Secure Wide Area Gateway SWAG

About This Presentation

Title:

Description:

Number of Views:102

Avg rating:3.0/5.0

Slides: 6

Provided by: GK8

Category:

Tags: swag | area | gateway | secure | wide

Transcript and Presenter's Notes

Title: Secure Wide Area Gateway SWAG

1
Secure Wide Area Gateway (SWAG)

2
Secure Wide Area Gateway (SWAG)

Motivation
The 801.11b Wireless network protocol gives users
mobility and convenience but it is insecure. The
protocol is susceptible to eavesdropping and MITM
attacks. Moreover, the encryption provided by the
protocol (WEP) is broken.
The WEP protocol uses a fixed symmetric key. This
makes the scheme insecure by itself since giving
the key to a large number of users make the key
(Very) insecure.
Example Duke University OIT decided not to use
WEP encryption on campus since the key is very
likely to be compromised. Changing the key will
cause a major disruption.
When traveling you cant use encrypted wireless.
Connecting to the Ethernet on the road is very
risky since you dont know who might be listening
and what you are connected to.
Many companies do not allow an outside connection
into their network.

3
Secure Wide Area Gateway (SWAG)

Main Idea
Provide a secure tunnel to users into a secure
network via a gateway server.
When the user want to connect into the secure
network he starts a process that
Establishes a secure (SSL) connection to a
Gateway Server that sits on the secure network.
Authenticate the user to the server (use a login
procedure)
Capture all outgoing IP packets and send these
packets over the secure SSL (the tunnel)
connection to the server.
Receive all incoming IP packets from the server
through the SSL connection and forward them to
local ports.
The server
Authenticate the user.
Communicate with the client machine over SSL
connection
Provide the client machine with NAT service into
the secure net.