The Need for Wireless Standardization, Certification, Accreditation & Wireless Service, Security Management + Auditing

Ronald van Kleunen CEOGloberon Pte Ltd / Globeron Security

SynopsisHave you ever asked yourself:

– Why sometimes your wireless connection does and does not work? – Is wireless communications really secure? – Who implements these wireless networks and do they follow standards? – Is there a verification/audit of these networks to maintain quality, service ability and security?

If so then this presentation will help you to get deeper insight what is needed in the wireless industry.

Organizations' wireless communications become business and sometimes mission critical. Therefore there is a need for standardization, certification and accreditation to maintain high quality levels of the design, analysis and security of these wireless networks in line with international standards provided by ISO/IEC 20000, ISO/IEC 27001, ITU-T, IEEE and BICSI. Wireless Service Management and Wireless Security Management play a key role to achieve this high quality levels of which both need to be audit-able.

What Attendees Will Learn

• Attendees will gain knowledge about wireless service & security management standardizations in relation with international organizations (ISO/IEC, ITU, IEEE, BICSI).

• How to improve their career in wireless standards and to gain BICSI CECs points by following vendor neutral professional wireless training

• Understand the relationship between cabling & wireless systems and certifications (read why RCDD certification is important for wireless designers)

• An overview of wireless design issues will be presented from a global perspective. These issues are different in APAC, EMEA and USA and therefore wireless management is different.

• The current market state will be presented where the industry is in relation to wireless standards, certifications and accreditation

Buildings – Cabling - Wireless

Buildings, Cabling and Wireless Starts With a Good … Design

Buildings (Note: BICSI = Building Industry Consulting Service International) • Retail industry / mega shopping malls / supermarkets• Hospitality / Hotels, Healthcare industry / Hospitals• Transport sector / Airports, Train Stations• Etc.

They need Wireless coverage (Cellular/Mobile, WiFi, BlueTooth, etc.)

Buildings, Cabling and Wireless Starts With a Good … Design

requires a Backhaul• Electricity Cabling & Grounding• Data Cabling (Copper/Ethernet/Telephone/Coax and Optical Fiber)• PoE (Power over Ethernet) IEEE 802.3-2012 Clause 33 (“.af and .at”)• Antenna cabling (sometimes long distance, like Distributed Antenna

Systems) or Leaky Feeder Cable / Radiating Coaxial Cable)

But cabling in buildings is often installed without knowing the best position for the wireless equipment providing availability, performance and securityresulting in increased costs, project delays and unsatisfied customers

Wireless coverage (Cellular/Mobile, WiFi, BlueTooth, etc.)

BICSI Certification CredentialsFocused on Cabling and Data Center not anymore on wireless?

Registered Communications Distribution Designer (RCDD)

Registered Information Technology Professional (RITP)

Electronic Safety and Security (ESS) Designer

Outside Plant (OSP) Designer

Data Center Design Consultant (DCDC)

Registered Telecommunications Project Manager (RTPM)

Information Transport Systems (ITS)ITS TechnicianITS Installer 2 Copper ITS Installer 2 Optical FiberITS Installer 1

“Retired” 2004-2014Wireless Designer (WD)Known as RCDD/WD

Note: Wireless = Cellular/Mobile, WiFi, DAS-systems, etc.

Wireless market is growing, because of the employeebehavior and exponential growth of wireless devices

Wireless LAN Market Remains on Track to Record Revenues Approaching $13 Billion by 2019, According to Dell'Oro Group Forecast Report

REDWOOD CITY, Calif., July 23, 2015 /PRNewswire/ -- In a newly released market forecast report by Dell'Oro Group, the trusted source for market information about the telecommunications, networks, and data center IT industries, overall Wireless LAN market revenues remain on track to reach a market high of almost $13 billion in 2019, representing more than 30 percent growth over 2015 revenues. Key technology transitions during the forecast period, including Wave 2 802.11ac Access Points, 2.5 & 5 Gbps Ethernet interfaces on Access Points and continued adoption of cloud-managed WLAN services, are anticipated to drive significant volume increases

Chess Media Group: Dell’Oro Group:

Internet of Things

Internet of Everything

Sogetilabs

The Wireless Issues

The Issues - Outdoor

Try to find the Wireless Access Points

The Issues - Outdoor

NEMA or IP-rated Enclosures

• Indoor equipment in an outdoor environment• SoHo equipment and temperature issues• Heat distribution ?

• Heatsink• Fan

• And other extreme temperatures

The Issues – Outdoor and Indoor

Protect the AP against rainor use an outdoor enclosure to

protect your indoor AP

The Issues - Indoor

Interference?

Cage of Faraday

The Issues - Indoor

Hanging APs

Bird breeding on an AP

…and many other challenges to design and deploy wireless networks

For exampleChannel mapping

RF Coverage Planning Outdoor / Indoor

High DensityWireless Cities - Millions of People

• very dense areas (apartments, hotels, houses)• 24x hours people are on the streets (moving crowd)• One big WiFi zone in the city, • No channel coordination between ISPs and it is not possible with

people managing their own WiFi at home both 2.4 GHz and 5 GHz are not enough, but will it ever be?

Governance – Standardization - Certification

Governance – Standardization - Certification

Governance

Certified Professionals

Standardization

Certified Auditors

Wireless Standard Bodies

Certified Service Oriented Security Professional (CSOSP) © Copyright 2013

ISO/IEC 20000-1:2011 ITSM Standard (1st version launched :2005)and ISO/IEC 20000-2:2012 ITSM Standard (1st version launched :2005)

ITSMS: Information Technology Service Management Standard

ITSM – Service Management Systemand Wireless Service Management

Wireless Service Management

Certified Service Oriented Security Professional (CSOSP) © Copyright 2013

Organizations' Capability Levels / Service Level Agreements (SLAs)At which level do you provide wireless service management?

• IT and business metric linkage

• IT improves business process• Real-time infrastructure• Business

ReactiveProactive• Monitor

performance • Analyze trends• Set thresholds• Predict

problems• Automation• Mature problem,

config. and change mgmt. processes

• Best effort• Fight fires• Inventory• Initiate

problem mgmt. process

• Alert and event mgmt.

• Monitor availability (u/d)

• Define services, classes, pricing

• Understand costs• Set quality goals• Guarantee SLAs• Monitor and

report on services• Capacity planning

Service

Value

Level 1Level 2

Level 3

Level 4

Chaotic• Ad-hoc• Undocumented• Unpredictable• Multiple help

desks• Minimal IT

operations• User call notification

Level 0

Tool Leverage

Service and Account Management

Business Management

Svc. Delivery Process Engineering

Operational Process Engineering

“Profit” Mgmt.

• IT and business metric linkage

• IT improves business process

• Real-time infrastructure• Business planning

Gartner Capability Maturity Model – Source: Gartner (April 2006)

Certified Service Oriented Security Professional (CSOSP) © Copyright 2013

27002

ISO/IEC 27001:2013 ISMS Standard (1st version launched :2005)and ISO/IEC 27002:2013 ISMS Standard (1st version launched :2005)

ISMS: Information Security Management Systems

Certified Service Oriented Security Professional (CSOSP) © Copyright 2013

Security in Telecommunications and Information Technology

2012: The purpose of the ITU-T Manual on Security inTelecommunications and Information Technology is toprovide a broad introduction to the security work ofITU-T. It is directed towards those who haveresponsibility for, or an interest in, information andcommunications security and the related standards,and those who simply need to gain a betterunderstanding of ICT security issues and thecorresponding ITU-T Recommendations.

Wireless Professionals and BICSI Credentials (Valid 27 March 2014 - 2016) Continuing Education Credits (CECs)

BICSI Credentials for CWNP training(Valid period 27 March 2014 – 2016):• CWTS - 24 BICSI CECs• CWNA - 36 BICSI CECs• CWAP - 32 BICSI CECs• CWSP - 32 BICSI CECs• CWDP - 24 BICSI CECs

Globeron - BICSI Member: #237560

Globeron advised BICSI and CWNP LLC to add the CWNP training under BICSI for CECs (Continuing Education Credentials)

Verification (search on CWNP as provider)https://www.bicsi.org/forms/search/outsidevendors/default.aspx

Wireless Service and Security Management System

Wireless Service Security Management Standard (WSSMS)Note: Wireless = Mobile/Cellular, WiFi and indoor/outdoor mission/business critical wireless technologies

WSSMS auditor / Certified Wireless Security Auditor is a wireless security professional with the knowledge and skills required to assess the conformance of an organization's wireless services management system as part of the ISO/IEC 27001 ISMS standard.

Wireless Service Management Standard (WSMS)Note: Wireless = Mobile/Cellular, WiFi and indoor/outdoor mission/business critical wireless technologies

WSMS auditor / Certified Wireless Service Auditor is a wireless services professional with the knowledge and skills required to assess the conformance of an organization's wireless services management system as part of the ISO/IEC 20000 ITSM standard.

Together we need to get better quality wireless networksfor mission and business critical services

1. Click hereWireless Service management & audit aligned with ITSM / ISO/IEC 20000:2011

2. Click hereWireless Security management & audit aligned with ISMS / ISO/IEC 27001:2013

3. Standardization is needed for:• Design• Analysis • Security • Audit (end to end service & security management)

4. Accreditation Body for wireless services/technology Cellular/Mobile, WiFi, etc.

Extra

BICSI Wireless Design Reference Manual (WDRM) Third Edition (2004 1st release- retired in 2014)

Third Edition 1st Chapter:Download 1st Chapter in PDF format

Ronald van Kleunen ronald@globeron.com

CEO Globeron Pte Ltd / Globeron SecurityCertified: CISM #1117595, CISSP #99801, GIAC #1395658 (GCIH), BICSI #237560, CWNE #108, CWNP #307052 (CWNT, Wireless#/CWTS, CWNA, CWSP, CWAP, CWDP, CWNE)ITILv2 and ITILv3 #819214, CSOEP #100600 (DataCentre, Infrastructure, Process, Management, Security)IRCA ISO/IEC 20000 ITSM (IT Service Management) #01193718, IRCA ISO/IEC 27001 ISMS (Security Management) #01193718