Wireless Security | AirMagnet Enterprise

9 out of 10 CIO’s Report That They Have Concerns Over Insufficient Wireless Protection; Over One-Third of Enterprises Found to be Lacking Basic Wireless Security

This statement is hardly surprising given that more than one-third of the enterprise wireless networks put in place for internal employees, do not have the basic security function of authentication in place.

The findings come from an independent survey of over 1,490 IT decision makers at 250+ employee organizations around the world. All respondents were sourced from independent market research company Lightspeed GMI’s online panel.

Other survey highlights include:

  • Nearly half of ITDMs (48%) consider loss of sensitive corporate and/or customer data the biggest risk of operating an unsecured wireless environment.
  • 72% have adopted a cloud approach to management of their wireless infrastructure and 88% trust the cloud for future wireless deployment.
  • 43% of ITDMs polled provide guest access on their corporate wireless networks; 13% of these organizations do so without any controls whatsoever.

Wireless Networks at Risk

According to the survey, wireless networks are ranked as the most vulnerable IT infrastructure, with the highest proportion of IT DMs (49%) placing it in their top two. Respondents positioned wireless as significantly more vulnerable than core networking infrastructure, with just 29% of IT DMs ranking this highly. Databases (25%), applications (17%) and storage (11%) infrastructures were considered amongst the least susceptible from a security standpoint.

In addition, 37% of global IT DMs polled do not have the most basic wireless security measure of authentication in place. A significant 29% and 39% of enterprises respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies.

Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 41%), application control (37%) and URL filtering (29%), play a part in even fewer wireless deployments.

When considering the future direction of their wireless security strategies, the majority of respondents said they would maintain focus on the most common security features – firewall & authentication, while demand for more security is emerging with 23% prioritizing complementary technologies – IPS, anti-virus, application control and URL filtering – to guard against the full extent of the threat landscape.

Gain Control And Secure Your Wireless Networks With AirMagnet Enterprise

The most comprehensive 24×7 WIDS/WIPS WiFi Network and Cellular security solution.

AirMagnet Enterprise is a full-time wireless intrusion prevention system (WIPS), wireless intrusion detection system (WIDS) and wireless network security monitoring system that provides dedicated monitoring of the airspace to enable the security, performance and compliance of wireless LANs. AirMagnet Enterprise is used by organizations for the most complete WIPS and WIDS, remote network troubleshooting, enforcing no-wireless zones, and proving compliance.

  • Dedicated wireless intrusion prevention system (WIPS) and wireless intrusion detection system (WIDS) with integrated spectrum and 802.11ac analysis for complete wireless network visibility
  • SmartEdge, Series 4 Sensors Tri-Radio, 802.11n 2×2 and 3×3 MIMO plus dedicated Cellular Spectrum radio
  • Dynamic Threat Update technology for immediate wireless intrusion prevention of new threats
  • Automated PCI 3 and regulatory compliance reporting
  • Automated Health Check pinpoints and diagnoses problems impacting WiFI connectivity, performance, and network security
  • Forensic analysis and event triangulation for rapid response

 


Overview

 


AirMagnet Enterprise – Complete Cellular and Wireless Network Security

AirMagnet Enterprise protects against every wireless network security threat by combining the industry’s most thorough wireless intrusion detection system (WIDS) and wireless network security monitoring with leading research, analysis and security threat remediation.

Full Network Visibility

AirMagnet Enterprise scans all possible 802.11 wireless channels (including the 200 extended channels), and cellular spectrum channels ensuring there are no blind spots where rogue or interfering devices may be hiding.

AirMagnet Enterprise goes beyond WiFi network analysis with optional WiFi and cellular spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras and cell phones.

Industry Leading Wireless Intrusion Prevention System (WIPS) and Wireless Intrusion Detection System (WIDS)

The AirMagnet Intrusion Research Team constantly investigates the latest hacking techniques, trends and potential wireless network security vulnerabilities to keep organizations ahead of evolving wireless network security threats.

Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures.

As soon as any new wireless network security threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the organizations.

Provides significant security protection over existing AP infrastructure

Security is not the APs primary focus, thus APs typically miss many security threats. AirMagnet Enterprise dedicated WIDS/WIPS solution provides peace of mind and assurance that your critical wireless network is protected full time, not part of the time like with APs.

  • Part time scanning by built-in security solutions miss attacks
  • AP is likely too slow and resource constrained to do the job right
  • AP’s Integrated WIPS cover far fewer threats (usually <20% of threats) and require slow firmware upgrade to respond to new threats
  • AP hardware can be limited by regulatory and configuration issues (cannot scan 200+ 5 GHz extended channels)
  • If the AP is attacked, who monitors then?

Find Outages and Emerging Problems Before Users are Affected

AirMagnet Enterprise Automated Health Check (AHC) technology actively tests and verifies complete wireless LAN connectivity from the wireless link all the way through to application servers or the Internet, automatically detecting critical outages or network degradation while pinpointing the exact source of trouble. Sensors running AHC tests provide a true client perspective to:

  • Fully authenticate to the network and proactively probe for problem related to wireless LAN security issues or other network resources.
  • Provides network staff with immediate and specific information on the root cause, so they can respond often before users are impacted.
  • Perform Captive Portal to verify guess wireless network

 Features

 


BYOD Classification

The industry’s first over-the-air smart device detection and classification provides unprecedented level of visibility and gives IT professionals the ability to optimize the wireless networks for BYOD. This information enables an engineer to quickly troubleshoot and remediate any wireless network security or performance issues caused by these devices.

Software Sensor Agent (SSA)

The industry’s first software-based sensor which runs on Windows PCs delivers basic wireless network security monitoring at a very low cost structure and enables true client based performance measurement. This new flexibility to combine SSA-based sensors with hardware sensors allows users to build the wireless network security monitoring solution which is best optimized for their requirements and budget.

Automated Health Check (AHC)

Automated Health Check provides the fastest and most accurate way to detect and pinpoint the cause of problems which impact the productivity of WLAN users. Software or hardware sensors actively probe the wireless network from the wireless user’s perspective, to verify connectivity across the wireless link to critical network resources. AHC reduces the costs associated with user productivity loss and troubleshooting process caused by complex wireless problems. Supports Captive Portal verification to ensure performance and security of Guest network

24×7 Cellular Spectrum Security

Activity by cellular devices like cell phones and jammers is tracked and reported. Cellular security events such as Mobile cellular events, Cellular interference events, and Base station cellular events are monitored and reported on. Associate carrier information with cellular event. Triangulate and locate non-compliant cellular event on floor plan for quick remediation.

24×7 Wireless Intrusion Detection and Prevention

AirMagnet Enterprise scans all possible 802.11 wireless network channels (including the 200 extended channels), ensuring there are no blind spots where rogue devices may be hiding. AirMagnet Enterprise goes beyond Wi-Fi analysis with optional spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras.

The AirWISE engine constantly analyzes all wireless devices and traffic using a combination of frame inspection, stateful pattern analysis, statistical modeling, RF analysis and anomaly detection, enabling detection of hundreds of specific threats, attacks and vulnerabilities such as rogue devices, spoofed devices, DoS attacks, man-in-the-middle attacks, evil twins, as well as the most recent hacking tools and techniques such as MDK3, Karmetasploit and 802.11n DoS attacks.

Dynamic Threat Protection Technology

Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures through the AirMagnet AirWISE® engine. As soon as any new threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the enterprise. DTU signatures are separate from the firmware image to allow quick response to new threats. DTU signature updates are seamless with no downtime to ensure you are protected against latest security threats.

Threat Tracing, Blocking & Mapping

Threat Tracing, Blocking & Mapping All devices are traced using a suite of wired and wireless tracing methods to quickly and reliably determine if a device is connected to the wired network. The system uses a newly enhanced set of sophisticated techniques, including use of SNMP, automated switch discovery, and hardware and traffic analysis, to ensure accurate, fast tracing in any network topology.

Threats can be manually or automatically remediated with a combination of both wired and wireless security threat suppression. Wireless blocking targets a threat at the source and specifically blocks the targeted wireless device from making any wireless connections. Wired blocking automatically closes the wired switch port where a threat has been traced.

All security threats and devices can be located on a map or floorplan and set to trigger rogue alarms based on the device’s location.

Massive Scalability & System Resiliency

AirMagnet Enterprise offers the only WIPS and WIDS solution in the industry to meet the established standards of a mission critical security application. It is the only WIPS and WIDS solution to build fault-tolerance into each component, with fail-over boot images in every sensor and automatic server fail-over licenses that come standard with the system. Additionally, AirMagnet Enterprise sensors can operate as fully independent WIDS/WIPS nodes detecting and remediating threats without losing information, even if the network connection to the server is lost for days.

With intelligent sensors that locally analyze Wi-Fi and RF conditions, more than 1,000 sensors can be supported through single centralized server in the data center, requiring minimal network bandwidth.

Processing at the sensor level means that each sensor continues to enforce the security policy even if connection to the server is lost for more than 24 hours. Hot standby server software (included) enables fully redundant data center operations for maximum wireless security protection.

Event Forensics

AirMagnet Enterprise can capture a complete packet or RF forensic record of any network event, allowing appropriate staff to investigate the issue in depth, at any time. By leveraging its unique intelligent sensors, AirMagnet Enterprise provides the only WIPS and WIDS solution in the industry to automatically capture forensic information from before, during and after the event.

Performance Monitoring and Remote Troubleshooting

In addition to rich WIPS and WIDS features, AirMagnet Enterprise constantly monitors the health of the wireless LAN and RF environment to proactively detect evolving problems that can lead to an interruption to the network. The wireless network security system detects these issues, gives engineers topical remediation advise and includes active remote tools to troubleshoot the issue. This allows staff to avoid network downtime and vastly reduce the time-to-fix for any outage, leading to more uptime, improved user satisfaction and a higher performing network.

Integrated 802.11n and Spectrum Intelligence

The AirMagnet Enterprise system can monitor the RF Spectrum and 802.11n traffic. AirMagnet Enterprise performs a complete interference analysis of the air. This includes co-channel interference from Wi-Fi devices, as well as optional spectrum analysis of non-Wi-Fi devices, such as microwave ovens, cordless phones or legacy wireless equipment.

AirMagnet Enterprise goes beyond simple 802.11n support to provide managers with hands-on 802.11n optimization tools and intelligence focused on real-world performance and network throughput. Tools include live diagnostics of any 802.11n connection that automatically highlights and explains how performance can be improved.

Automated Business and Regulatory Compliance Reporting

AirMagnet Enterprise provides automated compliance reporting for all major network regulations including PCI, HIPAA, Sarbanes-Oxley, GLBA and more. Reports provide instant visibility into issues that may need to be addressed for compliance and exactly what needs to be fixed. Reports can be scheduled to run and delivered automatically, ensuring a complete library of regulatory reports in the case of an audit

802.11ac Detection, Rogue Device Blocking, and Location

AirMagnet Enterprise v10.9 provides 802.11ac analysis capabilities utilizing existing SmartEdge Series4 sensors to provide:

  • Detection and location of 802.11ac Access Points (AP) and Stations (STA)
  • Blocking of rogue 802.11ac devices
  • Wireless and wire-side tracing of 802.11ac rogue devices
  • User Wi-Fi Remote UI to view 802.11ac frames.
  • When using the Decodes feature of the Remote Wi-Fi Analyzer, provides frame-level visibility into
    – AP: Beacon, Probe Response, STA Probe Request, Policy Management of 802.11ac – create policies around 802.11ac management
  • View 802.11ac devices in AME Reports
  • Remote Spectrum Analyzer support for all 802.11ac channels

 


To discuss your wireless security requirements contact us

Security’s New Front Line of Defense: Ixia ThreatARMOR

One of the problems enterprise security experts must deal with is the constant influx of network traffic due to an ever-expanding attack surface. More access avenues means security solutions have to work harder to block unwanted interactions, which creates additional data for administrators to sort through.

Why not make your job easier? Ixia ThreatARMOR reduces your attack surface by blocking all known bad IP addresses so administrators can focus on legitimate threats to the network.

ThreatARMOR uses data from Ixia’s Application and Threat Intelligence (ATI) research center to automatically block confirmed threats, hijacked IP’s and even entire countries in bulk.

Ixia ThreatARMOR security infrastructure

As many recent breaches demonstrate, indications of intrusions and data exfiltration attempts are usually flagged through internal security alerts long before the intrusion is actually discovered. But determining the critical alerts is like trying to find a needle in a haystack, given the sheer number of security alerts that must be analyzed daily, ThreatARMOR delivers a new level of visibility and security by blocking unwanted traffic before many of these unnecessary security events are ever generated.

Key Features

  • Reduces attack surface by eliminating known-bad traffic
  • Stop traffic from unwanted countries
  • Quickly identify compromised internal systems
  • Stops connections, both inbound and outbound, involving known malware, botnet, and phishing sites
  • No false positives – clear proof of criminal behavior for all blocked sites
  • Always-on cloud update service from Ixia’s ATI Research Center
  • Dual redundant power supplies and integrated bypass for maximum reliability

 

Contact us to discuss adding this extra layer of security to your network

 


 

 

Benefits of a Wireless Survey

Surprisingly, We’ve recently spoken to a number of other resellers who do not carry out onsite wireless surveys.. This is asking for trouble!

All too often we speak to end users who are experiencing issues with their wireless network, the mojority of the time when we investigate the route cause it stems back to the very beginning of the planning stages, where an IT reseller did not conduct a wireless survey onsite.


Why get a site survey?

Site surveys determine signal coverage, throughput requirements, interfering sources, dead spots, potential roaming behavior, etc. and helps determine:

  • How many access points are needed for the best wireless coverage
  • Where to deploy access points
  • How to configure each access point to ensure optimal coverage for all end users

Without site surveys it is difficult to determine the capital investment needed to deploy the wireless network in a timely and cost efficient manner.

Site surveys are performed using professional grade tool kits such as AirMagnet Survey Pro. Without the use of a professional site survey tool, it is virtually impossible to plan and implement a robust and reliable wireless system that extends beyond two or three AP’s in a small single floor area. The purpose of these surveys in regards to channel planning should be to ensure adequate coverage without causing additional channel utilization or interference.

Some other considerations when surveying the network:

  • It is important to note that 2.4GHz and 5GHz have different characteristics that must be taken into account when deploying dual-band AP’s (2.4GHz and 5GHz capable) access points. The 2.4GHz signal can travel further and has better penetration capabilities than 5GHz. Thus the radius of a coverage cell on 2.4GHz is longer than on 5GHz. This could lead to dead zones in 5GHz coverage if only 2.4GHz coverage is measured in a site survey, and will likely require different power settings for each radio to equalize coverage cells.
  • In some deployments, multiple SSID’s are enabled on an a single AP. Some SSID’s may have legacy bit rates disabled which shortens the coverage radius on 2.4GHz or the SSID may only have 5GHz enabled. The site survey should measure the coverage cells of each SSID independently within the extended service set to determine if adequate coverage is met.
  • For high-density deployments, manually tune 2.4 & 5.4GHz channels and power settings based off of site survey data.

Channel Planning

There are 14 channels designated on the 2.4 GHz spectrum which are 20 MHz wide. The channel centers are separated by 5 MHz, and the entire spectrum is only 100 MHz wide total. This means that the channels have to squeeze into the 100 MHz available, and in the end, overlap.

However, there are three channels that don’t overlap: 1, 6 and 11, as you can see in the image below. Co-channel interference is where devices take turns talking, so the more devices on one channel, the longer it takes for a device to talk since it has to wait for its turn.

WiFi WLAN Channel Planning wireless survey

Using overlapping channels causes errors, which results in packet re-transmissions and significantly decreased network performance.

The same problem exists when using more than one access point on the same channel in the same physical area.  This is called co-channel interference.  Co-channel interference should be avoided as it can have a dramatic effect on network performance

Main causes of WiFi interference:

Wireless interference

Co-Channel interference isn’t a major problem until there are too many WiFi devices on the same channel. Adjacent-Channel interference on the other hand is where you run into problems and channel selection becomes critical. Luckily, these channel related interference’s can be reduced or eliminated by selecting the proper WiFi channel for your network.

Using a spectrum analyzer like AirMagnet Spectrum XT will allow you to see this wireless environment, so you can either select the right channel or mitigate WiFi interference. Ultimately, improving your WLAN network performance.

RF signals are very unpredictable. If an access point is placed in an open environment without obstacles, the signals usually maintain an omni-directional pattern. However, when obstacles and walls are introduced, the RF signals are disrupted and access point coverage varies based on location.


It is important not to generalise every wireless deployment in terms of requirements. For example, in an office environment where file and print services and Internet access are the primary needs, a few dead spots may be tolerable. But in a healthcare environment where medical personnel require unrestricted wireless access to patient information this is unacceptable.

Without a wireless survey it would be virtually impossible to determine if the technical requirements of the business can be supported!


What will Iris Networks do onsite?

Gather requirements — An initial planning session will be held to review preliminary design requirements, confirm your objectives and goals for assessment. We will also identify and confirm the in-scope and out-of-scope areas for design, in-scope areas that have AP mounting restrictions and review floor plans to bring attention to any potential trouble areas

Perform the survey — Indoor & outdoor surveys, active surveys enabling real-world measurements, spectrum analysis and Voice over Wi-Fi (VoFi) surveys if needed

Deliver the results — Comprehensive and easy-to-understand report with a bill of materials for complete installation

What does the site assessment include?
The site assessment includes:

    • Network verification and validation per specifications. Expert recommendation and advice provided in order to achieve desired specifications
    • Spectrum Analysis to identify RF interference sources from non-WLAN sources in a single survey
      • Visualization of RF energy at any location and identification and display of non-802.11 devices interfering with WLAN
    • Voice over WiFi (VoFi) survey. Coverage maps built specifically for voice networks includes call quality, phone roaming zones (roaming stats), channel utilization and voice-readiness validation

We can provide this for a range of:

New installations — Determine capital investment and obtain the number and preferred location of access points for the best coverage before the initial deployment

Existing installations — Verify the number of access points required versus the number actually deployed and validate their location to ensure optimal performance for all end users

Ongoing optimisation — Ensure optimal performance by conducting periodic site surveys in order to account for changes in the WLAN environment

Iris Networks site assessment service uses software and industry best practices to locate and map authorised and unauthorised wireless access points, review any corporate access point deployment, analyze the environment for interference and design and plan a WLAN network.


If you are a reseller, distributor or a systems integrator that needs an experienced partner to deliver wireless projects on your behalf, whether it be for small or large scale customers contact us to discuss your requirements.

NetAlly- AirMagnet Survey Pro
NetAlly – AirMagnet Spectrum XT
NetAlly – AirMagnet WiFi Analyzer

Welcome to NETSCOUT

Organizations need highly reliable IT infrastructures to ensure that business operations are never interrupted. The role of IT has become that of “guardian of the connected world,” and it’s a critical role. Proactive, real-time monitoring is a must to ensure ongoing, optimal service.

The combination of NETSCOUT and Danaher’s Communications Group, comprising of Tektronix Communications, Arbor Networks, and parts of Fluke Networks, provides a comprehensive product portfolio across service assurance and performance analytics, business intelligence, and cyber-threat mitigation solutions for service providers, as well as large and small enterprises.

Below are the Fluke Networks Enterprise business unit product portfolio now owned by NETSCOUT:

  • Visual TruView™
  • LinkSprinter™
  • TruView™ Live
  • LinkRunner™
  • OptiView® XG
  • AirMagnet™
  • OneTouch™
  • AirCheck™

About the Merger

On July 14, 2015, Danaher Corporation (the parent company of Fluke Networks), merged its Fluke Networks Enterprise business unit with NETSCOUT Systems, an independent, publicly held company (NASDAQ:NTCT). The Fluke Networks Enterprise business unit product portfolio now owned by NetScout, includes Visual TruView™, TruView™ Live, OptiView® XG, OneTouch™, LinkSprinter™, LinkRunner™, AirMagnet™ and AirCheck™ solutions, as well as others. The remaining Fluke Networks product portfolio, including the DTX CableAnalyzer™, Versiv Cabling Certification System, LinkWare™ Live and Telecom products remain with Fluke Networks.

 

Optiview XG – Solve Network & Application Performance Issues Faster: By Fluke Networks

 

Why you need the XG Network Monitoring Tablet:

The OptiView® XG Network Analysis Tablet is the first tablet specifically designed for the network engineer to quickly “prove it’s not the network” and find root cause. This network traffic analyzer and monitoring tool automates the analysis of wired and wireless network and application problems allowing the engineer to spend less time on problems and more time on other initiatives. The OptiView XG network traffic analyzer and monitoring tool is designed to support the deployment and analysis of new technologies, including unified communications, virtualization, wireless and 10 Gbps Ethernet. The result is that new initiatives get up and running faster and networks stay productive even in these days of smaller teams and budgets.

The OptiView XG network traffic analyzer and monitoring tool combines multiple functions and technologies so engineers can analyze anything, from the access layer to the data center, and it can be left in place for proactive network monitoring, or used remotely for direct analysis of the problem area.

OptiView XG provides network pros with correlated views and shareable reporting, so you can get ahead of unplanned downtime incidents fast and still meet recovery SLAs.

Core Capabilities:

    • Network Monitoring and AnalysisAutomated discovery, monitoring, mapping, analysis and guided troubleshooting of your network infrastructure.
    • Traffic and Packet AnalysisThe ONLY tablet with 10 Gbps “on the wire” analysis.
    • Wireless AnalysisOptiView XG is optimized to find root cause of issues in both wired and wireless environments. Integrated tools for deployment and troubleshooting of 802.11a/b/g/n/ac WLANs.
    • Application-Centric AnalysisOptiView XG goes in-line between the network and clients, access points, servers, or anywhere in the actual path to get application-level visibility
    • Performance TestingConduct network assessments, validate new infrastructure and devices, test service provider SLAs and QoS, and troubleshoot problems from end to end, at up to a full line-rate of 10 Gbps.

Contact us for further information

0% Cisco Meraki Finance!

Cisco Capital

Iris Networks are now pleased to be able to provide our Cisco Meraki customers with an easy 0% finance option that will help to build the best technology infrastructure for growth, whilst switching from a CapEx model to a valuable OpEx model.

Our compelling 0% interest offer gives you the freedom to acquire the best technology solutions that your business needs, in the most cost efficient manner.

It reduces your financial pressures by spreading payments over 3 years, and that financial freedom means you can move from “wish we could” to “yes we can”! You can afford to get the right solution for your business, without compromise. By financing your technology solution with easylease, there is less strain on your cash flow,  which means you have greater flexibility and agility when it comes to business planning.

0% finance for growth

Cisco easylease

 

Attend a Meraki webinar to claim your FREE Meraki AP!

Contact our team today to discuss your requirements

 

 

 

Wireless Technology and Network Analysis Blog – Iris Networks

Hello to one and all!

 

Thank you for taking the time to check out our new blog page.

This is a place where we are going to keep you updated with company, product and industry happenings.

Firstly, we would like to introduce to you our brand new new e-Shop! Further products will be added shortly..

And we have also been busy updating the promotions section of our website – keep checking back for new additions.

 

2016 is set to be an exciting year for Iris Networks, We are looking forward to releasing further information around;

  • Signing contacts with one of our Vendors to hold their highest tiered partner status
  • Our very own event in London
  • Free product giveaway!

 

Our aim is simple; to provide a high class service to our customers around wireless design and surveying and deployment, Fluke Networks portable wired/wireless network testing tools and anything else in-between

If you would like to have a chat with our sales team, feel free to contact us;

01925 357 770

sales@irisnetworks.co.uk

 

All the best for 2016

 

 

Do NOT follow this link or you will be banned from the site!