AirMagnet 1.2 Reveals WLAN Trouble Spots
AirMagnet 1.2 Reveals WLAN Trouble Spots
.2 Reveals WLAN Trouble Spots">
AirMagnet Inc.s AirMagnet Sniffer works right, right out of the boxmuch to its credit and to network administrators advantage and earning it an eWeek Labs Analysts Choice award.
eWeek Labs ran the AirMagnet Version 1.2 protocol analyzer on a device that represents new territory for this genre of producta handheld computer, namely a Compaq Computer Corp. iPaq. AirMagnet provided "just-the-facts" details about 802.11b traffic it detectedno protocol decodes but 802.11b traffic statistics that are essential to performing wireless network security audits and site surveys.
AirMagnet, which started shipping last month (at the same time the company announced it was going into business), costs $2,495 for detection software and an 802.11b card (in our case, a Proxim Inc. Harmony card). The handheld device is not included in this price.
The AirMagnet system is not cheap, and IT buyers would be wise to question whether a company this new will be around to support its wares in the future. While AirMagnet is just getting started as a company, however, its founders and designers are all industry pros that developed solid products we tested years ago, including NetXRay from Cinco Networks Inc., which was purchased by Network Associates Inc.
Well go out on a limb and say that the simplicity and elegance of the product make it worth the cost and that the caliber of the companys founders and product developers should ease buyers minds about future support.
Buyers should also bear in mind, however, that Network Associates is slated this week at NetWorld+Interop to announce a handheld version of its Sniffer product line, called Sniffer Pocket.
With other wireless sniffers weve tested, we had to set up filters, start and stop captures, wade through piles of documentation, and drag a power-hungry laptop with an even more power-hungry wireless card around the office to get our traffic samples.
With AirMagnet, in contrast, we simply loaded the software, recognized the card, turned the system on and started sensing traffic.
AirMagnet automatically scanned all the frequencies available in 802.11b and consistently pointed out which channels had real traffic, as opposed to those channels that were carrying spillover radio signals.
AirMagnet is not a protocol analyzer in the sense that it can decode TCP/IP application traffic. But thats OK because front-line technicians performing site surveys and network managers doing security audits dont need Layer 3 and 7 information to perform quick checks.
That said, we could use AirMagnet to do simple Layer 3 trouble-shooting. For example, we were able to select our access point from among many in our Foster City, Calif., test lab and send a ping over it to make sure it was communicating with the wired network.
We were also able to use AirMagnet as a type of rogue access point locator. The coolness factor went up almost immeasurably as we used the AirMagnet-loaded iPaq in full "tricorder" mode to zero in on unauthorized access points. It almost goes without saying that this is the same way that IT managers conducting a site survey can determine where to place access points for the best coverage before installing end-user stations.
The AirMagnet is a good security tool for ferreting out rogue access points but should also serve as a reminder to network administrators about the vulnerability of wireless networks.
AirMagnet, unlike the very able shareware utility NetStumbler (available from www.netstumbler.com), operates in a completely stealth mode and only "listens" for packets.
Malicious users of the product couldnt do much more than discover the existence of a wireless LAN and the location of access points, but the malicious person could do so without network administrators ever knowing.
The only exception we found to this was when we used AirMagnet to generate traffic to test the performance of an access point during a site survey. Here, AirMagnet had to associate with the access point and send traffic, which was then detectable.
Senior Analyst Cameron Sturdevant can be contacted at firstname.lastname@example.org.
AirMagnet 1.2 is a no-frills wireless sniffer for the Pocket PC platform from startup AirMagnet. The sniffer is easy to use right out of the box, and in eWeek Labs tests the system provided consistently accurate information about WLAN traffic. AirMagnet is a great choice for network managers who need to perform wireless site surveys and ongoing wireless security audits.
The AirMagnet 1.2 costs $2,495 (plus the cost of a handheld device), which puts it in the ballpark of other wireless network utilities but without all their bells and whistles. However, what AirMagnet lacks in decode and analysis features, it has in usability and performance.
+ 802.11b scouting and trouble-shooting is neatly presented and quickly started; handheld form factor is perfect for mobile trouble-shooting.
- Expensive relative to full-featured sniffers.
EVALUATION SHORT LIST
- Netstumbler.coms NetStumbler
- Network Instruments Observer 8.1
- WildPackets AiroPeek
- Network Associates Sniffer Wireless