The problem of deploying in the real world - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

The problem of deploying in the real world

Description:

Security needs are growing on a daily basis - Dispersed networks and multiply ... files, account numbers, network diagrams, manuals, location of instruments, etc. ... – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 21
Provided by: arturoh
Category:

less

Transcript and Presenter's Notes

Title: The problem of deploying in the real world


1
(No Transcript)
2
  • Security, Access and Control
  • of an Industrial Wireless Network
  • Mike Malone
  • Microwave Data Systems

3
Agenda
  • Industry Trends
  • Network Security Analysis
  • Security and Wireless Serial Networks
  • Wireless LAN Risk Management
  • Summary

4
Industry/Market Trends
  • Security needs are growing on a daily basis -
    Dispersed networks and multiply access points can
    leave a network vulnerable to hackers and
    terrorists

Corporate WAN VSAT Leased line
Corporate Host
Centralized database holds corporate information
5
Industry/Market Trends
  • Heightened awareness and sensitivity has led to
    increased security efforts in all aspects of our
    lives
  • Security of critical infrastructure/assets is
    one of our nations most important objectives.

6
Network Security Analysis
  • Wired networks are also vulnerable
  • Telephone, fiber optic, coaxial cable have higher
    risk for breakage or damage due to storms, motor
    vehicle accidents, construction work, sabotage,
    and tapping
  • Repairs may take days or weeks during a
    widespread crisis
  • Wireless has potentially less failure points
  • Network Access Priority
  • During heavy periods of telephone use, such as an
    emergency situation, voice traffic is the
    priority, not data
  • Private networks have a more predictable traffic
    composition

7
Network Security Analysis
  • Two types of networks
  • Multiple service IP networks
  • Dedicated service serial networks
  • Several types of risks
  • Free access to internet
  • Databases company records, password files,
    account numbers, network diagrams, manuals,
    location of instruments, etc.
  • Applications controlling behavior of remote
    devices and resources

8
SCADA Polling Systems
  • Single Service Oriented
  • A host sends commands or requests, and expects an
    action/report from the RTU/PLC
  • Gaining access to a host through a serial channel
    nearly impossible
  • No access to console prompt and/or host operating
    system commands

9
SCADA Polling Systems
  • Proprietary protocols provide protection
  • Information is stored in custom specific
    registers are programmed into the devices
  • Passwords are used at the application layer
  • Hacker must replace the host computer to
    control RTU/PLC and/or have a copy of the host
    application as configured for the particular host
  • Know and understand the exact radio and RTU/PLC
    models
  • Know the protocol or have knowledge of specific
    site logic configuration
  • Be close enough to override the Master signal

10
Network Security Analysis
  • Current security issues with 802.11b wireless LAN
    solutions
  • Available protection not enabled by users
  • Off the shelf solutions provide relatively easy
    access to physical layer
  • WEP weaknesses published on Internet
  • Free software available to help break WEP
    encryption

11
Risk Management
  • Nothing is perfect
  • Network security is about layering
  • You can not completely eliminate risk, but you
    can reduce it to a manageable level

12
Risks and Mitigation
  • Eavesdropping
  • RC4 128 bit encryption
  • Key cracking
  • Dynamic key rotation
  • War driving and sniffing
  • No promiscuous mode of operation
  • Proprietary physical layer
  • Not readily available to commodity market

13
Risks and Mitigation
  • Unauthorized Network Access
  • Foreign remote radios
  • Authorized access list of remotes at Access
  • Rogue Access Points
  • Authorized Access Point list at every remote

14
Risks and Mitigation
  • Denial of Service attacks
  • Network overload
  • Bandwidth limiting
  • Traffic Prioritization (QoS)
  • Per remote radio
  • Per interface
  • Radio Frequency jamming
  • Frequency Hopping more resilient than Direct
    Sequence

15
Risks and Mitigation
  • Denial of Service attacks
  • Network Availability
  • Remote configuration
  • All Logins with password protection
  • Directory attacks
  • Limited login retries with temporary lockdown
  • HTTP with MD5 protection
  • Remote access lockdown
  • HTTP (web browser)
  • Telnet
  • SNMP v3 (encryption)

16
Risks and Mitigation
  • Denial of Service
  • Network availability
  • Industrial rated devices Class 1 Div 2
  • Industrial MTBF (35 years)
  • Redundancy (device and system level)

17
Risks and Mitigation
  • Intrusion Detection
  • Early warning notification
  • SNMP alarms
  • Login attempts
  • Successful Login/logout
  • Configuration changes executed
  • Unauthorized remote MAC detected
  • Unauthorized AP MAC detected
  • Network Wide Device Polling

18
Security Beyond Wireless
  • Secure communications end-to-end
  • Firewalls and Virtual Private Networks are
    essential to maintaining a secure network
  • Security policies include physical access
  • Security is not something you buy, its something
    you practice 24x7

19
Summary
  • Wireless communications provides security
    benefits that a wired environment cannot, but
    issues still exist
  • Internal precautions--firewalls and Virtual
    Private Networks--will help prevent attacks on
    wireless and wired networks
  • Industrial wireless networks can be secure
    despite bad press of commercial products

20
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com