After putting it off until the very last moment, I finally wrote and passed the Certified Wireless Security Professional (CWSP) PW0-204 exam. This was important since it had been almost 3 years since I passed the CWSP (PW0-200) exam and my credentials were set to expire on the 25th of June. Crisis averted! With the exam out of the way, I thought it would be worthwhile to share some thoughts on my experiences while preparing for it.
In no specific order, here are a few things I found very interesting about my time studying for PW0-204:
Wireless security was much less complicated 3 years ago. When I took the PW0-200 exam, I didn’t have to know anything about 802.11n, 802.11k, 802.11w, or 802.11r. All of these, now ratified, IEEE standard amendments come with their own set of additional security settings and concerns that must be taken into consideration when securing a WLAN. Continuing to educate yourself and staying on top of the latest industry developments is the easiest way to ensure that a certification’s body of knowledge doesn’t leave you behind.
Experience in the field helps immensely with this exam. When I first wrote the PW0-200 exam, 3 years ago, I had a great interest in the subject but very little real-world WLAN experience. This time around, after living and breathing WLANs for 3 years, I found I was able to quickly skim or review a lot of the CWSP Study Guide since I deal with 802.1X/EAP, PKI, and WIDS/WIPS solutions quite frequently in my role as a security consultant. In my opinion, the CWSP certification is a great example of an exam that goes beyond ‘textbook studying’ and really tries to incorporate lessons that can only truly be learned through hands-on experience. Certifications like that rock because they signify practical/useful knowledge instead of just the ability to memorize answers for a test.
Keeping my existing CWNA and CWSP credentials was just stop number one on this journey. With that out of the way, I’m now beginning my assault on the Certified Wireless Network Expert (CWNE) designation. Last time I check there were less than 100 CWNEs globally so it’s definitely going to be a challenge. I have to pass both the CWDP and CWAP exams first. Wish me luck and I look forward to posting my thoughts and insights on my next exam this summer.
Day 2 of the Implementing Aruba WLANs course has come to a close and we have managed to make a nice mess of the room. It’s amazing how quickly 6 people can fill a room with controllers, access points, cables, laptops, and courseware!
Much like the first day of the course, the second day was very educational. Focusing mainly on authentication, access control, and roles, I’d say this day represented the meat of the course. Here are my thoughts after day 2:
To securely deploy a wireless network you had better brush up on your 802.1X, RADIUS, and PKI knowledge. Home WLANs are not the same thing as Enterprise WLANs; pre-shared keys (PSK) are not a scalable or manageable solution in most enterprise deployments. All SMB, or enterprise WLAN vendors support robust authentication when it comes to wireless networks so take advantage of these features.
Role derivation is awesome! Having the ability to assign specific access policies and VLAN assignments to clients based on device type or group membership is a great way to avoid excessive SSID creation and provide granular control that matches the capabilities and requirements of each user/device. Regardless of the WLAN vendor you are using, I would highly recommned looking into this feature the next time you are thinking about creating a new SSID for a new business requirement. You just might save your self some configuration effort and eliminate needless wireless beacons at the same time.
Overall I’d say day 2 was a success. WLAN security is incredibly important so I was very happy to see that we spent the entire day exploring the various options available to us.
If you have thoughts, comments, or questions about WLAN security, please leave a note in the comments section.
In this great age of computer security, few can argue that protecting your users from harmful content on the web is a must. Since nearly the beginning of the Internet, system administrators have been using web proxies to help conserve bandwidth, and control browsing habits of users. Today most security administrators have deployed a secure web proxy of some kind or another. These units, regardless of vendor, offer many advantages over a simple proxy. Advantages like granular access policies and HTTPS interception/inspection. No matter which vendor you choose to partner with for your web content filter or WCF if you prefer, intercepting and decrypting SSL is not perfect; at least for the foreseeable future. This is because HTTPS really isn’t designed to be intercepted, and therefore interception is in a sense; a man in the middle attack being carried out by the WCF. For this reason when you deploy your WCF in your network, be that explicit proxy or transparent (WCCP) proxy, some piece of software will break. When this happens you can use the troubleshooting steps below to see what has gone wrong. This is by no means an exhaustive list of troubleshooting steps, but it is a start.Continue reading →