By Andrew Garcia  |  Posted 2004-11-01 Print this article Print

The latest version of AirMagnets Enterprise solution (formerly known as AirMagnet Distributed) marks AirMagnets first foray into location prediction and also greatly enhances the products ability to block rogue devices both on the wired and wireless side of the network.

Although the overall product is excellent, with rich wireless IDS features, the location-tracking capabilities have lots of room for improvement.

To read more about wireless intrusion detection systems, click here.
Pricing for Enterprise 5.0, which started shipping last month, starts at $8,895 for the server software, reporting software and four sensors. Additional sensors are available for $750 apiece.

With Version 5.0, AirMagnet added an IDS/Rogue sensor page to the central console, where administrators can get a list of rogue devices, predict device locations on a floor plan or confirm whether rogues are actually connected to the physical network.

Version 5.0 also offers wireless and wired-side blocking of rogue access points that can be manually initiated or automated through a configured policy—although automated blocking on the wireless side should be performed with extreme caution, given the deleterious effect that this can have on the radio environment.

We especially liked the wired-side blocking routines, which use SNMP to disable to the switch port to which the rogue is connected on the corporate network. Enterprise 5.0 easily identified the D-Link Systems Inc. rogue access point we connected to our network, enumerated the correct port of our Hewlett-Packard Co. ProCurve switch to which the access point was attached and disabled the port.

Click here to read about how CBK, a wholesaler of home accents, is using AirMagnets overlay product to detect unauthorized intrusions and shut down rogue access points. Based on triangulated readings, we found Enterprise 5.0s location-tracking predictions only satisfactory. As shown in the bottom screen, the predicted location differed from the actual location by more than 30 feet but did fall within the margin-of-error ratio. We liked the way the predictions automatically updated as we placed known devices, such as sensors and corporate access points, on the map.

However, Enterprise 5.0 can depict only one rogue device at a time on the floor plan, requiring administrators to scroll though a list of devices to see each one individually. AirMagnet officials said the company will add functionality that allows administrators to predict multiple devices at the same time with a patch that will be available in the near future.

Click here to read Labs review of Newbury Networks WiFi Watchdog. Technical Analyst Andrew Garcia can be reached at andrew_garcia@ziffdavis.com.

Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing.

Be sure to add our eWEEK.com mobile and wireless news feed to your RSS newsreader or My Yahoo page

Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at agarcia@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel