Thursday Aug 17
Sep
30/09
Retaliation: Network Security Talk at SecTor
Updated on Saturday, 28 January 2012 06:42
Share

Now that I have all the important fun stuff out there for you on Why You Can’t Miss SecTor, I’ll tell you a little bit about my talk at the conference.

My talk this year is different- it’s different from my talk last year at SecTor (Network Security Stripped) and it’s actually a stark contrast to the majority of my past talks.

Event though I’ve spoken extensively on network security, 802.1X, wireless and NAC, my previous content was based on experience of actual implementations and extensive lab testing of these technologies over the years. THIS presentation, Retaliation, is a look into a set of standards and technologies not yet available in commercial products.

Personally, I believe these new sets of standards (to be ratified late 2009, early 2010) will change how we design networks, and not in a small way. I foresee restructuring and redesign of entire networks in the next 12-36 months; mostly to incorporate these newly-available security features.

After spending time recently working with high-security facilities, including DoE (you know what that means), financial and medical, I think the topic is timely and the content is relevant to all organizations planning to increase security in their networked environments. These new functions will give us the tools to secure networks in new ways and break most attack vectors currently used to compromise networks.

This is the FIRST time I’m presenting this topic (based on data not publicly available). Actually, I think it’s safe to say this is the first time any of this material has been presented in a public forum. I requested permission to use the information in the documents I have been provided with the caveat that I may not share any of the actual documents.

I’m actually in the process of reworking several pieces of it, since the data has changed just in the past week and I have about 200 new pages of specifications to review and include. Here’s to hoping I get it all done before the talk Monday!

 

SecTor 2009 Presentation
Monday, October 6th at 1:30pm
Retaliation: Breaking Attack Vectors in the Infrastructure
– Jennifer Jabbusch

2010 will be the beginnings of a new world of network and infrastructure security as new IEEE standards change the landscape of threat models for wired, wireless and wide area networks. Learn how to use these features to stop spoofing, eavesdropping and a host of malicious activity. I’ll give you the knowledge and tools to fight back, secure the network, thwart attackers, prevent data leakage and more. Among other things, this session covers the new MACSec encryption, key exchange, network advertisements and unique device identity (IEEE 802.1X-REV, 802.1AE, .1af, 1AR).

 

Session Teaser
Learn more about…

  • How to authenticate with SECURE built-in device credentials instead of MAC-auth
  • Delivering multiple networks to a single switch port
  • Securing data and voice with built-in layer 2 encryption
  • Offering secure (encrypted) and unsecured (authenticated but not encrypted) service on a single port
  • Using key exchanges for fast mutual authentication of switches, routers and other devices
  • Simplifying and securing wired and wireless data with built in PKI
  • Securing your network through your service provider without firewalls
  • Encryption, keys and credentials for devices
  • Endpoint integrity and port security in virtualized environments

1 Comment
  1. CommentsMichael   |  Friday, 09 October 2009 at 11:41 am

    I´m becoming disappointed with HP´s product philosophy

    Today, I was taking part in a, I think it was the same presentation as yours, kind of roadmap product show for HP Procurves. We were looking into the year 2010.
    As you all know, the 3500/6200/5400/8200 series all have the same builtin ASIC from HP. According to the author, it is meant to be supported for 10 years. According to her, the rest of the products, i.e. <= 2910 is meant to be supported for 4 years, beginning with the first shippment. (This was actually new to me)
    Well, I myself was very interested in the upcoming IPv6 support and I was not disappointed with this respect. Within the 2nd (HP´s) quarter of 2010, despite the static IPv6 routing support, we will finally see OSPFv3. Also BGP4+ will come, softbased MACSec was mentioned as well. No sign of IS-IS for IPv6.

    Nice thing I thought, We bought the 3500yl, 6200y and later the 5400 and 8200 series right from the begin of their lifetime.
    You all know HP´s lifetime warranty for hardware. And you probably all know that HP changed its warranty terms with respect for software uprades and updates. Starting with 1 February 2009, you only have 1 year of both of them for free.

    But hey, we bought them years before. So, no problem I thought, I get every update for my devices for free, for lifetime.

    Then, that HP madame, started to display new products, which will also come in 2010, just when IPv6 routing will arrvie: an upgraded 3500yl, 6200yl and a big brother of the 8200.

    I interrupted her, asking her, whether only that new products will have those nice new features builtin or whether we old customers will also have them.

    “Well” she said, “as you all know” from the beginning of 2009, “you need servicepacks for software upgrades”.

    Well, that´s not the question. What about the products, bought before that?

    “IPv6 is seen as enterprise feature”.

    Yes, we are enterprise. I didn´t like her way how she answered me. Finally she had to admit, that she

    “CAN´T PROMISE THAT THERE WON´T BE ANOTHER 2ND PREMIUM LICENSE REQUIRED FOR IPV6 ROUTING SUPPORT”.

    So HP, tell me the truth here.


Leave a Reply