AirTight Networks hopes to tighten its grip on wireless security threats with new location-based policy management controls built into the latest version of its SpectraGuard product.
Built from the ground up to support managed services for a large geographically dispersed installation, SpectraGuard Enterprise 5.5 is designed to simplify security and administration of a distributed WLAN (wireless LAN ) deployment, according to AirTight documents. Regional administration enables users to set localized policy definition and supports different policies for each office location. Administrators can create a set of granular, customizable policies localized on a site by site, region by region or even floor by floor basis and have control over those policies, officials said.
“SpectraGuard 5.5 can also define security policies such as encryption settings…for legitimate SSIDs [service set identifiers] in your organization, define legitimate networks assigned to SSIDs, and enforce location based policies for granular control for each of your regions/locations,” said Mike Baglietto director of product marketing at AirTight, based in Mountain View, Calif.
Access points classified as Guest Access Points are treated differently, so that clients associating to these Access Points do not accidentally gain access to the corporate network, he added.
SpectraGuard Enterprise 5.5 improves integration with Cisco WLAN Controller, allowing the software to automatically synchronize the device inventory of managed access points and clients so it can automatically classify and detect managed authorized and unauthorized devices. Additionally, SpectraGuard 5.5 can utilize the customers existing Cisco access points as RF (radio frequency) data sources for pinpointing the location of wireless threats.
“Accurate RF fingerprinting is important for accurate and automated threat detection, classification and prevention,” Baglietto said. “Fingerprinting allows SpectraGuard to identify and differentiate the various wireless devices and how they are behaving in the air in order to trigger specific events based on the device or threat level.”
The majority of rogue APs found in the enterprise are consumer grade APs including Router (Network Address Translation) APs, Turbo/Super G APs, and DRAFT 802.11n and Pre-802.11n APs, Baglietto continued. 802.11n devices provide better range and throughput and therefore pose a higher risk to the business if not secure, he explained.
“SpectraGuard absorbs the packets over the air and uses the 802.11 frames to identify 802.11n devices in order to highlight an elevated level of threat for any identified 11n rogue APs,” he said, adding the AirTight sensors can now identify 802.11n Access Points operating in mixed mode and Turbo Mode Access Points in the network.
The product also includes WEPGuard, the companys answer to blocking and locating active WEP (Wired Equivalent Privacy) cracking attacks. WEPGuard uses traffic patterns to determine and report an organizations risk, and actively disables malicious activity used to capture the WEP traffic and MAC spoofing attacks used to take advantage of exploited keys, Baglietto said.
The product will be generally available starting Oct. 15. Existing customers with a valid support contract or under warranty will receive the upgrade for free, while new customers can purchase a Starter Kit – a SpectraGuard Enterprise 5.5 server and two sensors – starting at $9,995.
An upgrade license price of $4,995 is required for the SpectraGuard Enterprise server to enable location based policy management features, company officials said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
