Home » Compaq Manuals » Laptops » Compaq Armada e500s » Manual Viewer

Compaq Armada e500s Wireless Security

Compaq Armada e500s - Notebook PC Manual

Get Compaq Armada e500s - Notebook PC PDF manuals and user guides

View all Compaq Armada e500s manuals

Add to My Manuals
Save this manual to your list of manuals

Compaq Armada e500s manual content summary:

Compaq Armada e500s | Wireless Security - Page 1
White Paper December 2001 Prepared by: Access Business Group Compaq Computer Corporation Contents Introduction 3 Security in General 3 Essential Elements of Security 4 Security and the Pipe 4 Device Security 5 Connectivity Technologies ........ 9 Access Points 24 Corporate Firewalls 27
Compaq Armada e500s | Wireless Security - Page 2
WARRANTY OF ANY KIND. THE ENTIRE RISK ARISING OUT OF THE USE OF THIS INFORMATION REMAINS WITH RECIPIENT. IN NO EVENT SHALL COMPAQ BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR OTHER DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS
Compaq Armada e500s | Wireless Security - Page 3
because many users are not aware of specific security vulnerabilities or don't understand the Compaq Technical Guide titled "Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success" (http://activeanswers.compaq Compaq Global Services at http://www.compaq.com/services
Compaq Armada e500s | Wireless Security - Page 4
of action, and only that entity could have taken the course of action. This quality makes electronic transactions legally binding. Non-repudiation is supported by digital signatures and trusted timestamps. • System Management -- all security technology must be managed. This means setting it up to be
Compaq Armada e500s | Wireless Security - Page 5
with the security problems and solutions associated with it, is discussed in the next five subsections. Device Security Despite the growing popularity of handheld PCs, PDAs, and cellular telephones, the truly ubiquitous mobile computing device in the United States is still the notebook computer (in
Compaq Armada e500s | Wireless Security - Page 6
measures to protect the hardware and the data that the devices hold. For information on Compaq notebook computers, see http://www.compaq.com/showroom/notebooks.html. Mobile devices such as handheld computers, PDAs, and cellular telephones have traditionally been used for a subset of the tasks that
Compaq Armada e500s | Wireless Security - Page 7
Wireless Security White Paper 7 Available Device-specific Security Measures Many security measures are available for and avoiding single sign-on. Smart Cards Smart cards offer a partial solution to the problem of securing data transmissions to and from mobile devices. The smart card is a tamper-
Compaq Armada e500s | Wireless Security - Page 8
PC in order to log on to the network. The information is then extracted and compared to information on the computer. If the comparison is a sufficient match, the user is allowed to log in. Where mobile devices are concerned, Compaq FIT is currently available only for Compaq Armada and Evo notebook
Compaq Armada e500s | Wireless Security - Page 9
Supports removable media • Automatic installation through a host PC -phrase is forgotten Compaq iPAQ Pocket PC's ship with F-Secure PC client, but instead incorporated SecurID into the EZOS WAP micro-browser called EzWAP.3 Device-Specific small hard drives of handheld computing systems...to access the
Compaq Armada e500s | Wireless Security - Page 10
10 • Individual users can connect between various personal devices wherever they are, such as from a cell phone to a handheld to a desktop computer without cables to synchronize data or gain access to a wireless connection. Wireless personal area networks (WPANs) facilitate such connections between
Compaq Armada e500s | Wireless Security - Page 11
use Bluetooth, a radio frequency (RF) specification for point-to-multipoint voice and data A WPAN permits personal devices such as handheld PCs to connect wirelessly to peripheral devices such as area networks (WWANs) have been used to support voice transmission for mobile telephones. WWANs use
Compaq Armada e500s | Wireless Security - Page 12
now. WWAN via CDPD, for example, provides packet-switched connections to the Internet, Internet e-mail, enterprise intranet and corporate e-mail. Compaq offers an optimized MS Exchange e-mail solution with InfoWave. Nationwide (U.S.) coverage is available. Wireless WAN via GSM, as another example
Compaq Armada e500s | Wireless Security - Page 13
Networks (VPNs). Popular PKI vendors like Baltimore Technologies, Inc. and Entrust do not have PKI support for access devices. Smaller companies have point solutions to specific applications that run on the various operating systems. Public Key Infrastructure Most approaches to achieving security
Compaq Armada e500s | Wireless Security - Page 14
Wireless Security White Paper 14 Core elements of a PKI are: • Asymmetric keys • Digital certificates • Digital signatures The following paragraphs describe and illustrate these elements. A "key" is a numeric value of variable length that an encryption algorithm uses to convert unencrypted text
Compaq Armada e500s | Wireless Security - Page 15
Wireless Security White Paper 15 Digital Certificates Digital certificates are electronic files that can be used as unique identifiers for people and resources over networks. A digital certificate binds a user's identity to a public key, thus establishing trust. Digital certificates can also be
Compaq Armada e500s | Wireless Security - Page 16
Wireless Security White Paper 16 Digital Signatures Digital signatures are intended to be the legal equivalent of handwritten signatures. The signer generates a "hash value" or "digital fingerprint" of the document or message to be signed.4 The hash value is unique to the document or message. The
Compaq Armada e500s | Wireless Security - Page 17
transmitted on the public network. • Key Management. The VPN must generate and refresh encryption keys for the client and server. • Multiprotocol Support. The VPN must handle common protocols used on the public network. Figure 9 (next page) illustrates a VPN used in conjunction with firewalls
Compaq Armada e500s | Wireless Security - Page 18
private network. L2TP is an extension of PPTP that is used by an internet service provider (ISP) to enable VPNs over the Internet. L2TP merges the best features to the computers of individual users. Cisco Systems has been prominent in proposing IPSec as a standard, and includes IPSec support in its
Compaq Armada e500s | Wireless Security - Page 19
however, are available from third parties for the Compaq iPAQ Pocket PC: movianVPN by Certicom: • Based on IPSec • with V-One VPN appliance gateway • Supports many strong, third-party authentication schemes directly to application server) Security Specific to WWAN Carrier Technologies All digitized
Compaq Armada e500s | Wireless Security - Page 20
developed to solve problems specific to mobile network devices, including their limited processing power, memory capacity, and with which to encrypt a session between the server and client. WAP 1.2 adds support for WTLS client certificates, which authenticate a WTLS client to a WTLS server.
Compaq Armada e500s | Wireless Security - Page 21
convergence with the IETF and W3C. The WAP gateway is optional and WAP has now adopted the Internet standards TCP, HTTP, and TLS with wireless-specific profiles. Similarly, WML is effectively a profile of XHTML. Much work has been done, as well, on end-to-end security. It may be some time
Compaq Armada e500s | Wireless Security - Page 22
The port must allow only User Datagram Protocol (UDP) traffic.5 • The port must admit traffic only to the machine that is running the Wireless Business to Transmission Control Protocol -- TCP, and does not provide the service of dividing messages into packets and reassembling them at the receiving
Compaq Armada e500s | Wireless Security - Page 23
key pair is used to encrypt session traffic. Data Integrity Infowave compresses, encrypts, and a valid user. Possible Security Problem There may be a significant problem with Infowave security in that to Infowave, this design decision was made to support server public key download at the cost of the
Compaq Armada e500s | Wireless Security - Page 24
supports one Compaq is an active participant in this effort. In the current draft specification , a strengthened version of the RC-4/per-frame IV encryption algorithm, and a 128-bit AES encryption algorithm are proposed. Per-user authentication eliminates the WEP key-distribution problem
Compaq Armada e500s | Wireless Security - Page 25
via the Authenticator • The Authenticator intercepts the status and, if successful, opens the port. There are a few issues to consider in this process: • The only traffic that the Authenticator may relay from/to a controlled port is authentication requests/responses
Compaq Armada e500s | Wireless Security - Page 26
in RFC 2284. EAP already supports multiple authentication schemes including smart cards sites). Current WEP implementations require that the user manually change the WEP key each time a new automated key changes. 802.1x solves all of these problems. It is not necessary to distribute any keys. The
Compaq Armada e500s | Wireless Security - Page 27
Specific to WWAN Carrier Technologies." Generally speaking, when data travels along the phone lines to the corporate firewall, the data is secure barring phone line tapping. This is not a unique security problem is often installed on a specially designated computer separate from the rest of the
Compaq Armada e500s | Wireless Security - Page 28
. The security vulnerabilities associated with using data servers, desktops with hard drives containing data, and application security are the same for wired and and by multi-factor authentication requirements. 7 Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success.
Compaq Armada e500s | Wireless Security - Page 29
Computing and E-Business: Protecting the Enterprise to Assure E-Business Success" (http://activeanswers.compaq.com/ActiveAnswers/Render/1,1027,1317-6-100-225-1,00.html) the Compaq technical guide subscription fraud, eavesdropping, and denial-of-service attacks acquire even greater weight because of
Compaq Armada e500s | Wireless Security - Page 30
/techintro.shtml. Inskeep, Chris, "Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success" (Compaq Technical Guide, February 2000). "MultiPort Bluetooth Communication (Compaq White Paper, March 2001), http://www.compaq.com/support/techpubs/whitepapers/14zn-0501a-wwen