Академический Документы
Профессиональный Документы
Культура Документы
WHITEPAPER
© 2008
2009 AirTight Networks, Inc. All rights reserved.
AIRTIGHT NETWORKS WHITEPAPER
Executive Summary
Introduction
Wireless security audits play a crucial role in the wireless vulnerability
assessment of IT infrastructure and provide guidance on how organizations
can meet regulatory wireless compliance requirements. Assessment of wireless
vulnerabilities is challenging because of the dynamic nature of wireless
environments. Auditors have to worry about not only the wireless devices in a
network environment that is being audited, but also external wireless devices
in the vicinity that can impact the susceptibility of the network in question to
vulnerabilities and attacks. Wireless laptops, handhelds, and smartphones carried
by business travelers can also get infected with vulnerabilities on the road; even
organizations that may not have officially deployed a wireless LAN need to be
aware of these threats.
AirTight Networks’ unique service that allows for wireless security audits as a
hosted service removes the burden from the auditors and empowers them to
deliver premium service to their customers and perform more audits efficiently.
SpectraGuard® Online
AirTight Networks’ SpectraGuard Online is the world’s first and only service that
offers wireless security audits as a monthly subscription-based service. Its benefits
for the audit community are powerful:
1. Effortless, effective wireless security audits anywhere, anytime.
SpectraGuard Online eliminates “walk arounds” with a handheld device. With the
auditing service easily accessible via any Web browser, auditors can conduct a
wireless security audit for any customer, anywhere in the world, at any time — they
do not even have to leave the comfort of their own offices. Direct or VPN access
to customer’s corporate network is not needed. Auditors do not have to own and
maintain any hardware or software tools.
The bottom line: auditors can increase their profitability by increasing efficiency —
doing more audits in less time and serving customers worldwide without traveling.
Modules
Services Basic Wireless Wireless Wireless
Compliance Alerts IDS IPS
Automated wireless scanning
Compliance report delivered by email
monthly or quarterly
Real-time email alerts for Rogue AP
detection and wireless intrusion -
Archiving of alerts for one year
-
Access to wireless IDS console
- -
24x7 full wireless monitoring
- -
Troubleshooting and customizable
unlimited reporting - -
24x7 full wireless intrusion prevention
and automatic incident response - - -
RF heat maps
- - -
Location tracking to physically locate
and remove Rogue APs - - -
3. Confidence of a complete wireless vulnerability assessment
The inadequacy of handheld scanning for vulnerability assessment leaves audited
networks exposed to many common wireless threats and unaware of new
vulnerabilities. Free scanning tools such as NetStumbler and Kismet primarily
serve the purpose of capturing over-the-air packets, and report only very basic
information such as SSID, encryption, and MAC addresses. Further, handheld
scanners are not able to distinguish which wireless devices are connected to the
wired corporate LAN. This combined with the lack of security policies renders these
tools close to useless for alerting against common threats such as rogue APs, client
misassociation, and honeypots, to name a few. In addition, most live wireless
attacks go undetected during handheld scans. Auditors giving a clean bill of health
to such networks run the risk of liability if a wireless security breach or leakage of
classified information occurs.
With SpectraGuard Online users can easily define and manage wireless security
policies. AirTight Networks’ patented autoclassification technology allows quick,
accurate classification of access points and clients as authorized and unauthorized
including information about their connectivity, e.g., to wired corporate LAN, ad-
hoc networks.
5. Professional, pre-defined wireless security audit reports
Auditors often complain that communicating to each network administrator
which vulnerabilities are critical and need to be fixed is challenging. SpectraGuard
Online eliminates this problem by offering pre-defined reports that classify
detected wireless vulnerabilities into severity levels. This helps prioritize which
vulnerabilities need to be fixed first. Advice for fixing the vulnerability (manually or
automatically) is given. Reports can be generated for a moment in time or a period;
reports over different time periods can be used to audit the trends in the wireless
security posture of a network.
With multiple scanners monitoring the airspace, SpectraGuard Online can instantly
and accurately locate wireless devices in the vicinity. This is critical for quickly
finding vulnerable or malicious devices.
7. Future-proof system
Scanning tools—free and commercial—do not guarantee an up-to-date
security audit against new or emerging vulnerabilities and exploits, and newer
technologies (e.g., 802.11n). Auditors have to wait for the next software patch or
version upgrade.
A B O U T
5
Cost of PCI Compliance
AIRTIGHT NETWORKS (Million $)
Wireless analyzer
AirTight Networks is the global 4
leader in wireless security and
compliance solutions providing 3
customers best-of-breed
technology to automatically 2
detect, classify, locate and
block all current and emerging
1
wireless threats. AirTight offers SpectraGuard Online
both the industry’s leading 0.5
wireless intrusion prevention
system (WIPS) and the world’s
500 1000 2000 3000 5000
first wireless vulnerability
Number of sites
management (WVM) security-
as-a-service (SaaS). AirTight’s Estimated one year expense for PCI wireless scanning. For SpectraGuard Online and on-site WIPS, one wireless sensor per loca-
award-winning solutions are tion is assumed. Cost for scanning with a wireless analyzer includes logistics cost such as travel and lodging.