Anywhere, Anytime™ Wireless Protection
AirDefense is the market leader in anywhere, anytime™ wireless security, providing the most advanced solutions for rogue mitigation, intrusion prevention and policy enforcement for the mobile workforce. Trusted to monitor over 1 million wireless devices in the Forturn 500 and government organizations, AirDefense instills enterprises with a secure, risk-free wireless network with protection that is accurate, scalable and self-managing. AirDefense is the best wireless security solution for a Cisco wireless network, a Motorola wireless network and may other wireless networks.
By monitoring all 802.11 activity and correlating events from across the wireless network, AirDefense provides a complete enterprise view of everything happening in the airwaves. Powered by the industry’s most advanced IDS engines, policy manager and correlation engines, AIrDefense accurately detects and protects the network against all wireless threats and unauthorized devices.
Security-conscious enterprises are fortifying their wireless LANs with a layered approach to security that resembles the accepted security practices of wired networks. This layered approach to security addresses all network components:
- Secure Wireless LAN Devices
- Secure Communications
- Monitor for Security and Compliance
1. Secure Wireless LAN Devices
Perimeter control for the wireless LAN starts with deploying personal firewalls on every wireless equipped laptop and also includes a deployment of enterprise-class access points that offer advanced security and management capabilities. The wireless LAN should be segregated from the enterprise wired network as part of a VLAN to allow for wireless-specific management and security policies that do not affect the wired network.
All access points should be completely locked down and reconfigured from their default settings. The SSIDs and passwords of the access points should be changed from their default names. Some organizations choose to establish set channels of operation for each AP to identify all off-channel traffic as suspicious activity.
To secure mobile users at hotspots etc, organizations can deploy the AirDefense Personal product. An industry first, AirDefense Personal protects mobile users of hotspots and other public Wi-Fi networks from wireless-specific risks that could expose private data and transactions. AirDefense Personal is a software agent that runs on Windows PCs and monitors for malicious or accidental wireless activity and wireless misconfigurations that may cause security exposures or policy violations. The AirDefense Personal agent offers protection from a broad and growing set of new risks that directly target vulnerable wireless users and unobtrusively notifies the user when risky activity occur.
2. Secure Communication — Authentication & Encryption
In deploying secure wireless LANs, IT security and network managers face the most difficult decision in choosing how to secure WLAN communication with multiple forms of authentication and encryption. Like installing locks and keys on a door to control who can enter, the next layer of wireless LAN security is to control which users can access the wireless LAN. To provide basic authentication, most access points support simple MAC address filtering that maintains a list of approved stations’ MAC addresses. While this is not foolproof, MAC address filtering provides basic control over which stations can connect to your network.
Organizations that rely upon MAC address filtering for access control leave themselves vulnerable to simple identity thefts. Larger enterprises with more complex wireless LANs with hundreds of stations and dozens of access points require more sophisticated access control through incorporating remote authentication dial-in service (RADIUS) servers.
3. Monitor for Security & Compliance
Like a video camera that monitors all activity in a secure building 24 hours a day, a critical layer of wireless LAN security requires monitoring of the network to identify rogue WLANs, detect intruders and impending threats, and enforce WLAN security policies.
As an example of the need for monitoring, access points that are upgraded for WPA must be monitored to ensure the access point remains properly configured, according to Gartner. WLAN monitoring must scale to fit the specific needs of an enterprise. Some piece-meal solutions work for smaller organizations but do not scale for large enterprises with dozens or hundreds of locations around the world. Large enterprises require a cost-effective solution that can be centrally managed and does not overtax personnel resources.
Wireless LAN security experts advocate 24×7 monitoring of the airwaves to secure wireless LANs by identifying rogue WLANs, detecting intruders and impending threats, and enforcing WLAN security policies. “To truly secure wireless LANs, enterprises must monitor their airwaves to detect intruders and threats that can come from unscrupulous hackers and well-meaning employees. Monitoring the airwaves of a wireless LAN is an essential element of security that should also include advanced encryption and authentication.” Gartner
Functionality Requirements of a 24×7 Monitoring Solution
The 24×7 monitoring solution should be able to provide the following functionality:
AirDefense pioneered the concept of 24×7 monitoring of the airwaves. AirDefense Enterprise is the industry’s first Self-Managing wireless Intrusion Prevention System (IPS) and now provides the most advanced solutions for:
- Accurate Intrusion Detection – AirDefense protects the network by acting as an intelligent system, seeing the network as a whole & correlating information from all sensors and tracking threats as they roam throughout the network.
- Advanced Rogue Management – All rogue wireless devices and communications can be detected, analyzed and terminated by AirDefense.
- Automated Protection – AirDefense not only detects intruders and rogue devices in an enterprise’s airwaves, but allows them to actively protect and respond to threats manually or automatically by predefined policies.
- Policy Enforcement – AirDefense’s policy manager, enterprises can define, monitor & enforce wireless LAN policies in the areas of Security, Usage/Channel, Performance, Vendor.
- Forensics & Incident Analysis – AirDefense stores critical device communication and traffic information on a minute-by-minute basis, including channel activity, signal strength and device activity. AirDefense maintains historical data that powers forensic analysis and historic trending, as well as incident investigation.
- Remote Troubleshooting – With a real-time-view of all WLAN traffic, AirDefense enables network administrators to remotely troubleshoot problems, identify and respond to network mis-configurations, and monitor the networks availability. AirDefense analyzes traffic flow to interpret WLAN performance and identify usage characteristics, interference from neighboring WLANs, channel overlap, and performance degradation.
AirDefense can protect a Cisco wireless network, a Motorola wireless network and may other wireless networks. AirDefense is the best wireless network security solution available. Ears and Eyes of the airspace Rogue Detection & Mitigation Intrusion Detection Active Defenses Policy Enforcement Forensic & Incident Analysis Fault Diagnostics & Health Monitoring Accurate Intrusion Detection Advanced Rogue Management Active Defenses and Automated Protection Policy Monitoring & Enforcement Forensic & Incident Analysis Remote Troubleshooting With a distributed architecture of remote smart sensors that work in tandem with a secure server appliance, AirDefense monitors all wireless LAN activity in real time for the highest level of security, policy enforcement, and operational support. While AirDefense proactively notifies IT personnel of alarms for security threats, policy violations, and performance issues, the system also allows for network administrators to access a single interface for a complete view of the wireless devices and access to management-critical intelligence. The system also enables IT managers to take action either on-command or via pre-defined policy-based termination to eliminate the threat presented by rogue devices.
The AirDefense Enterprise system provides the most comprehensive and accurate detection of all threats and intrusions. With more than 200 alarms, AirDefense has integrated protection for every known and Day Zero wireless security threat.
Bottom Line: TPI and AirDefense partner to provide a secure wireless environment.