Documentation for all Digi products
Receive answers from the community
Articles covering common questions
Read, watch and learn about M2M/IoT
Training, webinars and industry events
Hardware and software innovations
Collection of XBee projects
Library of tours and technical tips
Repository for Digi code examples
Security news, information and resources
Upgrade for premium services
Development, consulting and training
Digi base, expert or professional services
Drivers, documentation and firmware
Safety and Security Technologies
Monday, April 9, 2018
1:15 pm - 2:30 pm ET
Don Schleede, Digi Information Security Officer; Digi International
Public Wi-Fi access systems are deployed on shared equipment which require a separation of critical secure systems and public systems within the same device. We will discuss technical requirements needed for security for these common deployments. Also within this discussion, we will show how to evaluate risk within your system.
With public Wi-Fi access becoming a requirement for mass transit systems, these systems are typically deployed as a feature of the already on-board equipment. Many deployments do not duplicate equipment for operational systems and public Wi-Fi. This leaves deployment scenarios to separate critical secure systems that control and report vehicle status, as well as fare and operator functions within the same device, from the publicly accessible Wi-Fi.
With this mixed security domains deployment, we discuss common functional requirements needed, from a security architecture, to deploy these systems into a mass transit system. If you are considering a new deployment, or have an existing deployment, come see what current features, new features and functions you may have to deploy on your own system.
In discussion of these features, we will give you the tools to evaluate if they are right for your deployment by using a simple risk evaluation process. These recommended features will include concepts of a technical nature such as the separation and routing of multiple LANs, VPN backhauling, Wi-Fi isolation, configuration of firewalls, transparent proxying, DNS forwarding, Intrusion Detection, and Quality of Service ("QoS") or bandwidth limiting. We will also discuss operational support concepts, once deployed, and what should be required for maintaining a secure deployment. Since operational security is a critical aspect of securing these systems, we will demonstrate new concepts and technology to help manage these systems within your environment.