CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [79]
Using 802.1x Wireless Protocols
The IEEE 802.1x protocols represent a broad range of wireless protocols for wireless communications. There are two major families of standards for wireless communications: the 802.11 family and the 802.16 family. The 802.11 protocols are primarily short-range systems suitable for use in buildings and campus environments. The 802.16 standard was finalized in the fall of 2002 and defines the development and deployment of broadband wireless metropolitan-area networks.
The 802.11 standards are discussed in detail in Chapter 4, “Monitoring Activity and Intrusion Detection.”
Working with RADIUS
Remote Authentication Dial-In User Service (RADIUS) is a mechanism that allows authentication of dial-in and other network connections. The RADIUS protocol is an IETF standard, and it has been implemented by most of the major operating system manufacturers. A RADIUS server can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. In a large network with many connections, this allows a single server to perform all authentications.
Figure 3.14 shows an example of a RADIUS server communicating with an ISP to allow access to a remote user. Notice that the remote server is functioning as a client to the RADIUS server. This allows centralized administration of access rights.
You should use RADIUS when you want to improve network security by implementing a single service to authenticate users who connect remotely to the network. Doing so gives you a single source for the authentication to take place. Additionally, you can implement auditing and accounting on the RADIUS server.
FIGURE 3.14 The RADIUS client manages the local connection and authenticates against a central server.
The major difficulty with a single-server RADIUS environment is that the entire network may refuse connections if the server malfunctions. Many RADIUS systems allow multiple servers to be used to increase reliability. All of these servers are critical components of the infrastructure, and they must be protected from attack.
TACACS/+
Terminal Access Controller Access Control System (TACACS) is a client-server-oriented environment, and it operates in a manner similar to how RADIUS operates. Extended TACACS (XTACACS) replaced the original and combined authentication and authorization with logging to enable auditing.
The most current method or level of TACACS is TACACS/+, and this replaces the previous two incarnations. TACACS/+ allows credentials to be accepted from multiple methods, including Kerberos. The TACACS client/server process occurs in the same manner as the RADIUS process illustrated in Figure 3.14.
Cisco has widely implemented TACACS/+ for connections. TACACS/+ is expected to become widely accepted as an alternative to RADIUS.
Remember: RADIUS and TACACS can be used to authenticate connections.
Securing Internet Connections
The Internet is perhaps the area of largest growth for networks. The Internet is a worldwide network that offers the capability of instantaneous connections between networks, no matter where they’re located. The technology started as a research project funded by the Department of Defense and has grown at an enormous rate. Within a few years, virtually every computer in the world is expected to be connected to the Internet. This situation creates a security nightmare and is one of the primary reasons the demand for professionals trained in information and computer security is expected to grow exponentially.
The following sections describe ports and sockets and then some of the more common protocols, including e-mail, web, and FTP.
Working with Ports and Sockets
As we’ve already