Jennifer Minella - Wireless Security Architecture: Designing and Maintaining Secure Wireless for Enterprise

1. Chapter 2
2. Chapter 3
3. Chapter 4
4. Chapter 6
5. Chapter 7
6. Chapter 8
7. Appendix B
8. Appendix C
9. Appendix D

1. Chapter 1
2. Chapter 2
3. Chapter 3
4. Chapter 4
5. Chapter 5
6. Chapter 6
7. Chapter 7
8. Chapter 8
9. Appendix A
10. Appendix B
11. Appendix C

Jennifer (JJ) Minella

Copyright 2022 by John Wiley & Sons, Inc. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada and the United Kingdom.

978-1-119-88305-0
978-1-119-88306-7 (ebk.)
978-1-119-88307-4 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permission.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recommendations it may make. Further, readers should be aware the Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Control Number: 2021952991

Trademarks: WILEY and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Cover images: Leigh Prather/Adobe Stock Photos
Cover design: Wiley

This book is dedicated to my parents: to my Dad, who taught me to follow the packet and to my spunky Mom who we're told was the first woman in the world with a WLAN certification.

Jennifer Minella

Having begun working in the tech industry at the tender age of 14, Jennifer (JJ) Minella has spent the last 20 years helping security-conscious organizations solve network security challenges in meaningful ways.

Throughout that time, Jennifer has led strategic research and consulting for hundreds of organizations ranging from government, education, healthcare, and mid-market up to Fortune-5. This book is based on experience accumulated through the thousands of consulting and implementation engagements across these diverse environments. Jennifer holds, or has held, numerous technical certifications over the years ranging from switching and routing to firewalls, remote access, NAC, Wi-Fi, and IoT wireless, along with CISSP and other security certifications.

She's also a published author, internationally recognized speaker on network security and identity, analyst with IANS, member of Forbes Technology Council, and former chairperson of (ISC)2. Combining master-level network architecture skills with CISO and compliance experience, she continues her mission of aligning security and networking as Founder and Principal Advisor of Viszen Security.

Jennifer is also known for introducing mindfulness-based leadership to individuals and organizations in infosec. And aside from meditation and security, she's a competitive powerlifter and dancer. It's also been reported that she loves Figment, the Imagination Dragon. For more information visit her company at www.viszensecurity.com or award-winning blog at www.securityuncorked.com.

Stephen Orr is a twenty-three-year veteran of Cisco and serves as a Distinguished Architect for Ciscos Global Systems Engineering Organization. Stephen currently participates in multiple industry working groups such as the Wi-Fi Alliance where he is currently serving as the Chair for the Security Marketing and Security Technical Task Groups focusing on WPA3 as well as one of the Vice-Chairs for the IEEE 802.11TGbh Working Group (Operation with Randomized and Changing MAC Addresses).

They always say it takes a village to raise a child, and the creation of this book is no exception. Having worked in many areas of technology and information security for the last 20 years, the one thing I'm acutely aware of is exactly how much I don't know. It's a fool's errand to be the master of all technology in today's world. And while this book was based on my experiences with clients over the past twenty years, the depth of value in this content would not be made possible without the support of the communities.

First, Stephen Orr deserves a special callout; not only did he do exceptional work with the foreword and technical editing; he went above and beyond, helping me research and dig into complex topics, often sifting through lengthy documents to help aggregate data to be included here. As a Distinguished Cisco Engineer and leader of the Wi-Fi Alliance Security Task Group, I knew Stephen would ensure this text was accurate and inclusive and offer balance in many ways including supplementing my knowledge gaps.