Transcript Chapter 7

Wireless Technologies
Networking for Home and Small Businesses – Chapter 7
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
Wireless Technologies
 The use of electromagnetic waves to carry information.
 We call them “radio waves”
 Common wireless technologies
– Infrared
– Radio Frequency
Electromagnetic
Spectrum
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Infrared Technology
 Line of sight transmission
 Unable to penetrate through walls
 IRDA port (Infrared Direct Access)
– used to exchange information between devices
 Used by:
– remote controls
– wireless mouse and keyboard
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
Radio Frequency (RF) Technology
 Signal able to transmit through walls
 RF bands set aside for wireless devices, including cordless phones
and computer peripherals
 900 MHz – used by cell phones
 2.4 GHz
– Bluetooth technology
– low speed, short range
– can communicate with many devices at once
 5 GHz
– Wireless LAN
– transmit at a higher level = greater distance
– conform to 802.11 standards
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Benefits of Wireless
 Mobility
 Scalability
– can be added to a network easily
– use of “hotspots”
 Flexibility
– anytime, anywhere connectivity
 Cost
– inexpensive to install
– reduced installation costs
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
Limitations/Risks of Wireless
 Uses unlicensed regions of the RF spectrum
– used by many different devices
 Interference
– cordless phones
– microwaves
 Security
– easy access to the network
– encryption/authentication helps with security issues
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
Wireless Technologies
 WPAN
– Wireless Personal Area Network
– used for:
• mice
• keyboards
• PDAs
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
7
Wireless Technologies
 WLAN
– Wireless LAN
– uses RF standards
– conform to 802.11 standards
– connects through Wireless AP
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
8
Wireless Technologies
 WWAN
– Wireless WAN
– coverage over large areas
– cell phone network
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
IEEE Wireless Standards
 Define how wireless devices communicate
 802.11 – wireless standards
– group of all 802.11 standards = Wi-Fi Wireless Fidelity
 Wi-Fi Alliance
– tests wireless devices from manufacturers
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
Components of a WLAN
 Wireless client
– any host that can participate in a wireless network
 Access point (AP)
– control access between wired and wireless networks
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
11
Components of a WLAN
 Wireless Bridge
– connects two wired networks through a wireless link
– offers long range connectivity
• 25 miles
– Uses unlicensed RF frequencies
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
12
Access Point
 Antennas
– increases output signal strength (gain)
– receives the wireless signal
– higher gain = increased distance
 Directional antenna
– concentrates signal in one direction
– allows for greater distances
 Omni-directional antenna
– emits signal equally in all directions
– used by most Access Points
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
Purpose of SSID
 Service Set Identifier
 Allows wireless components to connect to the WLAN
– tells wireless devices which WLAN they belong to
– tells devices whom then can talk to
 All wireless devices must have same SSID to
communicate with each other
 Characteristics
– case sensitive
– alphanumeric characters
– sent in the header of the frame
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
14
Ad-hoc Installation
 Simplest form
 Used to connect 2 or more wireless devices together in a
peer to peer network
 No Access Point (AP) needed
 IBSS
– Independent Basic Service Set
– area covered by the Ad-hoc network
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
15
Infrastructure Installation
 Used by larger networks
 Uses an Access Point (AP)
– makes sure all STAs have equal access
 Each device must receive permission to communicate
 BSS
– Basic Services Set
– area covered by a AP
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
Distribution System
 ESS
– Extended Service Set
 Use of multiple Access Points
 Each BSS should overlap by 10%
– will help prevent loss of signal
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
17
Channels in a WLAN
 Use of channels help to control conversations
– allows multiple Access Points close to one another to function
– each AP must be on different channel
 Each channel capable of carrying a different
conversation
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
18
CSMA/CA
 Carrier Sense Multiple Access with Collision Avoidance
 Ensures collisions do not occur on a wireless network
 Reserves a channel for communication
– Device requests permission from AP (Request to Send–RTS)
– If available, AP responds with all clear message
• Clear to Send Message (CTS)
– CTS is broadcast to all other devices
• informs everyone the channel is being used
–Upon completion of conversation
• Device that requested channel send ACK to AP
• ACK indicates to AP that channel can be used again
• ACK sent to other devices letting them know the channel can be
used again
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
19
Configuring a Wireless Access Point
 Modes
– Specific to a device
– Mixed Mode – supports multiple types of hosts
• decreases performance – supports more devices
 SSID
– used to identify the WLAN
– all devices that participate must use the same SSID
– SSID broadcast to everyone
• allows for easy detection
 Wireless Channel
– auto locate
• finds the least congested channel
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
20
Configuring a Wireless Client
 Wireless host (STA) – device that contains a wireless
NIC and wireless software
– client configuration must match that of the Access Point
 Windows XP
– wireless client software
– included as part of the operating system
– can control most configurations
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
21
Configuring a Wireless Client
 Using stand-alone software
– supplied with the wireless NIC
– includes enhanced functions
 Not possible to allow both XP and the stand-alone
software at the same time
 Once software is installed, check connectivity
– connection data rate
– connection status
– wireless channel used
– ping
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
22
Wireless Security
 No physical connection needed
 Attacker can “tune into” your network just like tuning
into a radio station
 Easy access if all settings are set to default, so . . .
 CHANGE THE SETTINGS
– disable SSID
– change default password
– change default IP
 But . .
– SSID transmitted in clear text
– still possible to learn the SSID
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
23
MAC Address Filtering
 Another security feature
 Will limit access to your network
 MAC address used to identify which device can
connect to the wireless network
– wireless AP looks up MAC in a list (database)
– only those addresses listed will gain access
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
24
Security – Authentication
 Controls who connects to the network
 Permitted based on set of credentials
 Helps to verify the “trustworthiness” of the device
– usernames
– passwords
 Occurs before client is connected to WLAN
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
25
Open Authentication
 On by default
 Any and all clients can access AP
 Should only be used on public wireless networks
– Schools
– Internet Café
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
26
PSK (Pre-Shared Keys) Authentication
 Both AP and client must have the same secret key or
word
 Here’s how it works:
– AP sends random string of bytes to client
– Client accepts it, encrypts it, and sends it back to AP
– AP receives encrypted string, decrypts it
– if decrypted string = original string  client is added
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
27
EAP (Extensible Authentication Protocol)
 EAP software must be installed on the client device
 Client talks with RADIUS Server
– Remote Authentication Dial-in User Services
– server functions separately from the AP
– server keeps a database of valid users
– username and password checked by the server
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
28
Encryption
 Process of transforming data so if intercepted, will still
be unusable
 WEP (Wired Equivalency Protocol)
– advanced security feature
– encrypts network traffic as it travels
– 64 – 128 bits (letters and/or numbers)
– AP and every device on the network must have the same
WEP key
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
29
Traffic Filtering
 Controls the type of traffic allowed across a WLAN
 Able to block traffic based on:
– IP Address
– MAC Address
– Port Numbers
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
30
Planning the WLAN
 Determine the type of wireless standard
– 802.11b, g, n operates at 2.4 GHz
– travels farther than 5 GHz
– Less equipment = lower cost
 Determine layout
– look at existing infrastructure
– if using 802.11a, will it work with the newest standards??
 Installation/Security
– Total Cost of Ownership (TCO)
– Site Survey
• signal strength
• possible interference
 Backup/Updating Devices
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
31
Securing the AP
 Basic Security
– Changing values (SSID, usernames, passwords)
– Disable Broadcast SSID
– MAC Address filtering
 Advanced Security
– Encryption
– Authentication
– Traffic Filtering
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
32
Configure an Integrated Wireless Access Point
and Wireless Client
 Describe options for backing-up and restoring AP
configurations
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
33
Configure an Integrated Wireless Access Point
and Wireless Client
 Identify current version of firmware and describe how to
update firmware
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
34
Summary
 Wireless technologies use electromagnetic radiation in
the form of radio signals to carry information between
devices.
 Ease and convenience of connecting devices wirelessly
creates security concerns that need to be addressed.
 Before installing wireless devices, an installation plan
should be created which includes strategies for layout
and security.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
35
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
36