Seeking to protect enterprise networks from all potential Wi-Fi risks and threats, AirMagnet has released Enterprise 8.0. In addition to the FIPS-140-2 compliance supported by previous versions, this latest version incorporates highly proactive and configurable features that were carefully designed to combat the latest known techniques for unauthorized snooping or network-intrusion attacks. The updates in this version also provide improved intelligence features to consistently and efficiently protect enterprise wireless networks from older, more evolved threats.

Article Tools

• 

According to Chris Roeckl, product manager for AirMagnet, the philosophy behind the software’s ability to maintain Enterprise security is a three-pronged approach. First, the system detects and defends against the latest classes of wireless LAN exploits. Next, it delivers a forensic analysis for spectrum/RF threats to provide a complete threat-intelligence system to classify and prioritize all wireless events for simple management. Finally, the software equips the operator to immediately “drill down” on alarm events to root-cause and then respond to the detected threat

Roeckl states the four recent threat classes addressed by Enterprise 8.0 are referred to as chop-chop (often used to target retailers), fragmentation, denial-of-service (DoS) RTS floods, and netstumbler victim. These threats were identified as part of an ongoing effort (which includes the services provided for AirMagnet by engineers from the “White Hat” community) to maintain a high level of awareness for all emerging threats to wireless networks.

Once identified, effective detection mechanisms for coping with these most recently identified threats were then integrated into Enterprise 8.0. For example, the software now features advanced spectrum forensics, enabling IT staff to capture the raw evidence of interference or Layer-1 DoS attacks.

The threat-intelligence system of the Enterprise software is enabled by the software’s complete visibility of all wireless assets, and quickly allows operators to prioritize events based on their impact to the network and the network’s security policy. The 8.0 version even provides automatic enterprise-wide threat scoring to immediately tag the most serious wireless vulnerabilities. This scoring and impact-analysis system enables IT staff to quickly see the most serious security and performance issues, track important users or devices, track daily changes in overall security posture, and view in-depth policy and compliance reports.