Back to list
WPA2 Security question
Nov 07 2010 02:52PM
Avi Shvartz (avishvartz1 yahoo com)
A big finance organization is considering to equip some workers in the branches
with mobile TABLET devices (WIN 7 based) and using WiFi communication (within
the branch only).
My initial thought about the network is to use:
- WPA2 Enterprise: CCMP/AES with RADIUS authentication (not PSK).
- Decent firewall & IPS between the Access Point and the internal network.
- Implement 802.1x within the internal network for any device that will slip
- MAC filtering (I know.. spooffable.. hard to maintain.. but nevertheless...).
- Any known attacks against WPA2 CCMP/AES & Radius combination ?
- Anything I missed in the network layer ?
At the Tablet device:
- Volume level encryption (keep the key in external USB token).
- No applications and data in the device (using Citrix client in my case).
- Remote wipe.
- Extensive Active Directory GPO usage.
- Anything missing ?
Thank you all for your kind answers
[ reply ]
Copyright 2010, SecurityFocus