A national Security Agency (NSA) pilot program aims to model secure classified communications over commercial mobile devices. However, the NSA has found that off-the-shelf products are inconsistent in their implementation of the standards and protocol that NSA requires. The agency would prefer not to have to be tied to one platform, but for the time being, they have no choice.
The standards and protocols exist to provide the security that NSA requires, but they are not being implemented consistently by vendors, Margaret Salter, a technical director in NSA’s Information Assurance Directorate, said Feb. 29 at the RSA Conference.
The agency went shopping with a list of requirements for encryption for the voice channel and for the Session Initiation protocol. “We couldn’t buy one” that met all the requirements, Salter said. “We could pay someone to make it, but that wasn’t the plan.”
- NSA builds own model of Android phone, wants you to do the same (engadget.com)
- NSA Agents Will Make All Their Private Calls with a Fishbowl [Security] (gizmodo.com)
- NSA builds Android phone for top-secret discussions (slashgear.com)
Cisco WLCs and Cisco WiSMs are responsible for system-wide wireless
LAN functions, such as security policies, intrusion prevention, RF
management, quality of service (QoS), and mobility.
These devices communicate with controller-based access points over any Layer 2 (Ethernet) or Layer 3 (IP) infrastructure using the Lightweight Access Point Protocol (LWAPP) and the Control and Provisioning of Wireless Access Points (CAPWAP) protocol.
The Cisco Wireless LAN Controller (WLC) product family is affected by
the following vulnerabilities:
* Cisco Wireless LAN Controllers HTTP Denial of Service Vulnerability
* Cisco Wireless LAN Controllers IPv6 Denial of Service Vulnerability
* Cisco Wireless LAN Controllers WebAuth Denial of Service Vulnerability
* Cisco Wireless LAN Controllers Unauthorized Access Vulnerability
Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.
This advisory is available at the following link:
The Cisco WLC product family is affected by multiple vulnerabilities. Affected versions of Cisco ASA Software vary depending on the specific vulnerability.
Each of the following products is affected by at least one of the vulnerabilities covered in this Security Advisory:
* Cisco 2000 Series WLC
* Cisco 2100 Series WLC
* Cisco 2500 Series WLC
* Cisco 4100 Series WLC
* Cisco 4400 Series WLC
* Cisco 5500 Series WLC
* Cisco 500 Series Wireless Express Mobility Controllers
* Cisco Wireless Services Modules (WiSM)
* Cisco Wireless Services Modules version 2 (WiSM version 2)
* Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco Catalyst 3750G Integrated WLCs
* Cisco Flex 7500 Series Cloud Controllers
Measures to mitigate these risks can be found here: http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120229-wlc
- Cisco Releases Multiple Security Advisories (netsecurityit.wordpress.com)
- Cisco Security Advisory: Cisco Small Business SRP 500 Series (netsecurityit.wordpress.com)
- Cisco Security Advisory: Cisco NX-OS (netsecurityit.wordpress.com)
Aruba Delivers BYOD Control with ClearPass
The bring-your-own-device (BYOD) era is booming, while BYOD delivers some freedom to users and is great don’t get me wrong, however. It is still absolutely critical that companies reachthe same degree of protection, and control that corporate owned devices also receive to these devices. It has to be thought of as a wired device, in my opinion.
“ClearPass provides a networking solution for BYOD to address all of the majoroperating systems and any networking vendor’s network architecture,” Robert Fenstermacher, director of Product Marketing at Aruba, told InternetNews.com. “It can act as a single point of policy control across all wired, wireless and remote infrastructure for a global organization.”
- Aruba simplifies IT management of BYOD (infoworld.com)
- Aruba to buy Avenda for BYOD security (infoworld.com)
- Aruba Simplifies IT Management of Employee-Owned Mobile Devices (oracleidentity.wordpress.com)
Apple Will Require Apps to Obtain User Permission Before Accessing Contact Data
US legislators sent a letter to Apple CEO Tim Cook asking why the company does not require iOS developers to obtain permission from users before apps download users’ contacts. The inquiry follows close behind news that the Path app downloaded users’ address books without their permission. Apple has responded to the question with a promise to change that policy so apps requiring use of address book data request that information explicitly.
*More on this story here:
[Editor’s Comment (SANs.org):
“I wonder if they will be in time to avoid a major disaster. I was surprised to read on slashdot that your data was safer on unapproved apps for jailbroken iPhones than on approved apps from Apple’s store”:
***Back story on NetsecurityIT.com:
Assessing Your Wireless Network Security
Wireless network penetration testing—using tools and processes to scan the network environment for vulnerabilities—helps refine an enterprise’s security policy, identify vulnerabilities, and ensure that the security implementation actually provides the protection that the enterprise requires and expects. Regularly performing penetration tests helps enterprises uncover WLAN network security weaknesses that can lead to data or equipment being compromised or
destroyed by exploits (attacks on a network, usually by “exploiting” a vulnerability of the system),Trojans (viruses), denial of service attacks, and other intrusions.
Here is a great article I was reading on Cisco blogs and found it useful to post. Enjoy!
Sampa Choudhuri – Network security is a never-ending task; it requires ongoing vigilance. Securing your wireless network can be particularly tricky because unauthorized users can quietly sneak onto your network, unseen and possibly undetected. To keep your WLAN secure, it’s important to stay on top of new wireless vulnerabilities. By regularly performing a vulnerability assessment on your wireless network, you can identify and close any security holes before a hacker can slip through them.
With a WLAN vulnerability assessment, you’re figuring out what your wireless network looks like to the outside world on the Internet. Is there an easy way in to your network? Can unauthorized devices attach themselves to your network? A WLAN vulnerability assessment can answer these questions—and more.
1. Discover wireless devices on your network. You need to know everything about each wireless device that accesses your network, including wireless routers and wireless access points(WAPs) as well as laptops and other mobile devices. The scanner will look for active traffic in both the 2.4GHz and 5GHz bands of your 802.11n wireless network. Then, document all the data you collect from the scanner about the wireless devices on your network, including each device’s location and owner.
2. Hunt down rogue devices. Rogue devices are wireless devices, such as an access point, that should not be on your network. They should be considered dangerous to your network security and dealt with right away. Take your list of devices from the previous step and compare it to your known inventory of devices. Any equipment you don’t recognize should be blocked from network access immediately. Use the vulnerability scanner to also check for activity on any wireless bands or channels you don’t usually use.
Read the 5 Steps here:
- Biggest Wireless Threat….. The Admins? (netsecurityit.wordpress.com)