The latest version of AirMagnets Enterprise solution (formerly known as AirMagnet Distributed) marks AirMagnets first foray into location prediction and also greatly enhances the products ability to block rogue devices both on the wired and wireless side of the network. Although the overall product is excellent, with rich wireless IDS features, the location-tracking capabilities have lots of room for improvement.Pricing for Enterprise 5.0, which started shipping last month, starts at $8,895 for the server software, reporting software and four sensors. Additional sensors are available for $750 apiece. With Version 5.0, AirMagnet added an IDS/Rogue sensor page to the central console, where administrators can get a list of rogue devices, predict device locations on a floor plan or confirm whether rogues are actually connected to the physical network. Version 5.0 also offers wireless and wired-side blocking of rogue access points that can be manually initiated or automated through a configured policyalthough automated blocking on the wireless side should be performed with extreme caution, given the deleterious effect that this can have on the radio environment. We especially liked the wired-side blocking routines, which use SNMP to disable to the switch port to which the rogue is connected on the corporate network. Enterprise 5.0 easily identified the D-Link Systems Inc. rogue access point we connected to our network, enumerated the correct port of our Hewlett-Packard Co. ProCurve switch to which the access point was attached and disabled the port. Click here to read about how CBK, a wholesaler of home accents, is using AirMagnets overlay product to detect unauthorized intrusions and shut down rogue access points. Based on triangulated readings, we found Enterprise 5.0s location-tracking predictions only satisfactory. As shown in the bottom screen, the predicted location differed from the actual location by more than 30 feet but did fall within the margin-of-error ratio. We liked the way the predictions automatically updated as we placed known devices, such as sensors and corporate access points, on the map. However, Enterprise 5.0 can depict only one rogue device at a time on the floor plan, requiring administrators to scroll though a list of devices to see each one individually. AirMagnet officials said the company will add functionality that allows administrators to predict multiple devices at the same time with a patch that will be available in the near future. Click here to read Labs review of Newbury Networks WiFi Watchdog. Technical Analyst Andrew Garcia can be reached at firstname.lastname@example.org. Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing.
To read more about wireless intrusion detection systems, click here.