Executive Editor: Jim Minatel
Development Editor: Kim Wimpsett
Technical Editors: Chris Lyttle and Ben Wilson
Production Editor: Dassi Zeidel
Copy Editor: Liz Welch
Editorial Manager: Mary Beth Wakefield
Production Manager: Kathleen Wisor
Book Designers: Judy Fung and Bill Gibson
Proofreader: Rebecca Rider
Indexer: Ted Laux
Project Coordinator, Cover: Brent Savage
Cover Designer: Wiley
Cover Image: ©Getty Images, Inc./Jeremy Woodhouse

Published simultaneously in Canada

ISBN: 978-1-119-21108-2
ISBN: 978-1-119-24413-4 (ebk.)
ISBN: 978-1-119-21109-9 (ebk.)

Manufactured in the United States of America

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 9781119211082

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CWSP is a registered trademark of CWNP, LLC. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

CONTENTS

Foreword

Introduction

Assessment Test

Answers to Assessment Test

Chapter 1 WLAN Security Overview

Standards Organizations
802.11 Networking Basics
802.11 Security Basics
802.11 Security History
Summary
Exam Essentials
Review Questions

Chapter 2 Legacy 802.11 Security

Authentication
Wired Equivalent Privacy (WEP) Encryption
TKIP
Virtual Private Networks (VPNs)
MAC Filters
SSID Segmentation
SSID Cloaking
Summary
Exam Essentials
Review Questions

Chapter 3 Encryption Ciphers and Methods

Encryption Basics
AES
WLAN Encryption Methods
WEP
TKIP
CCMP
WPA/WPA2
Future Encryption Methods
Proprietary Layer 2 Implementations
Summary
Exam Essentials
Review Questions

Chapter 4 802.1X/EAP Authentication

WLAN Authentication Overview
AAA
802.1X
Supplicant Credentials
802.1X/EAP and Certificates
Shared Secret
Legacy Authentication Protocols
EAP
Summary
Exam Essentials
Review Questions

Chapter 5 802.11 Layer 2 Dynamic Encryption Key Generation

Advantages of Dynamic Encryption
Robust Security Network (RSN)
Summary
Exam Essentials
Review Questions

Chapter 6 PSK Authentication

WPA/WPA2-Personal
Summary
Exam Essentials
Review Questions

Chapter 7 802.11 Fast Secure Roaming

History of 802.11 Roaming
RSNA
Opportunistic Key Caching (OKC)
Proprietary FSR
Fast BSS Transition (FT)
802.11k
802.11v
Voice Enterprise
Layer 3 Roaming
Troubleshooting
Summary
Exam Essentials
Review Questions

Chapter 8 WLAN Security Infrastructure

802.11 Services
Management, Control, and Data Planes
WLAN Architecture
VPN Wireless Security
Infrastructure Management
Summary
Exam Essentials
Review Questions

Chapter 9 RADIUS and LDAP

LDAP
RADIUS
Attribute-Value Pairs
Summary
Exam Essentials
Review Questions

Chapter 10 Bring Your Own Device (BYOD) and Guest Access

Mobile Device Management
Self-Service Device Onboarding for Employees
Guest WLAN Access
Network Access Control (NAC)
Summary
Exam Essentials
Review Questions

Chapter 11 Wireless Security Troubleshooting

Five Tenets of WLAN Troubleshooting
PSK Troubleshooting
802.1X/EAP Troubleshooting
Roaming Troubleshooting
VPN Troubleshooting
Summary
Exam Essentials
Review Questions

Chapter 12 Wireless Security Risks

Unauthorized Rogue Access
Eavesdropping
Denial-of-Service Attacks
Guest Access and WLAN Hotspots
Summary
Exam Essentials
Review Questions

Chapter 13 Wireless LAN Security Auditing

WLAN Security Audit
WLAN Security Auditing Tools
Summary
Exam Essentials
Review Questions

Chapter 14 Wireless Security Monitoring

Wireless Intrusion Detection and Prevention Systems (WIDS and WIPS)
Proprietary WIPS
Device Classification
WIDS/WIPS Analysis
Monitoring
802.11n/ac
802.11w
Summary
Exam Essentials
Review Questions

Chapter 15 Wireless Security Policies

General Policy
Functional Policy
Government and Industry Regulations
802.11 WLAN Policy Recommendations
Summary
Exam Essentials
Review Questions

Appendix A: Answers to Review Questions

Chapter 1: WLAN Security Overview
Chapter 2: Legacy 802.11 Security
Chapter 3: Encryption Ciphers and Methods
Chapter 4: 802.1X/EAP Authentication
Chapter 5: 802.11 Layer 2 Dynamic Encryption Key Generation
Chapter 6: PSK Authentication
Chapter 7: 802.11 Fast Secure Roaming
Chapter 8: WLAN Security Infrastructure
Chapter 9: RADIUS and LDAP
Chapter 10: Bring Your Own Device (BYOD) and Guest Access
Chapter 11: Wireless Security Troubleshooting
Chapter 12: Wireless Security Risks
Chapter 13: Wireless LAN Security Auditing
Chapter 14: Wireless Security Monitoring
Chapter 15: Wireless Security Policies

Appendix B: Abbreviations and Acronyms

Certifications
Organizations and Regulations
Measurements
Technical Terms

Advert

EULA

List of Illustrations

Chapter 1

Figure 1.1 ISOC hierarchy
Figure 1.2 Wi-Fi Alliance logo
Figure 1.3 Wi-Fi Interoperability Certificate
Figure 1.4 The encryption process
Figure 1.5 The decryption process
Figure 1.6 Steganography example

Chapter 2

Figure 2.1 Open System authentication
Figure 2.2 Open System and 802.1X/EAP authentication
Figure 2.3 Shared Key authentication exchange
Figure 2.4 Static WEP encryption key and initialization vector
Figure 2.5 WEP transmission key
Figure 2.6 WEP encryption process
Figure 2.7 WEP encryption process
Figure 2.8 TKIP encryption and data integrity process
Figure 2.9 VPN and WLAN client access security
Figure 2.10 Changing a MAC address
Figure 2.11 SSID/VLAN/Subnet mapping

Chapter 3

Figure 3.1 Example of the Caesar cipher
Figure 3.2 Asymmetric keys
Figure 3.3 802.11 MAC Protocol Data Unit (MPDU)
Figure 3.4 WEP encryption process
Figure 3.5 WEP MPDU format
Figure 3.6 TKIP MPDU
Figure 3.7 CCMP encryption and data integrity process
Figure 3.8 Additional authentication data (AAD)
Figure 3.9 CCMP MPDU

Chapter 4

Figure 4.1 Accounting trail
Figure 4.2 Integrated OS supplicant for Windows 10
Figure 4.3 Supplicant EAP configuration
Figure 4.4 Supplicant Root CA certificate
Figure 4.5 Supplicant user credentials
Figure 4.6 802.1X comparison-standalone vs. controller-based APs
Figure 4.7 WLAN bridging and 802.1X
Figure 4.8 Authenticator bouncer analogy
Figure 4.9 Authenticator configuration
Figure 4.10 Proxy authentication
Figure 4.11 Authentication server configuration
Figure 4.12 SSL certificate
Figure 4.13 OTP token device
Figure 4.14 Smart card
Figure 4.15 Smart card reader
Figure 4.16 USB security token
Figure 4.17 Computer domain account
Figure 4.18 Supplicant: machine authentication
Figure 4.19 Server certificate and Root CA certificate
Figure 4.20 Trusted Root CA certificates
Figure 4.21 Server certificate validation
Figure 4.22 Client certificate – supplicant
Figure 4.23 Shared secret
Figure 4.24 802.11 associations and 802.1X/EAP
Figure 4.25 Generic EAP exchange
Figure 4.26 EAP-LEAP
Figure 4.27 Outer identity
Figure 4.28 EAP-PEAP process
Figure 4.29 EAP-TTLS process
Figure 4.30 EAP-TLS process
Figure 4.31 EAP-FAST process

Chapter 5

Figure 5.1 802.1X/EAP and dynamic keys
Figure 5.2 Dynamic WEP process
Figure 5.3 RSNA within a BSS
Figure 5.4 RSNA within an IBSS
Figure 5.5 Robust security network
Figure 5.6 Transition security network
Figure 5.7 RSN, pre-RSN, and TSN within the same AP cell
Figure 5.8 Access point RSN security capabilities
Figure 5.9 Client station RSN security capabilities
Figure 5.10 RSN Information element—CCMP pairwise and CCMP group cipher
Figure 5.11 RSN information element—CCMP pairwise and TKIP group cipher
Figure 5.12 RSN information element—CCMP pairwise and WEP-40 group cipher
Figure 5.13 RSN information element—AKM suite field: 802.1X
Figure 5.14 Authentication and key management (AKM)—overview
Figure 5.15 Authentication and key management (AKM)—discovery component
Figure 5.16 Authentication and key management (AKM)—authentication and master key generation component
Figure 5.17 Authentication and key management (AKM)—temporal key generation and authorization
Figure 5.18 RSN key hierarchy
Figure 5.19 Master keys
Figure 5.20 Pairwise transient key (PTK)
Figure 5.21 Group temporal key (GTK)
Figure 5.22 The 4-Way Handshake
Figure 5.23 The Group Key Handshake
Figure 5.24 Station-to-station link (STSL)
Figure 5.25 TDLS Peer Key Handshake

Chapter 6

Figure 6.1 Vendor terminology example
Figure 6.2 Client configured with passphrase
Figure 6.3 Passphrase-PSK mapping
Figure 6.4 Entropy bits
Figure 6.5 Per-user/per-device PSK
Figure 6.6 SAE authentication exchange
Figure 6.7 SAE authentication, association, and 4-Way Handshake

Chapter 7

Figure 7.1 Client roaming decision
Figure 7.2 Reassociation
Figure 7.3 RSN information element format
Figure 7.4 Pairwise master key identifier (PMKID)
Figure 7.5 802.1X/EAP and PMKSA
Figure 7.6 PMK caching
Figure 7.7 Preauthentication
Figure 7.8 Preauthentication-enabled AP
Figure 7.9 Opportunistic PMK caching
Figure 7.10 AP roaming cache
Figure 7.11 802.1X/EAP and first-level pairwise master key (PMK-RO)
Figure 7.12 FT Key hierarchy—WLAN controller infrastructure
Figure 7.13 FT key hierarchy—supplicant
Figure 7.14 FT Key hierarchy—distributed AP infrastructure
Figure 7.15 Mobility domain information element
Figure 7.16 Fast BSS transition information element
Figure 7.17 FT initial mobility domain association
Figure 7.18 Over-the-air fast BSS transition
Figure 7.19 Over-the-DS fast BSS transition
Figure 7.20 Layer 3 roaming boundaries
Figure 7.21 Mobile IP
Figure 7.22 AirPcap provides multichannel monitoring and roaming analysis.

Chapter 8

Figure 8.1 Autonomous WLAN architecture
Figure 8.2 NMS diagnostic utilities
Figure 8.3 NMS client monitoring
Figure 8.4 Centralized WLAN architecture: WLAN controller
Figure 8.5 Centralized data forwarding
Figure 8.6 Distributed data forwarding
Figure 8.7 Distributed WLAN architecture
Figure 8.8 WLAN mesh network
Figure 8.9 VPN components
Figure 8.10 VPN established from a public hotspot
Figure 8.11 Site-to-site VPN
Figure 8.12 WLAN bridging and VPN security
Figure 8.13 Tamper-evident label
Figure 8.14 PuTTY freeware SSH2 client

Chapter 9

Figure 9.1 Proxy authentication
Figure 9.2 RADIUS and 802.1X/EAP
Figure 9.3 RADIUS protocol communications
Figure 9.4 RADIUS accounting
Figure 9.5 RADIUS server configuration
Figure 9.6 RADIUS and LDAP integration
Figure 9.7 Single-site deployment
Figure 9.8 Distributed autonomous sites
Figure 9.9 Distributed sites; centralized RADIUS and LDAP
Figure 9.10 Distributed sites with RADIUS, centralized LDAP
Figure 9.11 RADIUS proxy
Figure 9.12 Realm-based authentication
Figure 9.13 RADIUS failover
Figure 9.14 RADIUS attribute-value pairs
Figure 9.15 RADIUS AVPs for VLAN assignment
Figure 9.16 RADIUS attributes for role assignment

Chapter 10

Figure 10.1 Personal mobile devices with Wi-Fi radios
Figure 10.2 Device restrictions
Figure 10.3 MDM enrollment—initial steps
Figure 10.4 MDM server—enrollment captive web portal—step 4
Figure 10.5 Certificate and MDM profile installation—step 5
Figure 10.6 The mobile device exits the walled garden in the final step.
Figure 10.7 MDM profile settings
Figure 10.8 MDM agent application
Figure 10.9 Device information
Figure 10.10 Over-the-air management
Figure 10.11 Mobile device applications
Figure 10.12 MDM distribution of the CWSP Study Guide eBook
Figure 10.13 BYOD onboarding application
Figure 10.14 GRE tunneling guest traffic to a DMZ
Figure 10.15 Guest firewall policy
Figure 10.16 Application firewall policy
Figure 10.17 Captive web portal—DNS redirect
Figure 10.18 Captive web portal—guest logon
Figure 10.19 Captive web portal—guest self-registration
Figure 10.20 Captive web portal—policy acceptance
Figure 10.21 Guest management and monitoring
Figure 10.22 Guest credential delivery methods
Figure 10.23 Kiosk mode
Figure 10.24 Employee sponsorship registration
Figure 10.25 Employee sponsorship confirmation email
Figure 10.26 OAuth 2.0 application
Figure 10.27 Social login
Figure 10.28 Antivirus posture settings
Figure 10.29 Service provider–initiated login
Figure 10.30 Identity provider–initiated login

Chapter 11

Figure 11.1 Handheld diagnostic tool
Figure 11.2 OSI model
Figure 11.3 WLAN client database
Figure 11.4 Successful PSK authentication
Figure 11.5 Unsuccessful PSK authentication
Figure 11.6 802.1X/EAP
Figure 11.7 802.1X/EAP troubleshooting zones
Figure 11.8 The RADIUS server does not respond.
Figure 11.9 Points of failure – 802.1X/EAP troubleshooting zone 1
Figure 11.10 802.1X/EAP backend diagnostic tool
Figure 11.11 Successful SSL/TLS tunnel creation
Figure 11.12 Unsuccessful SSL/TLS tunnel creation
Figure 11.13 Server certificate validation
Figure 11.14 RADIUS server rejects supplicant credentials
Figure 11.15 Machine authentication failure
Figure 11.16 4-Way Handshake
Figure 11.17 Seamless roaming
Figure 11.18 Roaming cache
Figure 11.19 Layer 3 roaming
Figure 11.20 IPsec Phase 1 – certificate failure
Figure 11.21 IPsec Phase 1 – networking failure
Figure 11.22 IPsec Phase 2 – Success

Chapter 12

Figure 12.1 Rogue access point
Figure 12.2 Bridged ad hoc WLAN
Figure 12.3 Wired 802.1X/EAP prevents rogue access.
Figure 12.4 inSSIDer WLAN discovery tool
Figure 12.5 Offline dictionary attack
Figure 12.6 RF jamming device
Figure 12.7 RF signal generator and wattmeter
Figure 12.8 Testing utility used for Queensland Attack
Figure 12.9 Clear channel assessment (CCA)
Figure 12.10 Deauthentication attack
Figure 12.11 Virtual carrier sense
Figure 12.12 MAC address Registry settings
Figure 12.13 MAC address: networking settings
Figure 12.14 SMAC
Figure 12.15 Wireless hijacking/man-in-the-middle attack
Figure 12.16 Cracked WEP key
Figure 12.17 Client isolation
Figure 12.18 Active 802.11 RFID tag
Figure 12.19 RTLS application

Chapter 13

Figure 13.1 Wi-Spy DBx 2.4 GHz and 5 GHz spectrum analyzer
Figure 13.2 Narrow-band RF interference
Figure 13.3 Wide-band RF interference
Figure 13.4 All-band RF interference
Figure 13.5 Device configuration compliance
Figure 13.6 Layer 2 protocol analyzer
Figure 13.7 Asleap
Figure 13.8 coWPAtty
Figure 13.9 Kali Linux
Figure 13.10 Immunity SILICA WLAN security assessment software
Figure 13.11 WiFi Pineapple Mark V
Figure 13.12 Kismet
Figure 13.13 Aircrack-ng

Chapter 14

Figure 14.1 WIDS/WIPS monitoring
Figure 14.2 WIDS/WIPS hardware sensors
Figure 14.3 Distributed WIDS/WIPS
Figure 14.4 Overlay WIDS/WIPS
Figure 14.5 Integrated WIDS/WIPS
Figure 14.6 Integration with other security solutions
Figure 14.7 Multiple 802.11 radio devices
Figure 14.8 Sensor placement
Figure 14.9 WIDS/WIPS device classification
Figure 14.10 WIDS/WIPS device auto-classification
Figure 14.11 Rogue detection—single broadcast domain
Figure 14.12 Rogue detection—trunked sensor
Figure 14.13 Layer 3 Rogue detection—active sensor
Figure 14.14 Layer 3 Rogue detection—MAC comparison
Figure 14.15 Wireless rogue containment
Figure 14.16 Ad hoc containment
Figure 14.17 Location tracking
Figure 14.18 Historical tracking
Figure 14.19 RF triangulation
Figure 14.20 Time difference of arrival (TDoA)
Figure 14.21 Mobile tracking tool
Figure 14.22 Attack signatures
Figure 14.23 Behavior thresholds
Figure 14.24 MAC Protocol Data Unit
Figure 14.25 Remote packet capture
Figure 14.26 WLAN spectrum analyzer
Figure 14.27 Forensic analysis
Figure 14.28 Security policy
Figure 14.29 WIDS/WIPS alarm
Figure 14.30 Channel bonding

Acknowledgments

When we wrote the first edition of the CWSP Study Guide, David Coleman’s children, Carolina and Brantley, were just entering college. Carolina now holds a master’s degree in public policy from the University of Southern California (USC). Brantley graduated from Boston University and is currently working toward his Ph.D. in biochemistry at the University of Washington. David would like to thank his now adult children for years of support and for making their dad very proud. David would also like to thank his mother Marjorie Barnes, stepfather William Barnes, and brother Rob Coleman, for many years of support and encouragement.

David Coleman would also like to thank the entire Aerohive Networks Knowledge Services department. Additionally, David sends many thanks to Matthew Gast, Paul Levasseur, Abby Strong, Gregor Vucajnk, and all of his co-workers at Aerohive Networks (www.aerohive.com). It has been a honor working with you to help build something special.

David Westcott would like to thank Janie for her love and support. I know that my travel and book-writing schedule is difficult to deal with. I say it all of the time and I will continue to say it: “thank you” and “I love you” for your support and for everything that you do for me.

Bryan Harkins would like to thank his wife, Ronda, and his two daughters, Chrystan and Catelynn, and their families, including his three granddaughters, Kaylee, Mikynlee, and Lorali, for allowing him the ability to work with constant travel and the time away from them it has taken to create this book. He would also like to thank his parents for always being there and his brother Chris for getting him involved with IT in the first place. Additionally, he would like to thank Ed Walton, Jeff Manning, and Kent Woodruff for the chance to build something great at Cradlepoint and the team there for their assistance in doing so.

Writing CWSP: Certified Wireless Security Professional Study Guide has once again been an adventure. We would like to thank the following individuals for their support and contributions during the entire process.

We must first thank Sybex acquisitions editor Jim Minatel for reaching out to us and encouraging us to write this second edition of our wireless security book. We would also like to thank our development editor, Kim Wimpsett, who has been a pleasure to work with. We also need to send special thanks to our editorial manager, Mary Beth Wakefield; our production editors, Rebecca Anderson and Dassi Zeidel; and Liz Welch, our copyeditor.

We also need to give a big shout-out to our technical editor, Chris Lyttle, CWNE #156. We have personally known Chris for many years. His Wi-Fi background and knowledge were invaluable to providing the amazing technical editing that this book deserved. We encourage you to follow Chris on his blog www.wifikiwi.com or on Twitter: @wifikiwi. And of course, we offer many thanks to our technical proofreader, Ben Wilson. Ben has accumulated years of Wi-Fi experience working for three major WLAN vendors. We encourage you to follow Ben on Twitter: @AirNetworkBen. We would also like to thank Shawn Jackman for his contributions to the first edition of the CWSP Study Guide.

We also need to thank Keith Parsons, CWNE #3, and his team at wirelessLAN Professionals. Keith has built a worldwide community of WLAN experts that share knowledge. You can learn more about the wirelessLAN Professionals conferences at www.wlanpros.com. You can also follow Keith on Twitter: @KeithRParsons.

We would also like to thank the CWNP program (www.cwnp.com). All CWNP employees, past and present, should be proud of the internationally renowned wireless certification program that sets the education standard within the enterprise Wi-Fi industry. It has been a pleasure working with all of you the past 16 years.

Finally, we would like to thank Lee Badman for writing his very gracious forward for this book. Lee is also a Wi-Fi expert and he maintains a blog at wirednot.wordpress.com. We encourage you to follow Lee’s Wi-Fi question-of-the-day on Twitter via #WIFIQ. You can also follow Lee on Twitter: @wirednot.

About the Authors

David D. Coleman is the Senior Mobility Leader for Aerohive Networks, www.aerohive.com. David collaborates with the Aerohive Knowledge Services team and travels the world for WLAN training sessions and speaking events. He has instructed IT professionals from around the globe in WLAN design, security, administration, and troubleshooting. David has written multiple books, blogs, and white papers about wireless networking, and he is considered an authority on 802.11 technology. Prior to working at Aerohive, he specialized in corporate and government Wi-Fi training and consulting. In the past he has provided WLAN training for numerous private corporations, the US military, and other federal and state government agencies. When he is not traveling, David resides in both Atlanta, Georgia and Seattle, Washington. David is CWNE #4, and he can be reached via email at mistermultipath@gmail.com. Please follow David on Twitter: @mistermultipath.

David Westcott is an independent consultant and technical trainer with over 31 years of experience. David has been a certified trainer for over 23 years, and he specializes in wireless networking, wireless management and monitoring, and network access control. He has provided training to thousands of students at government agencies, corporations, and universities in over 30 countries around the world. David was an adjunct faculty member for Boston University’s Corporate Education Center for over 10 years. David has written seven books as well as numerous white papers, and he has developed many courses on wired and wireless networking technologies and networking security.

David was a member of the original CWNE Roundtable. David is CWNE #7 and has earned certifications from many companies, including Cisco, Aruba, Microsoft, Ekahau, EC-Council, CompTIA, and Novell. David lives in Concord, Massachusetts with his wife Janie, his stepdaughters Jennifer and Samantha, and his granddaughter Savannah. David can be reached via email at david@westcott-consulting.com. Please follow David on Twitter: @davidwestcott.

Bryan Harkins has over 30 years experience in the IT field. He has been involved in areas ranging from customer support and sales to network security and design. He has developed custom curriculum for government agencies and Fortune 500 companies alike and delivers both public and private wireless security classes around the world. Previously, Bryan worked as the senior global enablement leader for Aerohive Networks and as the training and courseware development manager for Motorola AirDefense (now Zebra). Currently, Bryan is the Director of Cradlepoint University, where he oversees the training department of Cradlepoint, www.Cradlepoint.com. Bryan also serves on the Board of Advisors for 802Secure, www.802secure.com.

Bryan has presented at multiple industry conferences, including IP Expo, Secure World Expo, Armed Forces Communications and Electronics Association (AFCEA) events, and Microsoft Broad Reach events. He holds a degree in aviation from Georgia State University. He is also a member of the CWNE Roundtable as well as a member of the CWNE Advisory Board. Bryan is CWNE #44, and he can be followed on Twitter: @80211University.

Foreword

Though wireless security options haven’t changed significantly since the introduction of 802.11i, the world in which they function certainly has. We are living in strange times for wireless networking. Though our WLAN standards are bringing ever-faster connectivity and more networked devices are coming without Ethernet ports, today’s Wi-Fi practitioner operates in a hyper-nuanced security landscape. The media has no shortage of gloom and doom to report on network data breaches, yet many of today’s wireless clients are delivered with outdated or limited security capabilities. Where client devices are capable of supporting robust security, users may well opt for ease of use over security. In other situations, WLAN professionals might find themselves being asked to provide an expensive and complicated multitiered security strategy in an environment where there’s very little to really protect. Today’s CWSPs need be savvy in not only their range of security solutions and analysis tools, but also in how to choose the right option (or combination of options) for complicated situations with diverse user groups and WLAN client devices.

For those just embarking on a wireless career, or for seasoned profressionals trying to broaden their knowledge base, I applaud you for choosing this text. From captive portals to VPN, and MDM solutions to WIPS, the authors give you a knowledge base foundationon which you can build an operational career. David Coleman, Bryan Harkins, and David Westcott bring you decades of wireless security knowledge that spans the gamut from wardriving to Hotspot 2.0. CWSP helps you understand the strengths and disadvantages of any security option you’re likely to be faced with in today’s real world. It doesn’t matter whether you’re a one-person company servicing the SMB market or if you support a giant corporate WLAN, you’ll do well for yourself and your clients by learning what CWSP has to offer. BYOD, IoT, legacy WLAN concerns—it’s all here.

As a long-time wireless professional, I can promise you that there are no shortcuts to building high-quality networks. Good networks support operational goals, and good wireless experts help to make sure those goals are clearly defined and understood before they can be matched with the right solution. When it comes to WLAN security, there are no silver bullets or one-size-fits-all solutions. Thankfully, you’re in good hands with David, Bryan, and David as you learn how to think about the broad topic of WLAN security. Best of luck to you.

Lee Badman
CWNA, CWSP, CWDP
Network Architect

Study Guide CWSP-205

Second Edition

Acknowledgments

About the Authors

Foreword