Chapter 11 - 01 - Understand Wireless Network Fundamentals - 03_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Wireless Network Topologies O Ad-hoc Standalone Network " Devices exchange information with each other similar to that in a peer-to-peer communication mode without the E\f A need of an AP for communication (Independent Basic J To setup this mode properly, first configure the wireless adapter Service Set (IBSS)) N for all the devices. They should all have the same channel name and SSID in order to activate the connections ) S -/\/ AN ] - — - :‘ Q [a—-— > -/\/ k - )-r‘@‘ A v "ghi A2 O[] @ i = : Devices in the wireless network are connected v Infrastructure through an ap Network Topelogy e y QO An AP connects to the internet via a modem Q Installed in large organizations Coordinated Architecture/ Basic Service Set (BSS)) Wireless Network Topologies In order to plan and install a wireless network, it is necessary to determine the type of architecture that would be suitable for the network environment. There are two types of wireless topologies: * Ad-hoc Standalone Network Architecture (Independent Basic Service Set (IBSS)) The ad-hoc mode is also called as the independent basic service set (IBSS) mode. Devices connected over a wireless network communicate with each other directly, similar to that in the peer-to-peer communication mode. The ad-hoc mode does not implement a wireless access point (WAP)/access point (AP) for communication between devices. The wireless adaptors on each device are configured on the ad-hoc mode rather than on the infrastructure mode. Adaptors for all the devices must use the same channel name and SSID in order to establish the network connections successfully. A T v A "‘A‘_‘:' V (a(,,@(............ > - A T, S| A =||& A sl Ty [ Figure 11.1: Standalone Architecture Module 11 Page 1412 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 The ad-hoc mode works effectively for a small group of devices and it is necessary to connect all the devices with each other in close proximity. The network performance degrades as the number of devices increases. It becomes cumbersome for a network administrator to manage disconnect regularly. the network in this mode, because It is not possible to bridge this mode devices connect and with a traditional wired network and it does not allow internet access until a special gateway is present. The ad-hoc mode works better in a small area and does not require any access points (such as a router or a switch), thus minimizing the cost. This mode acts as a backup option and appears when there is a problem or a malfunction in the APs or a centrally coordinated network (infrastructure mode). This mode uses the functionality of each adaptor to enable security authentication and to use wireless services. The key characteristics of an ad-hoc wireless network are as follows: » o The AP encrypts and decrypts text messages. o Each AP operates independently and has its own respective configuration files. o The network conditions. configuration remains constant with changes in the network [Infrastructure Network Topology (Centrally Coordinated Architecture/ Basic Service Set (BSS)) A centrally coordinated architecture (infrastructure mode) or a basic service set (BSS) mode is an architecture where all wireless devices connect to each other through an AP. This AP (router or switch) receives Internet access by connecting to a broadband modem. This mode will work effectively when deployed in large organizations. It simplifies the network management and helps address the operational issues. It assures resiliency while allowing a number of systems to connect across the network. This mode provides enhanced security options, scalability, management. The downside is that it is expensive since an AP required to connect the devices to each other. stability, and easy (router or switch) is Figure 11.2: Centrally Coordinated Architecture Module 11 Page 1413 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 The following are the key characteristics of the infrastructure mode: o ltincreases or decreases the range of the wireless network by adding and removing the APs. o The controller footprint. reconfigures the network o The controller regularly monitors and controls the activities on the wireless network o The wireless centralized controller manages all the AP tasks. o The to the changes in the RF by reconfiguring the AP elements to maintain and protect the network. wireless authentication, network policy controller creation performs and expansion, configuration control, etc. o according various enforcement, crucial fault tasks such tolerances, as user network It maintains backups of other APs in a different location, and these are used when a particular AP malfunctions. Module 11 Page 1414 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Classification of Wireless Networks Wireless Networks Based on the Connection Extension to aWired Network ST 1 N ; -.. i ¥4 e LAN-to-LAN wes wem ‘1 | Multiple | Becess | E-))) Neh::::t Points 40 Hotspot Classification of Wireless Networks (Cont’d) Wireless Network Based on the Geographic Area Coverage WLAN It connects users in a local area with a network. The area may range from a single room to an entire campus WPAN It interconnects devices positioned around an individual, in which the connections are wireless. It has a very short range WWAN WWAN covers an area larger than the WLAN. It can cover a particular region, nation, or even the entire globe WMAN It accesses broadband area networks by using an exterior antenna. Itis a good alternative for a fixed-line network Classification of Wireless Networks Wireless networks are classified on the basis of the connection used and the geographical area. Wireless Networks Based on the Connection = Extension to a Wired Network Extension to a wired network can be obtained by placing APs between a wired network and wireless devices. Module 11 Page 1415 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 In this network, the AP acts as a hub that provides connectivity for wireless computers. It can also connect a wireless LAN to a wired LAN, which allows the wireless computers the access to LAN resources such as file servers or existing internet connectivity. The two types of APs used in this type of wireless network are: o Software APs that can be connected to a wired computer with a wireless network interface card. network and which run on a o Hardware APs (HAPs) which provide a comprehensive support of most of the wireless features. With a suitable networking software support, users on the wireless LAN can share files and printers situated on the wired LAN and vice versa. The network may be extended further in accordance with the size of the location and interference from other devices. This enables a wired/wireless connection across the location for multiple users. Broadband Router £ ' Extension Point Internet Figure 11.3: Extension to a wired network = Multiple Access Points (APs) Wireless computers connect using multiple APs. If a single large area is not covered by a single AP, multiple APs or extension points are used. Extension points are not defined in the wireless standard. When using multiple APs, each AP must cover its neighbors. This allows the users to move around seamlessly using a feature called roaming. Some manufacturers develop extension points which act as wireless relays, and thus extend the range of a single AP. Multiple extension points can be strung together to provide wireless access to distant locations from the central AP. Module 11 Page 1416 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Broadband Router Internet Figure 11.4: Multiple access points = LAN-to-LAN Wireless Network APs provide wireless connectivity to local computers and computers on a different network. All HAPs have the capability of directly connecting to other HAPs. Building interconnecting LANs by using wireless connections is large and complex. Several LANenabled PCs can be connected to an AP for wireless communication. ? Broadband Router ' i). ( ) ( ; Broadband el - Router - - Figure 11.5: LAN-to-LAN wireless network = 4G Hotspot A hotspot provides internet access over a WLAN with the help of a router connected to the internet service provider (ISP). Multiple devices can be connected at the same time using a Wi-Fi network adapter. Hotspots use the service from cellular providers for 4G internet access. Computers generally scan (network name) of the wireless network. Module 11 Page 1417 for hotspots thereby identifying the SSID Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 %Q g Internet m @») 3G Hotspot P 3G Connection Sm =0 ( ( ( - ’ ) ) Cell Tower Figure 11.6: 4G hotspot Wireless Network Based on the Geographic Area Coverage Wireless networks are classified into WLAN, wireless wide-area network (WWAN), wireless personal area network (WPAN), and wireless metropolitan-area network (WMAN) based on the area they cover geographically. = WLAN o A WLAN connects users in a local area with a network. The area may range from a O O It uses high-frequency radio waves. O WLAN is also known as a LAWN. In 1990, IEEE created a group to develop a standard for wireless equipment. o It connects wireless users and the wired network. O single room to an entire campus. In the peer-to-peer mode, wireless devices within each other’s range communicate directly with each other without using a central AP. In the infrastructure mode, the access point is wired to the internet with the wireless users. An access point functions as a mediator between the wired and wireless networks. Advantages: o] WLAN is flexible to install. o Wireless networks are easy to set up and use. o Wireless networks are robust. If one base station is down, users can physically move their PCs in the range of another base station. o] It has a better chance of surviving in case of a disaster. Disadvantage: (o] Data transfer speeds are normally slower than wired network. Module 11 Page 1418 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security = Exam 212-82 WWAN o WWAN covers an area larger than the WLAN. o It handles cellular network technology such as code-division multiple access (CDMA), global system for mobile communications (GSM), general packet radio service (GPRS), and cellular digital packet data (CDPD) for data transmission. o This technology can cover a particular region, nation, or even the entire globe. o The system has a built-in cellular radio (GSM/CDMA) receive data. o In WWAN, the wireless data consists of fixed which helps users to send or microwave links, digital dispatch networks, wireless LANs, data over cellular networks, wireless WANs, satellite links, one-way and two-way paging networks, laser-based communications, infrared, keyless car entry, the global positioning system, and more. = diffuse WPAN o WPAN interconnects devices connections are wireless. o WPAN positioned around an individual, in which has a very short range. It can communicate within a range of 10 m. the A WPAN interconnects the mobile network devices that people carry with them or have on their desk. o The main concept in WPAN technology is plugging in. o When any two WPAN devices come within a range of a few meters to the central server, they communicate with each other, similar to a wired network. o Another characteristic of a WPAN is the ability to lock out other devices and prevent interference. o Every device in a WPAN can connect to any other device However, to do so, they should be within the physical Bluetooth is the best example of WPAN. = in the range same of each WPAN. another. WMAN WMAN covers a metropolitan area such as an entire city or a suburb. o It accesses broadband area networks by using an exterior antenna. o It is a good alternative for a fixed-line network. It is simple to build and is station that is inexpensive. In a WMAN, the subscriber stations communicate with the base connected to a central network or hub. (@] A WMAN A WMAN uses a wireless infrastructure or optical fiber connections to link the sites. links between the WLANSs. Distributed queue dual bus (DQDB), is the MAN standard for data communications, specified by the IEEE 802.6 standard. On the basis of DQDB, the network can be established over 30 mi with a speed of 34 to 154 Mbits/s. Module 11 Page 1419 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.