Wireless Security
WPA2 Security question Nov 07 2010 02:52PM
Avi Shvartz (avishvartz1 yahoo com)


Hello list,

A big finance organization is considering to equip some workers in the branches
with mobile TABLET devices (WIN 7 based) and using WiFi communication (within
the branch only).

My initial thought about the network is to use:
 -  WPA2 Enterprise: CCMP/AES with RADIUS authentication (not PSK).
 -  Decent firewall & IPS between the Access Point and the internal network.
 -  Implement 802.1x within the internal network for any device that will slip
through.
 - MAC filtering (I know.. spooffable.. hard to maintain.. but nevertheless...).

My questions:
 - Any known attacks against WPA2 CCMP/AES & Radius combination ?
 - Anything I missed  in the network layer ?

At the Tablet device:
 - Volume level encryption (keep the key in external USB token).
 - No applications and data in the device (using Citrix client in my case).
 - Remote wipe.
 - Extensive Active Directory GPO usage.

My questions:
- Anything missing ?

Thank you all for your kind answers

Avi

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus