Vendor finds new use for Cisco APs

By Eric B. Parizo, News Editor 11 Jul 2005 | SearchNetworking.com

News on networking, mobility and voice Digg This!     StumbleUpon     Del.icio.us

AirMagnet Inc. is hoping new interoperability with Cisco access points will be a key selling point for its updated Wi-Fi security product.

Tomorrow the Sunnyvale, Calif.-based vendor will roll out version 6.0 of its wireless LAN intrusion detection and prevention offering, AirMagnet Enterprise.

The product combines software with radio-frequency sensors to detect and thwart threats to 802.11a/b/g networks. It's a third-party product for companies using Wi-Fi hardware from Cisco, Trapeze Networks, Aruba Wireless Networks and others.

Highlighting the release is the new integration with Cisco products. AirMagnet Enterprise can now exchange information with Cisco's Wireless LAN Solution Engine (WLSE), which manages Cisco Wi-Fi gear.

Cisco opens up

Rich Mironov, AirMagnet's vice president of marketing, said not only does that integration enable customers to use Cisco APs as dedicated AirMagnet scanners, it also allows them to import Cisco access control lists so that WLSE-managed devices are automatically considered trusted devices.

"Cisco finally opened up an API to let us do that [integration]," Mironov. "There are some customers that want all Cisco hardware instead of our gear, and that's fine with us."

William Terrill, senior analyst with Midvale, Utah-based research firm Burton Group, said AirMagnet has made a good decision by moving toward a software-centric product that incorporates hardware from various vendors, including Colubris Networks and Xirrus Inc.

"You're not going to convince a lot of companies to implement third-party scanners from a small vendor, not when they're spending thousands of dollars or more on access points," Terrill said. "Now when a user buys access points, they just need to buy a few more to use as scanners."

Other new features include integrated compliance reporting tools, simultaneous threat blocking and scanning, easier-to-deploy sensors that don't require preconfiguration, and "zero-day" alarms that spot unusual threat patterns that may not yet be associated with a known virus signature or exploit.

Staying dry during a 'phlood'

Perhaps AirMagnet Enterprise 6.0's most unique feature is a defense mechanism for a budding type of Wi-Fi attack that AirMagnet refers to as "phlooding."

Phlooding, Mironov said, is an attempt to overwhelm a central authentication or Lightweight Directory Access Protocol (LDAP) server with invalid logon requests, preventing legitimate users from logging onto the wireless network.

"If I had people in five cities doing this, that central login server gets incredibly busy," Mironov said. "In effect it becomes a denial-of-service attack against logging into the system."

Mironov added that while phlooding is not a common Wi-Fi attack method today, data from his company's product analysis efforts suggests that it's becoming more common. He added, "One of our developers wrote about it in a thesis three years ago, but we didn't have any reason to believe it existed until now."

Terrill said phlooding could only affect enterprises lacking multiple access servers. "For true enterprise access, you have to have redundancy," he said, "or you don't worry about it because it's not critical."

For more information Check out our Topic on wireless network security. Learn how signal strength can limit Wi-Fi security. Read more articles written by News Editor Eric B. Parizo.

An extra level of security

Beginning tomorrow, AirMagnet Enterprise will be available starting at $8,995. That starting price includes server and console software, integrated reporter and four AirMagnet sensors. Licenses for interoperability with Cisco gear come with an additional fee.

Overall, Terrill said AirMagnet has made a name for itself -- along with Fortress Technologies -- as one of the top companies for enterprise Wi-Fi security. Plus its software isn't as awkward as similar security systems from Cisco and other hardware vendors.

Plus, he said, using third-party Wi-Fi security adds an extra level of security.

"If you use one vendor's equipment and another's security," Terrill said, "hackers don't have just one point of entry."

Tags: Network Security Monitoring and Analysis,  WLAN Security,  Troubleshooting Wireless Networks,  Wireless Network Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Application-specific network intrusion detection systems emerge Anomaly-based intrusion protection configuration and installation How can I calculate perimeter firewall throughput? How do I find the application on my network that's dropping packets? Integrating NAC with network security tools Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? WLAN Security Where can I find a wire driver that unblocks recognized passwords? Will using a VPN protect me against fake wireless hotspots? Fluke gets WLAN design, management, security cred with AirMagnet Is WPA2 secure enough for a commercial business wireless network? Health center cut cost securing wireless network edge with Aerohive Wi-Fi RTLS for WLAN management, location-based security, asset tracking Wireless LAN performance management and security standards beefed up How can I hide my WLAN's SSID in an Aruba AP-61? Wireless LAN security: SonicWall joins crowded WLAN market Stolen laptop recovery using remote access and wireless network SSIDs Troubleshooting Wireless Networks University tackles large-scale 802.11n wireless network management Why is my network adapter not working after a Vista Business upgrade? Meru reinvents wireless LAN troubleshooting and management APs drop connection in WLAN configured as a wireless mesh network How to plan for 802.11n wireless LAN upgrades Vendors strive to automate wireless LAN troubleshooting and management Fluke gets WLAN design, management, security cred with AirMagnet Wi-Fi RTLS for WLAN management, location-based security, asset tracking How radio frequency (RF) of microwaves alter wireless signal strength Distributed antenna systems and WLAN: A network management burden Troubleshooting Wireless Networks Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary