9 out of 10 CIO’s Report That They Have Concerns Over Insufficient Wireless Protection; Over One-Third of Enterprises Found to be Lacking Basic Wireless Security
This statement is hardly surprising given that more than one-third of the enterprise wireless networks put in place for internal employees, do not have the basic security function of authentication in place.
The findings come from an independent survey of over 1,490 IT decision makers at 250+ employee organizations around the world. All respondents were sourced from independent market research company Lightspeed GMI’s online panel.
Other survey highlights include:
- Nearly half of ITDMs (48%) consider loss of sensitive corporate and/or customer data the biggest risk of operating an unsecured wireless environment.
- 72% have adopted a cloud approach to management of their wireless infrastructure and 88% trust the cloud for future wireless deployment.
- 43% of ITDMs polled provide guest access on their corporate wireless networks; 13% of these organizations do so without any controls whatsoever.
Wireless Networks at Risk
According to the survey, wireless networks are ranked as the most vulnerable IT infrastructure, with the highest proportion of IT DMs (49%) placing it in their top two. Respondents positioned wireless as significantly more vulnerable than core networking infrastructure, with just 29% of IT DMs ranking this highly. Databases (25%), applications (17%) and storage (11%) infrastructures were considered amongst the least susceptible from a security standpoint.
In addition, 37% of global IT DMs polled do not have the most basic wireless security measure of authentication in place. A significant 29% and 39% of enterprises respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies.
Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 41%), application control (37%) and URL filtering (29%), play a part in even fewer wireless deployments.
When considering the future direction of their wireless security strategies, the majority of respondents said they would maintain focus on the most common security features – firewall & authentication, while demand for more security is emerging with 23% prioritizing complementary technologies – IPS, anti-virus, application control and URL filtering – to guard against the full extent of the threat landscape.
Gain Control And Secure Your Wireless Networks With AirMagnet Enterprise
The most comprehensive 24×7 WIDS/WIPS WiFi Network and Cellular security solution.
AirMagnet Enterprise is a full-time wireless intrusion prevention system (WIPS), wireless intrusion detection system (WIDS) and wireless network security monitoring system that provides dedicated monitoring of the airspace to enable the security, performance and compliance of wireless LANs. AirMagnet Enterprise is used by organizations for the most complete WIPS and WIDS, remote network troubleshooting, enforcing no-wireless zones, and proving compliance.
- Dedicated wireless intrusion prevention system (WIPS) and wireless intrusion detection system (WIDS) with integrated spectrum and 802.11ac analysis for complete wireless network visibility
- SmartEdge, Series 4 Sensors Tri-Radio, 802.11n 2×2 and 3×3 MIMO plus dedicated Cellular Spectrum radio
- Dynamic Threat Update technology for immediate wireless intrusion prevention of new threats
- Automated PCI 3 and regulatory compliance reporting
- Automated Health Check pinpoints and diagnoses problems impacting WiFI connectivity, performance, and network security
- Forensic analysis and event triangulation for rapid response
Overview
AirMagnet Enterprise – Complete Cellular and Wireless Network Security
AirMagnet Enterprise protects against every wireless network security threat by combining the industry’s most thorough wireless intrusion detection system (WIDS) and wireless network security monitoring with leading research, analysis and security threat remediation.
Full Network Visibility
AirMagnet Enterprise scans all possible 802.11 wireless channels (including the 200 extended channels), and cellular spectrum channels ensuring there are no blind spots where rogue or interfering devices may be hiding.
AirMagnet Enterprise goes beyond WiFi network analysis with optional WiFi and cellular spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras and cell phones.
Industry Leading Wireless Intrusion Prevention System (WIPS) and Wireless Intrusion Detection System (WIDS)
The AirMagnet Intrusion Research Team constantly investigates the latest hacking techniques, trends and potential wireless network security vulnerabilities to keep organizations ahead of evolving wireless network security threats.
Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures.
As soon as any new wireless network security threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the organizations.
Provides significant security protection over existing AP infrastructure
Security is not the APs primary focus, thus APs typically miss many security threats. AirMagnet Enterprise dedicated WIDS/WIPS solution provides peace of mind and assurance that your critical wireless network is protected full time, not part of the time like with APs.
- Part time scanning by built-in security solutions miss attacks
- AP is likely too slow and resource constrained to do the job right
- AP’s Integrated WIPS cover far fewer threats (usually <20% of threats) and require slow firmware upgrade to respond to new threats
- AP hardware can be limited by regulatory and configuration issues (cannot scan 200+ 5 GHz extended channels)
- If the AP is attacked, who monitors then?
Find Outages and Emerging Problems Before Users are Affected
AirMagnet Enterprise Automated Health Check (AHC) technology actively tests and verifies complete wireless LAN connectivity from the wireless link all the way through to application servers or the Internet, automatically detecting critical outages or network degradation while pinpointing the exact source of trouble. Sensors running AHC tests provide a true client perspective to:
- Fully authenticate to the network and proactively probe for problem related to wireless LAN security issues or other network resources.
- Provides network staff with immediate and specific information on the root cause, so they can respond often before users are impacted.
- Perform Captive Portal to verify guess wireless network
Features
BYOD Classification
The industry’s first over-the-air smart device detection and classification provides unprecedented level of visibility and gives IT professionals the ability to optimize the wireless networks for BYOD. This information enables an engineer to quickly troubleshoot and remediate any wireless network security or performance issues caused by these devices.
Software Sensor Agent (SSA)
The industry’s first software-based sensor which runs on Windows PCs delivers basic wireless network security monitoring at a very low cost structure and enables true client based performance measurement. This new flexibility to combine SSA-based sensors with hardware sensors allows users to build the wireless network security monitoring solution which is best optimized for their requirements and budget.
Automated Health Check (AHC)
Automated Health Check provides the fastest and most accurate way to detect and pinpoint the cause of problems which impact the productivity of WLAN users. Software or hardware sensors actively probe the wireless network from the wireless user’s perspective, to verify connectivity across the wireless link to critical network resources. AHC reduces the costs associated with user productivity loss and troubleshooting process caused by complex wireless problems. Supports Captive Portal verification to ensure performance and security of Guest network
24×7 Cellular Spectrum Security
Activity by cellular devices like cell phones and jammers is tracked and reported. Cellular security events such as Mobile cellular events, Cellular interference events, and Base station cellular events are monitored and reported on. Associate carrier information with cellular event. Triangulate and locate non-compliant cellular event on floor plan for quick remediation.
24×7 Wireless Intrusion Detection and Prevention
AirMagnet Enterprise scans all possible 802.11 wireless network channels (including the 200 extended channels), ensuring there are no blind spots where rogue devices may be hiding. AirMagnet Enterprise goes beyond Wi-Fi analysis with optional spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras.
The AirWISE engine constantly analyzes all wireless devices and traffic using a combination of frame inspection, stateful pattern analysis, statistical modeling, RF analysis and anomaly detection, enabling detection of hundreds of specific threats, attacks and vulnerabilities such as rogue devices, spoofed devices, DoS attacks, man-in-the-middle attacks, evil twins, as well as the most recent hacking tools and techniques such as MDK3, Karmetasploit and 802.11n DoS attacks.
Dynamic Threat Protection Technology
Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures through the AirMagnet AirWISE® engine. As soon as any new threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the enterprise. DTU signatures are separate from the firmware image to allow quick response to new threats. DTU signature updates are seamless with no downtime to ensure you are protected against latest security threats.
Threat Tracing, Blocking & Mapping
Threat Tracing, Blocking & Mapping All devices are traced using a suite of wired and wireless tracing methods to quickly and reliably determine if a device is connected to the wired network. The system uses a newly enhanced set of sophisticated techniques, including use of SNMP, automated switch discovery, and hardware and traffic analysis, to ensure accurate, fast tracing in any network topology.
Threats can be manually or automatically remediated with a combination of both wired and wireless security threat suppression. Wireless blocking targets a threat at the source and specifically blocks the targeted wireless device from making any wireless connections. Wired blocking automatically closes the wired switch port where a threat has been traced.
All security threats and devices can be located on a map or floorplan and set to trigger rogue alarms based on the device’s location.
Massive Scalability & System Resiliency
AirMagnet Enterprise offers the only WIPS and WIDS solution in the industry to meet the established standards of a mission critical security application. It is the only WIPS and WIDS solution to build fault-tolerance into each component, with fail-over boot images in every sensor and automatic server fail-over licenses that come standard with the system. Additionally, AirMagnet Enterprise sensors can operate as fully independent WIDS/WIPS nodes detecting and remediating threats without losing information, even if the network connection to the server is lost for days.
With intelligent sensors that locally analyze Wi-Fi and RF conditions, more than 1,000 sensors can be supported through single centralized server in the data center, requiring minimal network bandwidth.
Processing at the sensor level means that each sensor continues to enforce the security policy even if connection to the server is lost for more than 24 hours. Hot standby server software (included) enables fully redundant data center operations for maximum wireless security protection.
Event Forensics
AirMagnet Enterprise can capture a complete packet or RF forensic record of any network event, allowing appropriate staff to investigate the issue in depth, at any time. By leveraging its unique intelligent sensors, AirMagnet Enterprise provides the only WIPS and WIDS solution in the industry to automatically capture forensic information from before, during and after the event.
Performance Monitoring and Remote Troubleshooting
In addition to rich WIPS and WIDS features, AirMagnet Enterprise constantly monitors the health of the wireless LAN and RF environment to proactively detect evolving problems that can lead to an interruption to the network. The wireless network security system detects these issues, gives engineers topical remediation advise and includes active remote tools to troubleshoot the issue. This allows staff to avoid network downtime and vastly reduce the time-to-fix for any outage, leading to more uptime, improved user satisfaction and a higher performing network.
Integrated 802.11n and Spectrum Intelligence
The AirMagnet Enterprise system can monitor the RF Spectrum and 802.11n traffic. AirMagnet Enterprise performs a complete interference analysis of the air. This includes co-channel interference from Wi-Fi devices, as well as optional spectrum analysis of non-Wi-Fi devices, such as microwave ovens, cordless phones or legacy wireless equipment.
AirMagnet Enterprise goes beyond simple 802.11n support to provide managers with hands-on 802.11n optimization tools and intelligence focused on real-world performance and network throughput. Tools include live diagnostics of any 802.11n connection that automatically highlights and explains how performance can be improved.
Automated Business and Regulatory Compliance Reporting
AirMagnet Enterprise provides automated compliance reporting for all major network regulations including PCI, HIPAA, Sarbanes-Oxley, GLBA and more. Reports provide instant visibility into issues that may need to be addressed for compliance and exactly what needs to be fixed. Reports can be scheduled to run and delivered automatically, ensuring a complete library of regulatory reports in the case of an audit
802.11ac Detection, Rogue Device Blocking, and Location
AirMagnet Enterprise v10.9 provides 802.11ac analysis capabilities utilizing existing SmartEdge Series4 sensors to provide:
- Detection and location of 802.11ac Access Points (AP) and Stations (STA)
- Blocking of rogue 802.11ac devices
- Wireless and wire-side tracing of 802.11ac rogue devices
- User Wi-Fi Remote UI to view 802.11ac frames.
- When using the Decodes feature of the Remote Wi-Fi Analyzer, provides frame-level visibility into
– AP: Beacon, Probe Response, STA Probe Request, Policy Management of 802.11ac – create policies around 802.11ac management
- View 802.11ac devices in AME Reports
- Remote Spectrum Analyzer support for all 802.11ac channels
To discuss your wireless security requirements
contact us