Library items tagged:

Client configuration

Anonymous
Friday, February 17, 2012 - 11:21
wireless
advisory
802.1x
implementation
technical guide
Operating System Support Currently client devices pose the largest potential problem when deploying 802.1X. Whilst modern operating systems such as Microsoft® Windows Vista/XP®, Mac OS X® 10.4/10.5 and Linux® natively support 802.1X, older OS such as Microsoft® Windows 98/ME® do not. Additionally there are many other devices on the network which do not support 802.1X such as printers, network music player, desktop hubs/switches, and the current iPhone (Firmware 1.1.4.). Workarounds must be found if these devices are to continue functioning on the network.
Read more

Server configuration

Anonymous
Friday, February 17, 2012 - 11:20
wireless
advisory
802.1x
implementation
technical guide
The key component in 802.1X is the RADIUS server which is capable of AAA. There are several widely-deployed commercial RADIUS servers available: Microsoft® IAS, Cisco® ACS, Funk Steel-Belted Radius. There are also two widely deployed Open Source RADIUS servers available, FreeRADIUS and RADIATOR. FreeRADIUS is non-commercial GPL software, RADIATOR is commercial.
Read more

Networking infrastructure

Anonymous
Friday, February 17, 2012 - 11:20
advisory
wireless
802.1x
implementation
technical guide
Prerequisites To deploy 802.1X within your organisation you will require suitable infrastructure capable of supporting it.
Read more

802.1X Overview

Anonymous
Friday, February 17, 2012 - 11:19
802.1x
advisory
implementation
overview
technical guide
wireless
How 802.1X works There are three main components in the 802.1X authentication cycle:
Read more

IEEE 802.1X implementation at Janet-connected organisations

Anonymous
Friday, February 17, 2012 - 11:19
advisory
wireless
802.1x
technical guide
022 (04/08) This document was produced to share knowledge, experience and current developments surrounding campus 802.1X implementation within the JANET community. Readers are assumed to have a basic knowledge of networking concepts and preventive security awareness. A companion technical guide Security Matters is available.
Read more

References

Anonymous
Friday, February 17, 2012 - 10:18
security
incident response
technical guide
references
Janet Policies All sites connecting to Janet are required to abide by three policies that set out the rules for access to, use and protection of the network. These policies are set by JISC, who fund the network. The latest versions of these policies can be found through the Janet web site. Janet Acceptable Use Policy: http://community.ja.net/library/acceptable-use-policy
Read more

Incident response and policy

Anonymous
Friday, February 17, 2012 - 10:18
security
technical guide
incident response
policy
Organisational Policy Incident response is a fundamental part of the organisation’s operation, playing a part in protecting both its services and reputation, so it must be included in the organisation’s policies and procedures.
Read more

Case studies

Anonymous
Friday, February 17, 2012 - 10:17
security
incident response
technical guide
case studies
Overview
Read more

Staffing models for incident responses

Anonymous
Friday, February 17, 2012 - 10:17
security
incident response
technical guide
The basic staffing requirement of an incident response function is that there be some individual or individuals able to receive and respond to reports during the function's operating hours. The speed of response should be set as part of the function's agreed operating policy, however the working arrangements should allow for emergency situations where action to resolve a problem needs to take priority over all other normal work.
Read more

Incident response functions

Anonymous
Friday, February 17, 2012 - 10:16
security
incident response
technical guide
From the preceding discussion it is clear that any organisation connected to Janet must have at least a basic response capability to deal with security incidents as required by its Janet contract. There are also good reasons why the organisation should not be content with this minimum but should provide additional functions for the benefit of its own users and its operation. This extended capability is likely to involve people and groups beyond the basic security incident response group, some of whom may be located in a different part of the management structure.
Read more