|AirMagnet Survey PRO 8.8|
9 out of 10 CIO’s Report That They Have Concerns Over Insufficient Wireless Protection; Over One-Third of Enterprises Found to be Lacking Basic Wireless Security
This statement is hardly surprising given that more than one-third of the enterprise wireless networks put in place for internal employees, do not have the basic security function of authentication in place.
The findings come from an independent survey of over 1,490 IT decision makers at 250+ employee organizations around the world. All respondents were sourced from independent market research company Lightspeed GMI’s online panel.
Other survey highlights include:
- Nearly half of ITDMs (48%) consider loss of sensitive corporate and/or customer data the biggest risk of operating an unsecured wireless environment.
- 72% have adopted a cloud approach to management of their wireless infrastructure and 88% trust the cloud for future wireless deployment.
- 43% of ITDMs polled provide guest access on their corporate wireless networks; 13% of these organizations do so without any controls whatsoever.
Wireless Networks at Risk
According to the survey, wireless networks are ranked as the most vulnerable IT infrastructure, with the highest proportion of IT DMs (49%) placing it in their top two. Respondents positioned wireless as significantly more vulnerable than core networking infrastructure, with just 29% of IT DMs ranking this highly. Databases (25%), applications (17%) and storage (11%) infrastructures were considered amongst the least susceptible from a security standpoint.
In addition, 37% of global IT DMs polled do not have the most basic wireless security measure of authentication in place. A significant 29% and 39% of enterprises respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies.
Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 41%), application control (37%) and URL filtering (29%), play a part in even fewer wireless deployments.
When considering the future direction of their wireless security strategies, the majority of respondents said they would maintain focus on the most common security features – firewall & authentication, while demand for more security is emerging with 23% prioritizing complementary technologies – IPS, anti-virus, application control and URL filtering – to guard against the full extent of the threat landscape.
Gain Control And Secure Your Wireless Networks With AirMagnet Enterprise
The most comprehensive 24×7 WIDS/WIPS WiFi Network and Cellular security solution.
AirMagnet Enterprise is a full-time wireless intrusion prevention system (WIPS), wireless intrusion detection system (WIDS) and wireless network security monitoring system that provides dedicated monitoring of the airspace to enable the security, performance and compliance of wireless LANs. AirMagnet Enterprise is used by organizations for the most complete WIPS and WIDS, remote network troubleshooting, enforcing no-wireless zones, and proving compliance.
- Dedicated wireless intrusion prevention system (WIPS) and wireless intrusion detection system (WIDS) with integrated spectrum and 802.11ac analysis for complete wireless network visibility
- SmartEdge, Series 4 Sensors Tri-Radio, 802.11n 2×2 and 3×3 MIMO plus dedicated Cellular Spectrum radio
- Dynamic Threat Update technology for immediate wireless intrusion prevention of new threats
- Automated PCI 3 and regulatory compliance reporting
- Automated Health Check pinpoints and diagnoses problems impacting WiFI connectivity, performance, and network security
- Forensic analysis and event triangulation for rapid response
AirMagnet Enterprise – Complete Cellular and Wireless Network Security
AirMagnet Enterprise protects against every wireless network security threat by combining the industry’s most thorough wireless intrusion detection system (WIDS) and wireless network security monitoring with leading research, analysis and security threat remediation.
Full Network Visibility
AirMagnet Enterprise scans all possible 802.11 wireless channels (including the 200 extended channels), and cellular spectrum channels ensuring there are no blind spots where rogue or interfering devices may be hiding.
AirMagnet Enterprise goes beyond WiFi network analysis with optional WiFi and cellular spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras and cell phones.
Industry Leading Wireless Intrusion Prevention System (WIPS) and Wireless Intrusion Detection System (WIDS)
The AirMagnet Intrusion Research Team constantly investigates the latest hacking techniques, trends and potential wireless network security vulnerabilities to keep organizations ahead of evolving wireless network security threats.
Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures.
As soon as any new wireless network security threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the organizations.
Provides significant security protection over existing AP infrastructure
Security is not the APs primary focus, thus APs typically miss many security threats. AirMagnet Enterprise dedicated WIDS/WIPS solution provides peace of mind and assurance that your critical wireless network is protected full time, not part of the time like with APs.
- Part time scanning by built-in security solutions miss attacks
- AP is likely too slow and resource constrained to do the job right
- AP’s Integrated WIPS cover far fewer threats (usually <20% of threats) and require slow firmware upgrade to respond to new threats
- AP hardware can be limited by regulatory and configuration issues (cannot scan 200+ 5 GHz extended channels)
- If the AP is attacked, who monitors then?
Find Outages and Emerging Problems Before Users are Affected
AirMagnet Enterprise Automated Health Check (AHC) technology actively tests and verifies complete wireless LAN connectivity from the wireless link all the way through to application servers or the Internet, automatically detecting critical outages or network degradation while pinpointing the exact source of trouble. Sensors running AHC tests provide a true client perspective to:
- Fully authenticate to the network and proactively probe for problem related to wireless LAN security issues or other network resources.
- Provides network staff with immediate and specific information on the root cause, so they can respond often before users are impacted.
- Perform Captive Portal to verify guess wireless network
Automated Health Check (AHC)
Threat Tracing, Blocking & Mapping
Performance Monitoring and Remote Troubleshooting
Integrated 802.11n and Spectrum Intelligence
Automated Business and Regulatory Compliance Reporting
802.11ac Detection, Rogue Device Blocking, and Location
One of the problems enterprise security experts must deal with is the constant influx of network traffic due to an ever-expanding attack surface. More access avenues means security solutions have to work harder to block unwanted interactions, which creates additional data for administrators to sort through.
Why not make your job easier? Ixia ThreatARMOR reduces your attack surface by blocking all known bad IP addresses so administrators can focus on legitimate threats to the network.
ThreatARMOR uses data from Ixia’s Application and Threat Intelligence (ATI) research center to automatically block confirmed threats, hijacked IP’s and even entire countries in bulk.
As many recent breaches demonstrate, indications of intrusions and data exfiltration attempts are usually flagged through internal security alerts long before the intrusion is actually discovered. But determining the critical alerts is like trying to find a needle in a haystack, given the sheer number of security alerts that must be analyzed daily, ThreatARMOR delivers a new level of visibility and security by blocking unwanted traffic before many of these unnecessary security events are ever generated.
- Reduces attack surface by eliminating known-bad traffic
- Stop traffic from unwanted countries
- Quickly identify compromised internal systems
- Stops connections, both inbound and outbound, involving known malware, botnet, and phishing sites
- No false positives – clear proof of criminal behavior for all blocked sites
- Always-on cloud update service from Ixia’s ATI Research Center
- Dual redundant power supplies and integrated bypass for maximum reliability
Contact us to discuss adding this extra layer of security to your network
Surprisingly, We’ve recently spoken to a number of other resellers who do not carry out onsite wireless surveys.. This is asking for trouble!
All too often we speak to end users who are experiencing issues with their wireless network, the mojority of the time when we investigate the route cause it stems back to the very beginning of the planning stages, where an IT reseller did not conduct a wireless survey onsite.
Why get a site survey?
Site surveys determine signal coverage, throughput requirements, interfering sources, dead spots, potential roaming behavior, etc. and helps determine:
- How many access points are needed for the best wireless coverage
- Where to deploy access points
- How to configure each access point to ensure optimal coverage for all end users
Without site surveys it is difficult to determine the capital investment needed to deploy the wireless network in a timely and cost efficient manner.
Site surveys are performed using professional grade tool kits such as AirMagnet Survey Pro. Without the use of a professional site survey tool, it is virtually impossible to plan and implement a robust and reliable wireless system that extends beyond two or three AP’s in a small single floor area. The purpose of these surveys in regards to channel planning should be to ensure adequate coverage without causing additional channel utilization or interference.
Some other considerations when surveying the network:
- It is important to note that 2.4GHz and 5GHz have different characteristics that must be taken into account when deploying dual-band AP’s (2.4GHz and 5GHz capable) access points. The 2.4GHz signal can travel further and has better penetration capabilities than 5GHz. Thus the radius of a coverage cell on 2.4GHz is longer than on 5GHz. This could lead to dead zones in 5GHz coverage if only 2.4GHz coverage is measured in a site survey, and will likely require different power settings for each radio to equalize coverage cells.
- In some deployments, multiple SSID’s are enabled on an a single AP. Some SSID’s may have legacy bit rates disabled which shortens the coverage radius on 2.4GHz or the SSID may only have 5GHz enabled. The site survey should measure the coverage cells of each SSID independently within the extended service set to determine if adequate coverage is met.
- For high-density deployments, manually tune 2.4 & 5.4GHz channels and power settings based off of site survey data.
There are 14 channels designated on the 2.4 GHz spectrum which are 20 MHz wide. The channel centers are separated by 5 MHz, and the entire spectrum is only 100 MHz wide total. This means that the channels have to squeeze into the 100 MHz available, and in the end, overlap.
However, there are three channels that don’t overlap: 1, 6 and 11, as you can see in the image below. Co-channel interference is where devices take turns talking, so the more devices on one channel, the longer it takes for a device to talk since it has to wait for its turn.
Using overlapping channels causes errors, which results in packet re-transmissions and significantly decreased network performance.
The same problem exists when using more than one access point on the same channel in the same physical area. This is called co-channel interference. Co-channel interference should be avoided as it can have a dramatic effect on network performance
Main causes of WiFi interference:
Co-Channel interference isn’t a major problem until there are too many WiFi devices on the same channel. Adjacent-Channel interference on the other hand is where you run into problems and channel selection becomes critical. Luckily, these channel related interference’s can be reduced or eliminated by selecting the proper WiFi channel for your network.
Using a spectrum analyzer like AirMagnet Spectrum XT will allow you to see this wireless environment, so you can either select the right channel or mitigate WiFi interference. Ultimately, improving your WLAN network performance.
RF signals are very unpredictable. If an access point is placed in an open environment without obstacles, the signals usually maintain an omni-directional pattern. However, when obstacles and walls are introduced, the RF signals are disrupted and access point coverage varies based on location.
It is important not to generalise every wireless deployment in terms of requirements. For example, in an office environment where file and print services and Internet access are the primary needs, a few dead spots may be tolerable. But in a healthcare environment where medical personnel require unrestricted wireless access to patient information this is unacceptable.
Without a wireless survey it would be virtually impossible to determine if the technical requirements of the business can be supported!
What will Iris Networks do onsite?
Gather requirements — An initial planning session will be held to review preliminary design requirements, confirm your objectives and goals for assessment. We will also identify and confirm the in-scope and out-of-scope areas for design, in-scope areas that have AP mounting restrictions and review floor plans to bring attention to any potential trouble areas
Perform the survey — Indoor & outdoor surveys, active surveys enabling real-world measurements, spectrum analysis and Voice over Wi-Fi (VoFi) surveys if needed
Deliver the results — Comprehensive and easy-to-understand report with a bill of materials for complete installation
What does the site assessment include?
The site assessment includes:
- Network verification and validation per specifications. Expert recommendation and advice provided in order to achieve desired specifications
- Spectrum Analysis to identify RF interference sources from non-WLAN sources in a single survey
- Visualization of RF energy at any location and identification and display of non-802.11 devices interfering with WLAN
- Spectrum Analysis to identify RF interference sources from non-WLAN sources in a single survey
- Voice over WiFi (VoFi) survey. Coverage maps built specifically for voice networks includes call quality, phone roaming zones (roaming stats), channel utilization and voice-readiness validation
We can provide this for a range of:
New installations — Determine capital investment and obtain the number and preferred location of access points for the best coverage before the initial deployment
Existing installations — Verify the number of access points required versus the number actually deployed and validate their location to ensure optimal performance for all end users
Ongoing optimisation — Ensure optimal performance by conducting periodic site surveys in order to account for changes in the WLAN environment
Iris Networks site assessment service uses software and industry best practices to locate and map authorised and unauthorised wireless access points, review any corporate access point deployment, analyze the environment for interference and design and plan a WLAN network.
If you are a reseller, distributor or a systems integrator that needs an experienced partner to deliver wireless projects on your behalf, whether it be for small or large scale customers contact us to discuss your requirements.
Organizations need highly reliable IT infrastructures to ensure that business operations are never interrupted. The role of IT has become that of “guardian of the connected world,” and it’s a critical role. Proactive, real-time monitoring is a must to ensure ongoing, optimal service.
The combination of NETSCOUT and Danaher’s Communications Group, comprising of Tektronix Communications, Arbor Networks, and parts of Fluke Networks, provides a comprehensive product portfolio across service assurance and performance analytics, business intelligence, and cyber-threat mitigation solutions for service providers, as well as large and small enterprises.
Below are the Fluke Networks Enterprise business unit product portfolio now owned by NETSCOUT:
- Visual TruView™
- TruView™ Live
- OptiView® XG
About the Merger
On July 14, 2015, Danaher Corporation (the parent company of Fluke Networks), merged its Fluke Networks Enterprise business unit with NETSCOUT Systems, an independent, publicly held company (NASDAQ:NTCT). The Fluke Networks Enterprise business unit product portfolio now owned by NetScout, includes Visual TruView™, TruView™ Live, OptiView® XG, OneTouch™, LinkSprinter™, LinkRunner™, AirMagnet™ and AirCheck™ solutions, as well as others. The remaining Fluke Networks product portfolio, including the DTX CableAnalyzer™, Versiv Cabling Certification System, LinkWare™ Live and Telecom products remain with Fluke Networks.
Why you need the XG Network Monitoring Tablet:
The OptiView® XG Network Analysis Tablet is the first tablet specifically designed for the network engineer to quickly “prove it’s not the network” and find root cause. This network traffic analyzer and monitoring tool automates the analysis of wired and wireless network and application problems allowing the engineer to spend less time on problems and more time on other initiatives. The OptiView XG network traffic analyzer and monitoring tool is designed to support the deployment and analysis of new technologies, including unified communications, virtualization, wireless and 10 Gbps Ethernet. The result is that new initiatives get up and running faster and networks stay productive even in these days of smaller teams and budgets.
The OptiView XG network traffic analyzer and monitoring tool combines multiple functions and technologies so engineers can analyze anything, from the access layer to the data center, and it can be left in place for proactive network monitoring, or used remotely for direct analysis of the problem area.
OptiView XG provides network pros with correlated views and shareable reporting, so you can get ahead of unplanned downtime incidents fast and still meet recovery SLAs.
- Network Monitoring and AnalysisAutomated discovery, monitoring, mapping, analysis and guided troubleshooting of your network infrastructure.
- Traffic and Packet AnalysisThe ONLY tablet with 10 Gbps “on the wire” analysis.
- Wireless AnalysisOptiView XG is optimized to find root cause of issues in both wired and wireless environments. Integrated tools for deployment and troubleshooting of 802.11a/b/g/n/ac WLANs.
- Application-Centric AnalysisOptiView XG goes in-line between the network and clients, access points, servers, or anywhere in the actual path to get application-level visibility
- Performance TestingConduct network assessments, validate new infrastructure and devices, test service provider SLAs and QoS, and troubleshoot problems from end to end, at up to a full line-rate of 10 Gbps.
Contact us for further information
Iris Networks are now pleased to be able to provide our Cisco Meraki customers with an easy 0% finance option that will help to build the best technology infrastructure for growth, whilst switching from a CapEx model to a valuable OpEx model.
Our compelling 0% interest offer gives you the freedom to acquire the best technology solutions that your business needs, in the most cost efficient manner.
It reduces your financial pressures by spreading payments over 3 years, and that financial freedom means you can move from “wish we could” to “yes we can”! You can afford to get the right solution for your business, without compromise. By financing your technology solution with easylease, there is less strain on your cash flow, which means you have greater flexibility and agility when it comes to business planning.
Attend a Meraki webinar to claim your FREE Meraki AP!
Contact our team today to discuss your requirements
Hello to one and all!
Thank you for taking the time to check out our new blog page.
This is a place where we are going to keep you updated with company, product and industry happenings.
Firstly, we would like to introduce to you our brand new new e-Shop! Further products will be added shortly..
And we have also been busy updating the promotions section of our website – keep checking back for new additions.
2016 is set to be an exciting year for Iris Networks, We are looking forward to releasing further information around;
- Signing contacts with one of our Vendors to hold their highest tiered partner status
- Our very own event in London
- Free product giveaway!
Our aim is simple; to provide a high class service to our customers around wireless design and surveying and deployment, Fluke Networks portable wired/wireless network testing tools and anything else in-between
If you would like to have a chat with our sales team, feel free to contact us;
01925 357 770
All the best for 2016