Assessment Title: Analysis and Design of a Secured Wireless LAN
Word Limit : 1500
Reference Style: IEEE
The purpose of this assignment is to analysis and design of a Secured Wireless LAN covering the following ULOs:
b. Analyse practical alternatives for how to build, protect and manage WPAN, WLAN.
c. Design a secure WLAN and utilise techniques to mitigate possible attacks.
d. Solve complex problems in secure wireless network designs.
e. Contribute and cooperate with teams for implementing a secure wireless network.
802.1x based Wireless network for authentication and authorisation at Vancouver State University (VSU), Canada.
The 4000 students and 400 faculty and staff at Vancouver State University (VSU) live and learn in one of the most beautiful places on earth i.e. Vancouver, BC in Canada. What is not always so pretty, especially for the university’s small IT team, is the deployment of new campus-wide technology projects. Our IT team constantly assesses the latest technology to help protect the campus network and its 4,400 users. With the goal of continuously improving network security, we sought to add greater authentication and authorization to campus resources through the deployment of 802.1X access control. The challenge was finding the right solutions to best facilitate ease of deployment and limit disruption of service to our users. A key driver for this security upgrade was the fact that VSU’s open wireless network could easily be accessed by anyone on or near the campus. Our CTO, John O’conor, challenged the IT team to find a solution that worked with our existing infrastructure and was cost effective.
The idea was to terminate the evil wishes of any potential hackers. In addition to the obvious hazards of having anyone and any machine connect to the network, another big issue was being able to capture important information about the wireless users accessing the campus network. Previously, the team had no way of knowing who was on the network, or how the network was being utilized. For example, it is important to identify users who might be doing something inappropriate using network resources. All VSU, Vancouver students are required to sign an honor code of conduct. If someone violates a conduct policy, such as downloading inappropriate material, the IT team needed a way to identify the student as required by the Honor Code Office. With no way to identify users, reporting violators was next to impossible. To address these issues, the team wanted to first secure the wireless network, with the long term goal being to authenticate users on the wired network as well. They decided the best way to do this was to deploy 802.1X authentication, which is the IEEE Standard for port based Network Access Control. This would provide a more secure authentication mechanism for approved users and devices attempting to connect to the network. Since VSU–Vancouver’s network is made up of a mixture of 240 access points from Cisco and Xirrus, a key best practice for the 802.1X capability to function properly was to select a new authentication solution that worked in this multi-vendor environment.
The objective of this assignment is to implement 802.1 x authentication for VSU’s wireless network.
Best practices for deploying 802.1X should start with a well thought out plan that includes, but is not limited to, the following considerations:
• Do your wireless and wired networking devices support 802.1X?
• Will you have the ability of using your existing identity stores?
• The AAA/NAC platform should support multi-vendor environments . The solution should include a way to easily configure 802.1X variables in a variety of user devices (Windows, Mac OS, Linux) Creating and testing policies should be easy to use and streamline processes The AAA/NAC platform should support a variety of user and device authentication methods Visibility and troubleshooting tools should be included The AAA/NAC platform should provide guest access management and multiple sponsor roles Find a vendor that shares in your goals
Design the network as specified in the above scenario from scratch. You have to submit a report .You should address the following tasks in your report:
• Design the wireless network of VSU according to given specification in the given case study (In this design you will plan a design for the network and frame that using software with configuration details. Diagrams can be designed using MS Visio or any other available network design software).
• Detail all the security requirements for wireless network of VSU-Vancouver stated in the case study.
• Expand further on 802.1x authentication mechanism required wireless network of VSU Report, step by step procedure of implementing 802.1x for VSU wireless network.
• Discuss ethical implication on VSU secured Wireless LAN design.
Demonstrate the implementation of 802.1x . The implementation should be appropriate for VSU wireless network. (For demo only you can just use one access point so that a client can connect to the wireless network using 802.x).
Write a report that includes the following sections: executive summary, introduction, plan of your implementation along with figures, your recommendations and conclusions.