1 EAP-Layer Lower-Layer EAP-Layer RADIUS Server Peer Authentication Server Partial Software Implementations + EAP JavaCard Technology Peer EAP JavaCard Client EAP-Peer Peer Layer EAP-Layer Lower-Layer 4 EAP Methods Wi-Fi Network EAP JavaCard Server EAP-Auth. Auth Layer EAP-Layer Java Card Enabled RADIUS Server Authentication Server Mainframe
20 The open platform, Why open Java Card technology code? Internet and WEB technologies are based on open code. No proprietary features. Good security principle that enables code reviewing. Fair choice among multiple Java Card systems
21 OpenEapSmartcard. Architecture t Overview
22 Authentication platform Overview
23 The platform
24 Summary We have presented two-factor authentication tokens, based on the Java Card technology We have introduced the open code project OpenEapSmartcard,, which is used by these token We have built an authentication architecture fully based on IETF standards. We have shown a real Wi-Fi platform that deals with these technologies.
The OpenEapSmartcard platform. Pr Pascal Urien ENST Paris
The OpenEapSmartcard platform Pr Pascal Urien ENST Paris /20 Pascal URIEN, CARTES 2005, November 16 th 2005 Introduction 1/4: Network ages Analog networks (Tree age) 1876, Alexander Graham Bell invents
More informationCisco Which VPN Solution is Right for You?
Table of Contents Which VPN Solution is Right for You?...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 NAT...2 Generic Routing Encapsulation Tunneling...2
More informationA Dynamic Extensible Authentication Protocol for Device Authentication in Transport Layer Raghavendra.K 1, G. Raghu 2, Sumith N 2
A Dynamic Extensible Authentication Protocol for Device Authentication in Transport Layer Raghavendra.K 1, G. Raghu 2, Sumith N 2 1 Dept of CSE, P.A.College of Engineering 2 Dept of CSE, Srnivas institute
More informationSecurity, Cloud. Guy Pujolle Guy.Pujolle@lip6.fr
Post-IP Network Knowledge, Piloting, Virtualization, Security, Cloud Guy Pujolle Guy.Pujolle@lip6.fr Where we are? Stone age Bronze age Iron age 2.5 M années 8000 années 3000 années Printing Stone age
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Objectives Define authentication Describe the different types of authentication credentials List and explain the
More informationCisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved.
Cisco Secure ACS Overview By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com 2006 Cisco Systems, Inc. All rights reserved. 1 Cisco Secure Access Control System Policy Control and
More informationExtensible Authentication Protocol (EAP) Security Issues
Sotillo ECU 1 Extensible Authentication Protocol (EAP) Security Issues Samuel Sotillo, Dept. of Technology Systems, East Carolina University Abstract This document describes the Extensible Authentication
More informationChapter 10 Security Protocols of the Data Link Layer
Chapter 10 Security Protocols of the Data Link Layer IEEE 802.1x Point-to-Point Protocol (PPP) Point-to-Point Tunneling Protocol (PPTP) [NetSec], WS 2006/2007 10.1 Scope of Link Layer Security Protocols
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More informationNetwork Access Control and Cloud Security
Network Access Control and Cloud Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationDeploying iphone and ipad Security Overview
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
More informationUNIVERZITA KOMENSKÉHO V BRATISLAVE FAKULTA MATEMATIKY, FYZIKY A INFORMATIKY PRÍPRAVA ŠTÚDIA MATEMATIKY A INFORMATIKY NA FMFI UK V ANGLICKOM JAZYKU
UNIVERZITA KOMENSKÉHO V BRATISLAVE FAKULTA MATEMATIKY, FYZIKY A INFORMATIKY PRÍPRAVA ŠTÚDIA MATEMATIKY A INFORMATIKY NA FMFI UK V ANGLICKOM JAZYKU ITMS: 26140230008 DOPYTOVO ORIENTOVANÝ PROJEKT Moderné
More informationERNW Newsletter 36 / October 2011. Certificate Based Device Authentication with ios Devices
ERNW Newsletter 36 / October 2011 Certificate Based Device Authentication with ios Devices Version: 1.0 Date: 5 Oct 2011 Author: Rene Graf (rgraf@ernw.de) Table of contents 1 INTRODUCTION... 3 2 BACKGROUND
More informationAuthentication and Security in IP based Multi Hop Networks
7TH WWRF MEETING IN EINDHOVEN, THE NETHERLANDS 3RD - 4TH DECEMBER 2002 1 Authentication and Security in IP based Multi Hop Networks Frank Fitzek, Andreas Köpsel, Patrick Seeling Abstract Network security
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationApplication Note: Onsight Device VPN Configuration V1.1
Application Note: Onsight Device VPN Configuration V1.1 Table of Contents OVERVIEW 2 1 SUPPORTED VPN TYPES 2 1.1 OD VPN CLIENT 2 1.2 SUPPORTED PROTOCOLS AND CONFIGURATION 2 2 OD VPN CONFIGURATION 2 2.1
More informationCisco Wireless Security Gateway R2
Cisco Wireless Security Gateway R2 Product Overview The Cisco Wireless Security Gateway (WSG) is a highly scalable solution for tunneling femtocell, Unlicensed Mobile Access (UMA)/Generic Access Network
More informationNetwork Access Control and Cloud Security
Network Access Control and Cloud Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationRelease Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May 2011. 1. New Features and Enhancements. Tip of the Day
NCP Secure Entry Mac Client Major Release 2.01 Build 47 May 2011 1. New Features and Enhancements Tip of the Day A Tip of the Day field for configuration tips and application examples is incorporated in
More informationOther VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer
Other VPNs TLS/SSL, PPTP, L2TP Advanced Computer Networks SS2005 Jürgen Häuselhofer Overview Introduction to VPNs Why using VPNs What are VPNs VPN technologies... TLS/SSL Layer 2 VPNs (PPTP, L2TP, L2TP/IPSec)
More informationRelease Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues
NCP Secure Entry Mac Client Service Release 2.05 Build 14711 December 2013 Prerequisites Apple OS X Operating System: The following Apple OS X operating system versions are supported with this release:
More informationNetwork Authentication - 802.1X Secure the Edge of the Network - Technical White Paper
Bosch Security Systems Video Systems Network Authentication - 802.1X Secure the Edge of the Network - Technical White Paper 4 July 2016 Secure the edge of the network Security devices are mostly located
More informationObjectives. Remote Connection Options. Teleworking. Connecting Teleworkers to the Corporate WAN. Providing Teleworker Services
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Providing Teleworker Services Describe the enterprise requirements for providing teleworker services Explain how
More informationDeploying iphone and ipad Virtual Private Networks
Deploying iphone and ipad Virtual Private Networks Secure access to private corporate networks is available on iphone and ipad using established industry-standard virtual private network (VPN) protocols.
More informationSmart Cards, Biometrics and Tokens for VLANs and Subnet Access
Smart Cards, Biometrics and Tokens for VLANs and Subnet Access Jeff Hayes Director, Security Programs Alcatel e-business Networking Division Agenda LAN Access Issues and Requirements
More informationAuthentication, Authorization and Accounting (AAA) Protocols
Authentication, Authorization and Accounting (AAA) Protocols Agententechnologien in der Telekommunikation Sommersemester 2009 Babak Shafieian babak.shafieian@dai-labor.de 10.06.2009 Agententechnologien
More informationThis chapter describes how to set up and manage VPN service in Mac OS X Server.
6 Working with VPN Service 6 This chapter describes how to set up and manage VPN service in Mac OS X Server. By configuring a Virtual Private Network (VPN) on your server you can give users a more secure
More informationCisco Secure Access Control Server 4.2 for Windows
Cisco Secure Access Control Server 4.2 for Windows Overview Q. What is Cisco Secure Access Control Server (ACS)? A. Cisco Secure ACS is a highly scalable, high-performance access control server that operates
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More informationVPN SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region
VPN SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the
More informationFMC (Fixed Mobile Convergence)
FMC (Fixed Mobile Convergence) What About Security? Vancouver June 2008 Franck Veysset, Orange Labs Firstname.lastname at orange-ftgroup dot com Agenda Introduction - FMC? WIFI-SIP overview UMA overview
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationGlobal Identity Management of Virtual Machines Based on Remote Secure Elements
Global Identity Management of Virtual Machines Based on Remote Secure Elements Hassane Aissaoui, P. Urien, Guy Pujolle To cite this version: Hassane Aissaoui, P. Urien, Guy Pujolle. Global Identity Management
More informationWireless Robust Security Networks: Keeping the Bad Guys Out with 802.11i (WPA2)
Wireless Robust Security Networks: Keeping the Bad Guys Out with 802.11i (WPA2) SUNY Technology Conference June 21, 2011 Bill Kramp FLCC Network Administrator Copyright 2011 William D. Kramp All Rights
More informationCreating a VPN Using Windows 2003 Server and XP Professional
Creating a VPN Using Windows 2003 Server and XP Professional Recommended Instructor Preparation for Learning Activity Instructor Notes: There are two main types of VPNs: User-to-Network This type of VPN
More informationIntranet Security Solution
Intranet Security Solution 1. Introduction With the increase in information and economic exchange, there are more and more enterprises need to communicate with their partners, suppliers, customers or their
More informationDefender EAP Agent Installation and Configuration Guide
Defender EAP Agent Installation and Configuration Guide Introduction A VPN is an extension of a private network that encompasses links across shared or public networks like the Internet. VPN connections
More informationRAD-Series RADIUS Server Version 7.3
RAD-Series RADIUS Server Version 7.3 Highly Customizable RADIUS Server for Controlling Access & Security in Wireless & Wired Networks Interlink Networks RAD-Series Authentication, Authorization, and Accounting
More information802.1x in the Enterprise Network
802.1x in the Enterprise Network Harrison Forest ICTN 6823 Abstract: This paper aims to provide a general over view of 802.1x authentication and its growing importance on enterprise networks today. It
More informationCertficate Extensions and Attributes Supporting Authentication in PPP and Wireless LAN. Daniel Schwarz
Certficate Extensions and Attributes Supporting Authentication in PPP and Wireless LAN Daniel Schwarz Overview: 1. Introduction I. PKIX 2. Basics I. PPP II. EAP III. 802.1x IV. X.509 certificate extensions
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationGPRS and 3G Services: Connectivity Options
GPRS and 3G Services: Connectivity Options An O2 White Paper Contents Page No. 3-4 5-7 5 6 7 7 8-10 8 10 11-12 11 12 13 14 15 15 15 16 17 Chapter No. 1. Executive Summary 2. Bearer Service 2.1. Overview
More informationHughesNet Broadband VPN End-to-End Security Using the Cisco 87x
HughesNet Broadband VPN End-to-End Security Using the Cisco 87x HughesNet Managed Broadband Services includes a high level of end-to-end security features based on a robust architecture designed to meet
More informationCisco Virtual Office Express
. Q&A Cisco Virtual Office Express Overview Q. What is Cisco Virtual Office Express? A. Cisco Virtual Office Express is a solution that provides secure, rich network services to workers at locations outside
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationJunos Pulse Supported Platforms Guide
Junos Pulse Platforms Guide 5.0R1 November 2013 Contents Introduction........................................................ 2 Documentation...................................................... 2 Hardware
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More information7.1. Remote Access Connection
7.1. Remote Access Connection When a client uses a dial up connection, it connects to the remote access server across the telephone system. Windows client and server operating systems use the Point to
More informationRelease Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved
NCP Secure Client Juniper Edition Service Release: 9.30 Build 102 Date: February 2012 1. New Features and Enhancements The following describe the new features introduced in this release: Visual Feedback
More informationDomain 6.0: Network Security
ExamForce.com CompTIA Network+ N10-004 Study Guide 1 Domain 6.0: Network Security Chapter 6 6.1 Explain the function of hardware and software security devices Network based firewall, Host based firewall
More informationParticularities of security design for wireless networks in small and medium business (SMB)
Revista Informatica Economică, nr. 4 (44)/2007 93 Particularities of security design for wireless networks in small and medium business (SMB) Nicolae TOMAI, Cluj-Napoca, Romania, tomai@econ.ubbcluj.ro
More informationWireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.
Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key
More informationRAS Associates, Inc. Systems Development Proposal. Scott Klarman. March 15, 2009
Systems Development Proposal Scott Klarman March 15, 2009 Systems Development Proposal Page 2 Planning Objective: RAS Associates will be working to acquire a second location in Detroit to add to their
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationRadSec RADIUS improved. Stig Venaas venaas@uninett.no
RadSec RADIUS improved Stig Venaas venaas@uninett.no Overview RADIUS overview RadSec overview What is wrong with RADIUS RadSec benefits Radsec implementations, deployment and standardisation RADIUS overview
More informationJunos Pulse Supported Platforms
Supported Platforms Guide Junos Pulse Supported Platforms Release 2.0 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net Sep 25, 2011
More informationHow To Test An Eap Test On A Network With A Testnet (Networking) On A Pc Or Mac Or Ipnet (For A Network) On An Ipnet Or Ipro (For An Ipro) On Pc Or Ipo
Chapter 6 - EAP Authentication This chapter describes using Extensible Authentication Protocol with FreeRADIUS. The following topics are discussed in this chapter: EAP Overview Types/Methods Testing with
More informationUsing IKEv2 on Juniper Networks Junos Pulse Secure Access Appliance
Using IKEv2 on Juniper Networks Junos Pulse Secure Access Appliance Juniper Networks, Inc. 1 Table of Contents Before we begin... 3 Configuring IKEv2 on IVE... 3 IKEv2 Client Side Configuration on Windows
More informationWiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise
Michael Disabato Service Director Network & Telecom Strategies mdisabato@burtongroup.com Diana Kelley Senior Analyst Security & Risk Management Strategies dkelley@burtongroup.com www.burtongroup.com WiFi
More informationWIRELESS NETWORK SECURITY
WIRELESS NETWORK SECURITY Much attention has been focused recently on the security aspects of existing Wi-Fi (IEEE 802.11) wireless LAN systems. The rapid growth and deployment of these systems into a
More informationNetwork Security 1 Module 4 Trust and Identity Technology
Network Security 1 Module 4 Trust and Identity Technology 1 Learning Objectives 4.1 AAA 4.2 Authentication Technologies 4.3 Identity Based Networking Services (IBNS) 4.4 Network Admission Control (NAC)
More informationfreeradius A High Performance, Open Source, Pluggable, Scalable (but somewhat complex) RADIUS Server Aurélien Geron, Wifirst, January 7th 2011
freeradius A High Performance, Open Source, Pluggable, Scalable (but somewhat complex) RADIUS Server Aurélien Geron, Wifirst, January 7th 2011 freeradius is... Multiple protocoles : RADIUS, EAP... An Open-Source
More informationMOC 6435A Designing a Windows Server 2008 Network Infrastructure
MOC 6435A Designing a Windows Server 2008 Network Infrastructure Course Number: 6435A Course Length: 5 Days Certification Exam This course will help you prepare for the following Microsoft exam: Exam 70647:
More informationCisco IOS Firewall. Scenarios
Cisco IOS Firewall Common Deployment Scenarios http://www.cisco.com/go/iosfirewall com/go/iosfirewall Presentation_ID 2007 Cisco Systems, Inc. All rights reserved. 1 Cisco IOS Firewall Feature Overview
More informationEAP-SIM Authentication using Interlink Networks RAD-Series RADIUS Server
Application Note EAP-SIM Authentication using Interlink Networks RAD-Series RADIUS Server Introduction The demand for wireless LAN (WLAN) access to the public IP network is growing rapidly. It is only
More informationConfiguring Security Solutions
CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from
More informationCisco RV 120W Wireless-N VPN Firewall
Cisco RV 120W Wireless-N VPN Firewall Take Basic Connectivity to a New Level The Cisco RV 120W Wireless-N VPN Firewall combines highly secure connectivity to the Internet as well as from other locations
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationCent ralized Out -Of-Band Aut hent ic at ion Syst em. Authentication Security for the 21 st Century
Cent ralized Out -Of-Band Aut hent ic at ion Syst em Security for the 21 st Century Presented by: Southeast Europe Cybersecurity Conference Sophia, Bulgaria September 8-9, 2003 Introduction Organizations
More informationCo-existence of Wireless LAN and Cellular Henry Haverinen Senior Specialist Nokia Enterprise Solutions
Co-existence of Wireless LAN and Cellular Henry Haverinen Senior Specialist Nokia Enterprise Solutions 1 2005 Nokia city_wlan_2005_haverinen.ppt / 2005-08-19 / HH Outline Key use cases of integrating Wireless
More informationExternal Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy
External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview Arlington
More informationApplication Note Secure Enterprise Guest Access August 2004
Application Note Secure Enterprise Guest Access August 2004 Introduction More and more enterprises recognize the need to provide easy, hassle-free high speed internet access to people visiting their offices,
More informationHow Virtual Private Networks Work
How Virtual Private Networks Work by Jeff Tyson This article has been reprinted from http://computer.howstuffworks.com/ Please note that the web site includes two animated diagrams which explain in greater
More informationMCTS Guide to Microsoft Windows 7. Chapter 14 Remote Access
MCTS Guide to Microsoft Windows 7 Chapter 14 Remote Access Objectives Understand remote access and remote control features in Windows 7 Understand virtual private networking features in Windows 7 Describe
More informationThis course has been retired. View the schedule of current <a href=http://www.ptr.co.uk/networkingcourses.htm>networking
Introduction to Data Communications & Networking Course Description: This course has been retired. View the schedule of current networking Courses
More informationAuthentication. Authentication in FortiOS. Single Sign-On (SSO)
Authentication FortiOS authentication identifies users through a variety of methods and, based on identity, allows or denies network access while applying any required additional security measures. Authentication
More informationIP Security. IPSec, PPTP, OpenVPN. Pawel Cieplinski, AkademiaWIFI.pl. MUM Wroclaw
IP Security IPSec, PPTP, OpenVPN Pawel Cieplinski, AkademiaWIFI.pl MUM Wroclaw Introduction www.akademiawifi.pl WCNG - Wireless Network Consulting Group We are group of experienced professionals. Our company
More informationU.S. Patent Appl. No. 13/247.308 filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD
U.S. Patent Appl. No. 13/247.308 filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD [0001] The disclosure relates to mobile networks and, more specifically, to wireless
More informationA Performance Analysis of Gateway-to-Gateway VPN on the Linux Platform
A Performance Analysis of Gateway-to-Gateway VPN on the Linux Platform Peter Dulany, Chang Soo Kim, and James T. Yu PeteDulany@yahoo.com, ChangSooKim@yahoo.com, jyu@cs.depaul.edu School of Computer Science,
More informationEAP Authentication Protocols for WLANs
C H A P T E R 7 EAP Authentication Protocols for WLANs The second in the WLAN authentication trilogy of chapters, this chapter examines the various authentication protocols such as the Extensible Authentication
More information9243060 Issue 1 EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
9243060 Issue 1 EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300i Configuring connection settings Nokia 9300i Configuring connection settings Legal Notice
More informationNetwork Security. Chapter 10 Security Protocols of the Data Link Layer
Network Security Chapter 10 Security Protocols of the Data Link Layer! IEEE 802.1x! Point-to-Point Protocol (PPP)! Point-to-Point Tunneling Protocol (PPTP)! Layer 2 Tunneling Protocol (L2TP)! Virtual Private
More informationJuniper / Cisco Interoperability Tests. August 2014
Juniper / Cisco Interoperability Tests August 2014 Executive Summary Juniper Networks commissioned Network Test to assess interoperability, with an emphasis on data center connectivity, between Juniper
More informationLink Layer and Network Layer Security for Wireless Networks
Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.
More informationJoe Davies Principal Writer Windows Server Documentation
Joe Davies Principal Writer Windows Server Documentation Presented at Seattle Windows Networking User Group monthly meeting September 1, 2010 Agenda Brief VPN technology overview VPN features in Windows
More informationLecture 3. WPA and 802.11i
Lecture 3 WPA and 802.11i Lecture 3 WPA and 802.11i 1. Basic principles of 802.11i and WPA 2. IEEE 802.1X 3. Extensible Authentication Protocol 4. RADIUS 5. Efficient Handover Authentication 1 Lecture
More informationUser Authentication in the Enterprise Network
User Authentication in the Enterprise Network Technology for secure accessibility to Enterprise IT services 2001 Enterasys Networks, Inc. All rights reserved. Steve Hargis Technical Director Office of
More informationEnabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches
print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your
More informationCisco CCNP 642 845 Optimizing Converged Cisco Networks (ONT)
Cisco CCNP 642 845 Optimizing Converged Cisco Networks (ONT) Course Number: 642 845 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: Cisco CCNP Exam 642 845:
More informationNetworking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the
Networking Systems Design and Development Lee Chao CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK
More informationRA-MPLS VPN Services. Kapil Kumar Network Planning & Engineering Data. E-mail: Kapil.Kumar@relianceinfo.com
RA-MPLS VPN Services Kapil Kumar Network Planning & Engineering Data E-mail: Kapil.Kumar@relianceinfo.com Agenda Introduction Why RA MPLS VPNs? Overview of RA MPLS VPNs Architecture for RA MPLS VPNs Typical
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationClickShare Network Integration
ClickShare Network Integration Application note 1 Introduction ClickShare Network Integration aims at deploying ClickShare in larger organizations without interfering with the existing wireless network
More informationIBM enetwork VPN Solutions
IBM enetwork VPN Solutions the Reach of Your Network Extend Agenda Description and Value of a VPN VPN Technology IBM's VPN Solutions and Future Enhancements Summary What is a VPN? Remote Access Business
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More information