AirTight Security and Performance Monitoring

Cloud-Managed WiFi Wireless LAN Intrusion Detection and Prevention with Comprehensive WLAN and User Performance Metrics

Buy AirTight through Connect802
to Take Advantage of our Wi-Fi Design and Consulting Experience

• Each AirTight SpectraGuard sensor will monitor and protect an area roughly equal to that covered by between four and six 802.11 access points
• The SpectraGuard wireless intrusion protection system (WIPS) monitoring sensors are centrally managed across the Internet using the AirTight cloud-based management, reporting and control system
• The AirTight on-line system provides complete compilation and reporting of network performance statistics including email, text message (SMS) and syslog event notification
• All access points and client WiFi devices visible in the protected area are classified and either allowed or actively blocked by the AirTight SpectraGuard sensor (this is referred to as "active countermeasures" as opposed to simply reporting the existence of rogue access points or unauthorized client devices.)

Comprehensive Wireless LAN Performance Statistics and Automatic Reporting

Organizations increasingly rely on wireless LANs to support business-critical applications and enable corporate mobility. Maximizing uptime and managing for optimum performance of the wireless infrastructure is critical.

AirTight Network’s proactive WLAN performance management and troubleshooting solution is unique allowing network administrators to plan, monitor, analyze and troubleshoot the network to understand potential wireless problems such as coverage holes, RF interference, inefficient use of bandwidth, poor throughput, poor QoS for VoWiFi and sub-optimal 802.11n operation to name a few. An overlay of wireless scanners continuously monitors the airspace; centralized correlation of wireless and wired traffic allows accurate diagnosis of performance anomalies.

Instead of reacting to end-user complaints and performance problems after they have impacted business operation, administrators can take proactive measures to prevent problems. Remote troubleshooting allows administrators to quickly deconstruct problematic symptoms into causes and resolve them. With SpectraGuard you can obtain real-time network audits to assist in performance troubleshooting while monitoring the overall health of the wireless LAN.

Performance monitoring features include:

• Interactive Dashboard
• Live RF coverage heat maps
• Configurable alerts (Bandwidth, Configuration, RF Coverage, Interference)
• Compliance reports for Sarbanes-Oxley, HPAA, Gramm-Leach-Bliely, PCI and DoD 8200.2
• Summary of performance related issues, list of latest performance issues
• Event charts, trends, analysis (Bandwidth, configuration, coverage, RF interference)
• Top locations with performance problems (for multiple buildings or sites)
• Best/worst performing devices and access points
• Average data rate
• Average traffic volume
• Capacity/bandwidth utilization
• Number of associations per AP
• Frame fragmentation
• CRC Errors
• High utilization alert
• Low average data rate alert
• Excessive client associations to a single AP
• 802.11 configuration parameter assessment
• Unexpected drop in signal strength of authorized AP
• Excessive 802.11 Probe Requests from authorized client
• High levels of non-WiFi interference
• Crowding of APs or clients on a single channel
• Interference with Authorized AP
• RF Audit Report
• Bandwidth Audit Report
• Configuration Audit Report
• Trend analysis reports
• Scheduled eMail report delivery

SpectraGuard Enterprise can also alert administrators of wireless LAN performance problems before they impact end users. It classifies performance issues into various categories such as configuration (e.g., incorrect channel allocation, sub-optimal 802.11n protocol settings), bandwidth (e.g., poor utilization, low average data rate, excessive overhead), and RF (e.g., non Wi-Fi interference, channel crowding). Remote troubleshooting including remote “live packet capture” from a central console allows network administrators to resolve problems at remote sites quickly without sending IT staff to those locations.

Unauthorized Access Point Detection and Blocking

Unlike conventional rogue access point identification systems ("Wireless Intrusion Detection"; WIDS) that simply identify the presence of access points that aren't part of your controlled network, AirTight SpectraGuard classifies and can block these unauthorized devices. SpectraGuard automatically identifies access points that are connected to your wired Ethernet and differentiates them from access points that are simply visible "in the air". You immediately know whether someone has plugged an unauthorized AP into your wired LAN (a "rogue" AP) or if an access point is offering connections to users but it's not connected to your wired LAN. In both cases the access point is classified and automatically handled in compliance with your security policies.

Location Tracking for All Clients and Access Points

SpectraGuard can pinpoint the physical location of a vulnerable or threat-posing device allowing
security administrators to track down and physically remove the device in question. SpectraGuard can also pinpoint the location of a client device, particularly those that are reported as having exceeded an alert threshold. It can provide both real-time and historical location details for a device. AirTight’s self-calibrating sensors enable accurate location tracking without the need to conduct a lengthy and time-consuming "training" survey for the system.

The SpectraGuard WIPS Security Perimeter

The creation of a wireless security perimeter around your network combines accurate device classification with specific access policies that are enforced within a defined range. One common application of the WIPS Security Perimeter is to block all WiFi inside your building that is not authenticating to your authorized WLAN. This prevents the use of cellular WiFi hotspots or connection to external wireless LANS (2WIRE, Starbucks next door, etc.). Any WiFi device (both access point or mobile WiFi user) that is unauthorized or in violation of usage policies is quarantined and blocked from making any type of WiFi connection.

The Wireless Intrusion Protection System provides identification and mitigation for:

• Rogue Access Point Identification and Blocking
• BYOD Policy Enforcement
• External Access Points and Users (Including Ad Hoc User Devices)
• Phishing, Honeypot's, MAC Spoofing Attacks
• Password Cracking Exploits, Denial of Service Attacks
• Automated quarantine and remediation (including wireless blocking)

Wireless LAN Forensics

Forensics deals with the capture, recording and analysis of wireless network events to discover information about the source of security attacks and performance issues. AirTight SpectraGuard allows highly granular "drill down" from general statistics and alert logs to the devices and access points involved to the details of each device's behavior on the WLAN. You can isolate and describe security and performance issues and you can implement active countermeasures to block wireless connectivity for those devices that you either select or which are automatically selected based on your policy and threshold criteria.

Regulatory Compliance Monitoring

If you are a merchant accepting credit cards and you have a wireless network at your site (whether or not its part of your credit card processing system) the WLAN must be in compliance with PCI Security Council standards. If you use electronic health and patient records your wireless network must be HIPAA-compliant and if you're in the corporate sector the SOX or GLBA regulations apply to your wireless LAN. AirTight provides automatic compliance reporting that is designed to expose any areas of concern within the regulatory realm in which you operate. These reports can be scheduled for automatic, periodic generation with delivery via email. In addition, if you identify a situation that is non-compliant you have the capability of actively blocking the unauthorized or non-compliant devices and eliminating them from the equation.