SlideShare uma empresa Scribd logo

Wns rogues wp_1011_v3

Advantec Distribution
Advantec Distribution
TecnologiaNegócios
1 de 12
Baixar para ler offline
white paper october 2011 TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Tired of Rogues? Solutions for Detecting and Eliminating Rogue Wireless Networks This paper provides an overview of the different types of rogue wireless devices, risks faced by enterprises due to their proliferation and multiple approaches to detecting and mitigating them. The Motorola AirDefense solution allows enterprises to effectively detect and eliminate all types of rogues. PAGE 2
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Experts and industry analysts agree that given the proliferation of WLANs, there is a very high probability of unauthorized WLAN devices showing up on an enterprise’s network. Any unauthorized wireless device that connects to an enterprise’s authorized network or device is defined as a rogue wireless device. Rogue wireless devices pose one of the greatest risks to an enterprise’s network security. Figure 1 shows typical rogue device scenarios that compromise contemporary wired and wireless networks, circumventing traditional security mechanisms such as firewalls and perimeter protection. Figure 1 – Rogue devices compromise traditional wired and wireless security PAGE 3
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 1. Evolution of Rogue WLANs Just as employees first brought personal computers to the The Real Rogue Threat: office in the 1980s for their many benefits, employees are Wireless Stations & Not APs installing their own WLANs to corporate networks when WLANs are comprised of APs that are attached to IT departments are slow to adopt the new technology. the enterprise network and WLAN access cards for According to Gartner, enterprises that have not deployed laptops, hand-held devices, and desktop computers. Both wireless are at a higher risk of exposure from rogue unauthorized APs and unauthorized activity from WLAN wireless devices. access cards can pose significant security risks. As more and more confidential information is locally stored Even enterprises that are deploying wireless must tackle on mobile laptops equipped with WLAN access, these the problem of rogue WLANs from employees who do not become the weakest link in the security infrastructure. have wireless access, contractors, auditors, vendors, etc., Wireless laptops often run supplicants designed to who bring in their own equipment while operating within effortlessly connect to available wireless networks making the office, or potential espionage traps. them vulnerable to wireless attacks. Rogue Access Points Devices with Built-in WLAN Access Rogue WLANs most commonly refer to rogue Access Major computer vendors are selling almost all laptops Points (AP) that when attached to the corporate network with built-in WLAN access cards. A rogue WLAN has broadcast a network connection. A rogue AP is any AP traditionally been thought of as a physical AP unsanctioned unsanctioned by network administrators and connected to by network administrators. Today rogue WLANs are further the wired network. Most rogue APs are improperly secured defined as laptops, handhelds with wireless cards, barcode with default configurations that are designed to function scanners, printers, copiers or any WLAN device. These right out of the box with no security features turned on. devices have little to no security built in making it easy Employees or even business units seeking to enhance for intruders to find an entry point. Increasingly, we are their productivity deploy rogue APs innocently without seeing ad-hoc networks in new networked devices such as comprehending overall security risks. unnoticed, and can be printers, projectors, gaming consoles, etc. A simple located anywhere. printer with an open, unauthenticated, peer to peer adhoc wireless network (typically present for ease of use, troubleshooting, etc.) can provide a bridge to the wired- side network to which it is connected making them vulnerable to wireless attacks. PAGE 4
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Virtual Wi-Fi Accidental and Windows 7 has added the ability to create a Virtual Access Malicious Associations Point that shares the wireless interface. Virtual Wi-Fi Accidental associations are created when a neighboring is not an adhoc network, but an actual virtual access AP across the street or on adjacent floors of a building point that behaves, lives, and breathes like an actual bleeds over into another organization’s airspace triggering Access Point. This allows the user to share their network its wireless devices to connect. Once those devices connection with others. Wireless networks may use connect with the neighboring network, the neighbor has authentication and encryption, BUT the user can share that access back into the organization. Accidental associations connection with others, allowing those users to connect between a station and a neighboring WLAN are recognized to the corporate network with weaker authentication & as a security concern. encryption. There are applications available (some free) that enable this functionality or users can simply type a A malicious association is when a company laptop is couple of commands. This new form of rogue needs to be induced to connect with a malicious device such as addressed in every Enterprise using Windows 7. a Soft AP or laptop. The scenario also exists when a malicious laptop connects with a sanctioned AP. Once the Stealth Rogue Devices association has been made the hacker can use the wireless Several new and sneaky rogue WLAN devices are device as a launch pad to attack servers and other systems constantly being exposed. Examples include rogue APs on the corporate network. that look like power adapters plugged into a wall jack. These devices have a WLAN AP built in and use power-line Ad-Hoc Networks communications as the wired-side link! Such a device Similar to rogue APs, ad-hoc wireless networks represent will never be detected by wired-side network scanners. another major concern for WLAN security because they Nevertheless, it can be within the enterprise perimeter can put a network at risk without security managers ever luring unsuspecting corporate users to connect wirelessly seeing the vulnerability. WLAN cards enable peer-to-peer and reveal confidential information to a hacker well networking between laptops without an AP. These ad- outside the perimeter. Other examples include stealth hoc networks can allow an authorized user to transfer rogue APs that are completely silent until they hear a private corporate documents and intellectual property special “knocking” sequence over the air, upon which they to unauthorized users without going over the corporate wake up, communicate and go back to silent mode. Yet network. While WLAN cards operate in ad-hoc mode, another stealthy rogue uses the AP’s scheduling system the user must be able to trust all stations within range to turn off the radio until a predetermined time when the because ad-hoc networks offer little or no authentication attacker returns. Once back on the rogue, they schedule management. A hacker’s station could directly connect to the next appointment and turns off the radio. It remains an authorized user, access local information and potentially off until their return. These rogues cannot be detected by gain access to the rest of the wired network if the user occasional walk-around tests with handheld sniffers. They happens to be connected to the wired network as well. require, 24x7 “always on”, monitoring of the airspace. PAGE 5
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 2. What is at Risk? Because WLANs operate in an uncontrolled medium, are • Financial data, leading to financial loss transient in the way they connect, and come with insecure • Reputation, damaging the efforts spent default configurations, they provide an easy open door to building the brand the wired network and wireless access devices. Insecure • Proprietary information, leaking trade wireless networks can easily be sniffed acting as a launch secrets or patents pad to the wired network and an organization’s corporate • Regulatory information, foregoing customer backbone. Once accessed an insecured WLAN can privacy or ignoring government mandates compromise: • Legal or regulatory ramifications • Wired infrastructure such as switches and routers 3. Requirements to Detect Rogue WLANs In confronting the issue of rogue WLAN detection, a user Scalable and Cost Effective must consider the functional requirements and return on for the Enterprise investment of the solution. IT security managers should Rogue detection must scale to fit the specific needs of an evaluate various approaches based upon technical enterprise. Some piece-meal solutions work for smaller requirements, enterprise scalability, cost, and ability to organizations but do not scale for large enterprises with cover the future needs of network security. dozens or hundreds of locations around the globe. Large enterprises require a cost-effective solution that can Functional Requirements be centrally managed. In determining the cost of rogue A comprehensive solution to detect rogue WLANs must detection, IT security managers must consider the initial detect all WLAN hardware and activity that includes: costs of the solution and additional costs needed for on- • Detection of all rogue devices and associations going support. • Ability to classify and clearly distinguish rogues on the network from unauthorized wireless devices Future Proof sharing the airspace Rogue detection should scale to meet the future needs • Detailed forensic analysis of rogue devices of enterprise network security. An organization that bans and associations, and data transmitted all WLANs today is likely to move ahead with a pilot • Assessment of threat from a rogue device based deployment in the next year. At this time, an enterprise on present and past behavior with limited WLANs must maintain its rogue detection • Physical and network location of rogue devices for unauthorized areas and secure the pilot WLAN from • Termination of rogue devices using wired and accidental associations and ad-hoc networks. As WLANs wireless mechanisms are deployed throughout an enterprise, rogue detection must be complemented with 24x7 monitoring and intrusion detection. Other value added benefits that can be leveraged such as performance and network health monitoring should also be considered in the decision process. PAGE 6
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 4. Techniques to Detect Rogue WLANs Once an organization decides on a policy that bans WLANs However, SNMP polling of wired switches can reveal completely or more precisely prohibits employees from MAC addresses of wireless devices connected to them. deploying their own networks, the organization must Intelligent analysis of this information with correlation of decide how to enforce that policy across the enterprise. wireless information can be used for This section outlines several approaches that have been rogue detection. used to detect rogue WLANs and their strengths and weaknesses. 3. Wired-side Network Scanners 1.) Wired-side Intrusion Detection System Wired-side network scanners work similar to SNMP 2.) Wired-side SNMP Polling polling to identify IP devices attached the network and key 3.) Wired-side Network Scanners characteristics of those devices, such as MAC addresses 4.) Wireless Scanners and Sniffers and open ports. Rather than the SNMP protocol, scanners 5.) Wired-side Traffic Injection typically use TCP fingerprints to identify various types of 6.) Wireless Traffic Injection devices. 7.) AirDefense 24x7 Centralized Wired and Wireless Monitoring Network scans can also be extremely intrusive and they require that an IT security manager have access to all the 1. Wired-side Intrusion IP devices on the network and know all IP addresses. To Detection System locate every rogue AP, a scan would have to be performed Wired-side intrusion detection system (IDS) offers virtually on the entire network, which would cause personal no ability to detect rogue WLANs but can be useful in a firewall alerts and multiple alarms from network intrusion limited capacity. While intruders entering the network detection systems. Traditional wired-side network through a rogue WLAN appear mostly as authorized users, scanners are not an effective solution for enterprise rogue a wired-side IDS may alert IT security managers when the WLAN detection because wired-side scanners intruder tests wired-side security measures. A wired-side • Require an accurate database of all IP devices IDS fails as an effective approach to detecting rogue • Are limited to subnets unless routers are reconfigured WLANs because it cannot identify APs attached to the • Produce multiple false positives from network IDS and wired network, virtual Wi-Fi, accidental associations and personal firewalls ad-hoc networks. These are typically below the radar for • Cannot detect virtual Wi-Fi, accidental associations, wired IDS. or ad-hoc networks. 2. Wired-side SNMP Polling 4. Wireless Scanners and Sniffers Simple Network Management Protocol (SNMP) polling Wireless sniffers and scanners differ greatly from wired- can be used to query information from IP devices attached side tools because wireless sniffers and scanners capture to the wired network, such as routers, stations, and and analyze WLAN packets from the air. By monitoring authorized APs. This process requires that the IT security the airwaves for all WLAN activity, wireless sniffers and manager conducting the SNMP poll to know the IP address scanners detect most APs and active wireless stations of all devices being polled, which must also be configured within range. They also can provide detailed information to enable SNMP. For these reasons, SNMP polling by itself about the configuration and security employed by each is not an effective approach to detecting rogue WLANs. device. The IT security manager is not likely to know the IP address of the rogue AP, and the rogue AP is not likely to have Both sniffers and scanners are limited by their need SNMP enabled. In addition, an SNMP poll against an for a network administrator to physically walk the area authorized station operating as with virtual Wi-Fi enabled with a laptop or hand-held device running the sniffer or would not detect any WLAN activity. SNMP polling scanner application. A research brief from META Group also would not detect accidental associations or ad-hoc questioned the viability of wireless sniffers and scanners networking between stations. for enterprise security. PAGE 7
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks While this process requires the physical presence and 5. Wired-side Traffic Injection “WIDS must valuable time of a network manager, the effectiveness is Some vendors have used dedicated wired-side devices to continuously scan for limited because it only samples the airwaves for threats inject special broadcast frames over the wired network at any given time. New rogue APs and other vulnerabilities and detect authorized segment. These broadcast frames are then transmitted can arise after a scan and will not be detected until the over the air by any wireless APs present on the same and unauthorized next time a network administrator surveys the network. In network segment. By detecting these frames over the air, activities. Continuous addition, since handheld sniffers do not have wired-side using wireless sniffers, and analyzing the transmitter’s scanning is 24 hours/ information, determining a rogue is typically done by MAC address, the user is able to determine if any day, 7 days/week.” walking right up to it and making sure it is connected to the unauthorized APs are connected to that network segment. wired network. Stealth rogue devices might go undetected The primary drawback of this method is that it requires Gartner as would transient station associations. a wired traffic injector in every network segment. This might make it infeasible with multiple VLANs. In addition, This approach is particularly unreasonable for enterprises this method fails to detect any rogue APs that have built operating dozens of offices around the country or retailers in routers. Routers will separate broadcast domains and with hundreds of stores. Even if these organizations could the special wired broadcast frame will not be transmitted feasibly devote a network administrator’s full attention over the air. Since most common consumer APs that end to survey each site on a monthly basis, rogue APs and up as rogues have built in routers, this method is not very other vulnerabilities can pop up the minute the survey is effective. Further, this technique provides zero client side completed. rogue detection function. Smaller organizations operating in a single location without 6. Wireless Traffic Injection potential for growth may find sniffers and scanners to This method is similar to wired traffic injection except it be their most cost-effective solution if the organization relies on a wireless device to inject a special frame over is willing to accept the threat of rogue WLANs popping the air. If a sniffer sees an unauthorized AP, it tries to up between network audits. The vast limitations of connect to it wirelessly and subsequently inject a frame physical site surveys and the demands for personnel that can be traced on the wired-side by a server or by time, limit the effectiveness of sniffers and scanners for another sniffer connected on the wired-side. large enterprises. Sniffers and scanners are simply not cost-effective for an enterprise with multiple locations While this technique works with rogue APs that have built or sensitive information that cannot risk rogue networks in routers, it fails if the rogue AP has security enabled. If operating between security audits. In addition, IT security security is enabled, the sniffer will not be able to connect administrators would find this decentralized approach with the device. Further, this technique exposes the extremely difficult to manage and collect information for wireless IPS system by forcing it to transmit frames over multiple locations. the air in an effort to detect rogues. PAGE 8
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 7. AirDefense 24x7 Centralized and a central security station analyzes the incoming video Wired and Wireless Monitoring for security risks. The video cameras reduce the need for Enterprise rogue WLAN detection requires a scalable costly security guards to walk through the building just as solution that combines the centralized management of the remote sensors of the AirDefense Services Platform wired-side scanners and radio frequency analysis of replace the need for handheld manual wireless scanners. wireless scanners. The AirDefense Services Platform provides this comprehensive solution with an innovative The server appliance also maintains a detailed minute-by- approach to WLAN security that includes a distributed minute forensic database of every wireless device in the architecture of remote sensors to monitor the airwaves airspace. By intelligently correlating real-time wireless for all WLAN activity and report to a centrally managed information and wired-side data with historical behavior, server appliance. The remote sensors are equivalent to the Motorola AirDefense system is able to determine and wireless scanners but add 24x7 monitoring to provide eliminate all rogues with the lowest false positive rate of 100% coverage against rogue WLANs the minute they any system available today. Table 1 compares the detection are connected to the network or enter the coverage area. performance of several techniques under different rogue This approach to rogue WLAN detection and mitigation scenarios. The AirDefense system is capable of detecting is akin to the security of physical buildings whereby video virtually any type of rogue device. cameras are deployed at key locations for 24x7 monitoring Sensor SNMP Wireless Wired Rogue Device Based Lookup Traffic Traffic AirDefense Scenarios Detection Detection Injection Injection AP Consumer AP YES YES YES YES YES Consumer AP with security YES YES NO YES YES Consumer AP/Router YES YES YES YES YES with NAT Consumer AP/Router YES YES NO YES YES with NAT & security Consumer AP/Router YES YES YES YES YES without NAT Consumer AP/Router YES YES NO YES YES without NAT & security Enterprise AP YES YES YES YES YES Enterprise AP with MBSSID YES YES YES YES YES Enterprise AP with security YES YES YES YES YES Enterprise AP with YES YES YES YES YES MBSSID & security Client Enterprise AP with YES MAYBE NO NO YES MBSSID & security Rogue Client connecting to MAYBE NO NO NO YES Authorized AP Authorized Client with YES NO NO NO YES Ad-Hoc connection Authorized Client with YES NO NO NO YES Ad-Hoc connection PAGE 9
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 5. The Motorola AirDefense Solution The centralized management and 24x7 monitoring of the Detection of All Rogue airwaves provides a scalable and cost-effective solution WLAN Devices and Activity that enables enterprise WLAN detection throughout AirDefense recognizes all WLAN devices, which include multiple locations of an organization. A few sensors are APs, WLAN user stations, virtual Wi-Fi, and specialty deployed in each location to provide comprehensive, 24x7 devices such as printers, wireless bar code scanners detection of rogue WLANs. As new offices are opened, for shipping or inventory applications, etc. AirDefense the AirDefense Services Platform easily scales to secure also identifies rogue behavior from ad-hoc or peer-to- that office with the addition of sensor(s) deployed in the peer networking between user stations and accidental new location. AirDefense provides comprehensive and associations from user stations connecting to neighboring advanced rogue management capabilities that go beyond networks. simple alerts of broadcasting APs. The functionality includes: Figure 2 – AirDefense Services Platform - Rogue Threat Analysis Figure 3 – AirDefense Services Platform - Rogue Device Information PAGE 10
White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Threat-Based Rogue Management Rogue Termination “The company Motorola AirDefense goes beyond simple detection of Motorola AirDefense not only detects all intruders and has only a small rogue devices and assesses the risk associated with an rogue devices in an enterprise’s airwaves, but allows them Cisco WLAN, but unknown device. Clearly not every unauthorized AP is a to actively protect and respond to threats manually or rogue device. In a business park, one is likely to see many automatically using predefined policies. AirDefense uses it uses Motorola unauthorized devices from neighboring buildings. Motorola multiple methods to ensure that the wireless network is AirDefense to monitor AirDefense uses patented techniques to determine if a secure and protected. WLAN activity. rogue is connected to the internal network, pinpointing (AirDefense Services those unauthorized APs that present the highest threat AirTermination Platform) lets potential. AirDefense’s advanced threat assessment Motorola AirDefense can protect against wireless network managers capabilities enable the user to focus their attention on real threats via the air by terminating the wireless connection threats and safely ignore neighboring APs. between any rogue device and an authorized device using immediately and AirDefense patented methods. remotely disable a Risk and Damage Assessment rogue device with a Motorola AirDefense tracks all rogue communication and Wired-side Port Suppression single keystroke.” provides forensic information to identify when the rogue The Port Suppression feature enables the administrator to first appeared, how much data was exchanged, and the suppress the communications port for any network device. Frederick Nwokobia, direction of traffic. With detailed analysis, AirDefense The Port Suppression feature turns off the port on the Lehman Brothers assists IT personnel assess the risk and damage from network switch through which a device is communicating. the rogue. Packet capture can also be enabled for further analysis of the rogue in a packet analyzer. Conclusion With the proliferation of rogue wireless devices and Rogue WLAN Location unauthorized wireless connections, it is imperative for To find the location of the rogue device, Motorola organizations to understand the risks caused by these AirDefense provides accurate location tracking using rogue devices and employ 24x7 real-time monitoring signal strength triangulation and fingerprinting techniques. solutions to detect, locate and disable these devices. By Location tracking enables the IT administrator to locate and utilizing patented techniques that use real-time wireless track rogue devices in real-time. Location determination and wired-side information along with historical behavior, is also available in Motorola AirDefense Mobile, a the Motorola AirDefense system is capable of detecting complementary product to the AirDefense Services and eliminating all types of rogue devices with the highest Platform, which allows administrators to locate and track accuracy and effectiveness compared to any solution down rogue devices during walk around tests. available in the market today. About Motorola AirDefense Solutions We deliver seamless connectivity that puts real-time information in customers’ hands. Our proven solutions provide the agility needed to grow business or better protect and serve the public. Working seamlessly together with world-class devices, our portfolio includes indoor WLAN, outdoor wireless mesh, and voice over WLAN solutions. Combined with powerful software for wireless network design, security, management and troubleshooting, wireless network solutions deliver trusted networking and anywhere access to organizations across the globe. Figure 4 – The AirDefense Services Platform – Rogue Device Location Tracking PAGE 11
Motorola, Inc. 1303 E. Algonquin Road Schaumburg, Illinois 60196 U.S.A motorola.com/wms MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC GO-29-118 and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola Solutions, Inc. All rights reserved. Printed in USA 10/11

Recomendados

Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Advantec Distribution
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowNetFlow Analyzer
 
Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Saravana Kumar
 
Wi Fi
Wi FiWi Fi
Wi Fivenkatesh R
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 

Recomendados

Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Advantec Distribution
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowNetFlow Analyzer
 
Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Saravana Kumar
 
Wi Fi
Wi FiWi Fi
Wi Fivenkatesh R
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principlesardexateam
 
Wireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesWireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesYogesh Kumar
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis MPhil/MRes/BSc
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIJNSA Journal
 
Public wifi
Public wifiPublic wifi
Public wifiSamuel K. Itotia
 
MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation. MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation. MetaGeek
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
 
Network Vision Software And Services
Network Vision Software And ServicesNetwork Vision Software And Services
Network Vision Software And ServicesMark Fondl
 
Wireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field StudyWireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field StudyIJNSA Journal
 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Somasundaram Jambunathan
 
Bluetooth
BluetoothBluetooth
Bluetoothaimenriyadh
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Insider (Network Tool)
Insider (Network Tool)Insider (Network Tool)
Insider (Network Tool)akki_hearts
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...IJCSIS Research Publications
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalOWASP Delhi
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfSeanHussey8
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Securing the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in LibrariesSecuring the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in LibrariesPhilippine Association of Academic/Research Librarians
 

Mais conteúdo relacionado

Mais procurados

IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principlesardexateam
 
Wireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesWireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesYogesh Kumar
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis MPhil/MRes/BSc
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIJNSA Journal
 
MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation. MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation. MetaGeek
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
 
Network Vision Software And Services
Network Vision Software And ServicesNetwork Vision Software And Services
Network Vision Software And ServicesMark Fondl
 
Wireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field StudyWireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field StudyIJNSA Journal
 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Somasundaram Jambunathan
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Insider (Network Tool)
Insider (Network Tool)Insider (Network Tool)
Insider (Network Tool)akki_hearts
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...IJCSIS Research Publications
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalOWASP Delhi
 

Mais procurados (19)

IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principles
 
Wireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesWireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+Vulnerabilities
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FIIMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
 
Public wifi
Public wifiPublic wifi
Public wifi
 
MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation. MetaGeek Chanalyzer & inSSIDer Product Explanation.
MetaGeek Chanalyzer & inSSIDer Product Explanation.
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
 
Network Vision Software And Services
Network Vision Software And ServicesNetwork Vision Software And Services
Network Vision Software And Services
 
Wireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field StudyWireless Networks Security in Jordan: A Field Study
Wireless Networks Security in Jordan: A Field Study
 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4
 
Bluetooth
BluetoothBluetooth
Bluetooth
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
Insider (Network Tool)
Insider (Network Tool)Insider (Network Tool)
Insider (Network Tool)
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan Bansal
 

Semelhante a Wns rogues wp_1011_v3

Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfSeanHussey8
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...Lindsey Landolfi
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Scienceinventy
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutionshemantchaskar
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docx
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docxART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docx
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docxfestockton
 
Wireless security report
Wireless security reportWireless security report
Wireless security reportMarynol Cahinde
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI IJNSA Journal
 

Semelhante a Wns rogues wp_1011_v3 (20)

Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
 
Securing the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in LibrariesSecuring the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in Libraries
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
 
12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_a12 wireless ips-ss_12-17-10_a
12 wireless ips-ss_12-17-10_a
 
Wireless security
Wireless securityWireless security
Wireless security
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
 
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docx
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docxART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docx
ART 315 LECTURE 11Richard Hamilton, Just What Is It Th.docx
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless security report
Wireless security reportWireless security report
Wireless security report
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
 
Wi Fi
Wi FiWi Fi
Wi Fi
 
Wireless security
Wireless securityWireless security
Wireless security
 
CEH Domain 6.pdf
CEH Domain 6.pdfCEH Domain 6.pdf
CEH Domain 6.pdf
 

Mais de Advantec Distribution

E pmp for public presentation feb 27 2015
E pmp for public presentation feb 27 2015E pmp for public presentation feb 27 2015
E pmp for public presentation feb 27 2015Advantec Distribution
 

Mais de Advantec Distribution (20)

E pmp for public presentation feb 27 2015
E pmp for public presentation feb 27 2015E pmp for public presentation feb 27 2015
E pmp for public presentation feb 27 2015
 
1 wi ng5_wlan_brochure
1 wi ng5_wlan_brochure1 wi ng5_wlan_brochure
1 wi ng5_wlan_brochure
 
Vx9000 datasheet
Vx9000 datasheetVx9000 datasheet
Vx9000 datasheet
 
Nx7500 datasheet
Nx7500 datasheetNx7500 datasheet
Nx7500 datasheet
 
Nx9500 datasheet
Nx9500 datasheetNx9500 datasheet
Nx9500 datasheet
 
Nx4500 6500 datasheet
Nx4500 6500 datasheetNx4500 6500 datasheet
Nx4500 6500 datasheet
 
Rfs7000 datasheet
Rfs7000 datasheetRfs7000 datasheet
Rfs7000 datasheet
 
Rfs6000 datasheet
Rfs6000 datasheetRfs6000 datasheet
Rfs6000 datasheet
 
Rfs4000 datasheet
Rfs4000 datasheetRfs4000 datasheet
Rfs4000 datasheet
 
Ap8200 datasheet
Ap8200 datasheetAp8200 datasheet
Ap8200 datasheet
 
Ap7181 datasheet
Ap7181 datasheetAp7181 datasheet
Ap7181 datasheet
 
Ap8222 datasheet
Ap8222 datasheetAp8222 datasheet
Ap8222 datasheet
 
Ap8163 datasheet
Ap8163 datasheetAp8163 datasheet
Ap8163 datasheet
 
Ap6562 datasheet
Ap6562 datasheetAp6562 datasheet
Ap6562 datasheet
 
Ap8122 datasheet
Ap8122 datasheetAp8122 datasheet
Ap8122 datasheet
 
Ap8132 datasheet
Ap8132 datasheetAp8132 datasheet
Ap8132 datasheet
 
Ap7532 datasheet
Ap7532 datasheetAp7532 datasheet
Ap7532 datasheet
 
Ap7502 datasheet
Ap7502 datasheetAp7502 datasheet
Ap7502 datasheet
 
Ap7131 datasheet
Ap7131 datasheetAp7131 datasheet
Ap7131 datasheet
 
Ap7522 datasheet
Ap7522 datasheetAp7522 datasheet
Ap7522 datasheet
 

Último

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Último (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

Wns rogues wp_1011_v3

  • 1. white paper october 2011 TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  • 2. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Tired of Rogues? Solutions for Detecting and Eliminating Rogue Wireless Networks This paper provides an overview of the different types of rogue wireless devices, risks faced by enterprises due to their proliferation and multiple approaches to detecting and mitigating them. The Motorola AirDefense solution allows enterprises to effectively detect and eliminate all types of rogues. PAGE 2
  • 3. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Experts and industry analysts agree that given the proliferation of WLANs, there is a very high probability of unauthorized WLAN devices showing up on an enterprise’s network. Any unauthorized wireless device that connects to an enterprise’s authorized network or device is defined as a rogue wireless device. Rogue wireless devices pose one of the greatest risks to an enterprise’s network security. Figure 1 shows typical rogue device scenarios that compromise contemporary wired and wireless networks, circumventing traditional security mechanisms such as firewalls and perimeter protection. Figure 1 – Rogue devices compromise traditional wired and wireless security PAGE 3
  • 4. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 1. Evolution of Rogue WLANs Just as employees first brought personal computers to the The Real Rogue Threat: office in the 1980s for their many benefits, employees are Wireless Stations & Not APs installing their own WLANs to corporate networks when WLANs are comprised of APs that are attached to IT departments are slow to adopt the new technology. the enterprise network and WLAN access cards for According to Gartner, enterprises that have not deployed laptops, hand-held devices, and desktop computers. Both wireless are at a higher risk of exposure from rogue unauthorized APs and unauthorized activity from WLAN wireless devices. access cards can pose significant security risks. As more and more confidential information is locally stored Even enterprises that are deploying wireless must tackle on mobile laptops equipped with WLAN access, these the problem of rogue WLANs from employees who do not become the weakest link in the security infrastructure. have wireless access, contractors, auditors, vendors, etc., Wireless laptops often run supplicants designed to who bring in their own equipment while operating within effortlessly connect to available wireless networks making the office, or potential espionage traps. them vulnerable to wireless attacks. Rogue Access Points Devices with Built-in WLAN Access Rogue WLANs most commonly refer to rogue Access Major computer vendors are selling almost all laptops Points (AP) that when attached to the corporate network with built-in WLAN access cards. A rogue WLAN has broadcast a network connection. A rogue AP is any AP traditionally been thought of as a physical AP unsanctioned unsanctioned by network administrators and connected to by network administrators. Today rogue WLANs are further the wired network. Most rogue APs are improperly secured defined as laptops, handhelds with wireless cards, barcode with default configurations that are designed to function scanners, printers, copiers or any WLAN device. These right out of the box with no security features turned on. devices have little to no security built in making it easy Employees or even business units seeking to enhance for intruders to find an entry point. Increasingly, we are their productivity deploy rogue APs innocently without seeing ad-hoc networks in new networked devices such as comprehending overall security risks. unnoticed, and can be printers, projectors, gaming consoles, etc. A simple located anywhere. printer with an open, unauthenticated, peer to peer adhoc wireless network (typically present for ease of use, troubleshooting, etc.) can provide a bridge to the wired- side network to which it is connected making them vulnerable to wireless attacks. PAGE 4
  • 5. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Virtual Wi-Fi Accidental and Windows 7 has added the ability to create a Virtual Access Malicious Associations Point that shares the wireless interface. Virtual Wi-Fi Accidental associations are created when a neighboring is not an adhoc network, but an actual virtual access AP across the street or on adjacent floors of a building point that behaves, lives, and breathes like an actual bleeds over into another organization’s airspace triggering Access Point. This allows the user to share their network its wireless devices to connect. Once those devices connection with others. Wireless networks may use connect with the neighboring network, the neighbor has authentication and encryption, BUT the user can share that access back into the organization. Accidental associations connection with others, allowing those users to connect between a station and a neighboring WLAN are recognized to the corporate network with weaker authentication & as a security concern. encryption. There are applications available (some free) that enable this functionality or users can simply type a A malicious association is when a company laptop is couple of commands. This new form of rogue needs to be induced to connect with a malicious device such as addressed in every Enterprise using Windows 7. a Soft AP or laptop. The scenario also exists when a malicious laptop connects with a sanctioned AP. Once the Stealth Rogue Devices association has been made the hacker can use the wireless Several new and sneaky rogue WLAN devices are device as a launch pad to attack servers and other systems constantly being exposed. Examples include rogue APs on the corporate network. that look like power adapters plugged into a wall jack. These devices have a WLAN AP built in and use power-line Ad-Hoc Networks communications as the wired-side link! Such a device Similar to rogue APs, ad-hoc wireless networks represent will never be detected by wired-side network scanners. another major concern for WLAN security because they Nevertheless, it can be within the enterprise perimeter can put a network at risk without security managers ever luring unsuspecting corporate users to connect wirelessly seeing the vulnerability. WLAN cards enable peer-to-peer and reveal confidential information to a hacker well networking between laptops without an AP. These ad- outside the perimeter. Other examples include stealth hoc networks can allow an authorized user to transfer rogue APs that are completely silent until they hear a private corporate documents and intellectual property special “knocking” sequence over the air, upon which they to unauthorized users without going over the corporate wake up, communicate and go back to silent mode. Yet network. While WLAN cards operate in ad-hoc mode, another stealthy rogue uses the AP’s scheduling system the user must be able to trust all stations within range to turn off the radio until a predetermined time when the because ad-hoc networks offer little or no authentication attacker returns. Once back on the rogue, they schedule management. A hacker’s station could directly connect to the next appointment and turns off the radio. It remains an authorized user, access local information and potentially off until their return. These rogues cannot be detected by gain access to the rest of the wired network if the user occasional walk-around tests with handheld sniffers. They happens to be connected to the wired network as well. require, 24x7 “always on”, monitoring of the airspace. PAGE 5
  • 6. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 2. What is at Risk? Because WLANs operate in an uncontrolled medium, are • Financial data, leading to financial loss transient in the way they connect, and come with insecure • Reputation, damaging the efforts spent default configurations, they provide an easy open door to building the brand the wired network and wireless access devices. Insecure • Proprietary information, leaking trade wireless networks can easily be sniffed acting as a launch secrets or patents pad to the wired network and an organization’s corporate • Regulatory information, foregoing customer backbone. Once accessed an insecured WLAN can privacy or ignoring government mandates compromise: • Legal or regulatory ramifications • Wired infrastructure such as switches and routers 3. Requirements to Detect Rogue WLANs In confronting the issue of rogue WLAN detection, a user Scalable and Cost Effective must consider the functional requirements and return on for the Enterprise investment of the solution. IT security managers should Rogue detection must scale to fit the specific needs of an evaluate various approaches based upon technical enterprise. Some piece-meal solutions work for smaller requirements, enterprise scalability, cost, and ability to organizations but do not scale for large enterprises with cover the future needs of network security. dozens or hundreds of locations around the globe. Large enterprises require a cost-effective solution that can Functional Requirements be centrally managed. In determining the cost of rogue A comprehensive solution to detect rogue WLANs must detection, IT security managers must consider the initial detect all WLAN hardware and activity that includes: costs of the solution and additional costs needed for on- • Detection of all rogue devices and associations going support. • Ability to classify and clearly distinguish rogues on the network from unauthorized wireless devices Future Proof sharing the airspace Rogue detection should scale to meet the future needs • Detailed forensic analysis of rogue devices of enterprise network security. An organization that bans and associations, and data transmitted all WLANs today is likely to move ahead with a pilot • Assessment of threat from a rogue device based deployment in the next year. At this time, an enterprise on present and past behavior with limited WLANs must maintain its rogue detection • Physical and network location of rogue devices for unauthorized areas and secure the pilot WLAN from • Termination of rogue devices using wired and accidental associations and ad-hoc networks. As WLANs wireless mechanisms are deployed throughout an enterprise, rogue detection must be complemented with 24x7 monitoring and intrusion detection. Other value added benefits that can be leveraged such as performance and network health monitoring should also be considered in the decision process. PAGE 6
  • 7. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 4. Techniques to Detect Rogue WLANs Once an organization decides on a policy that bans WLANs However, SNMP polling of wired switches can reveal completely or more precisely prohibits employees from MAC addresses of wireless devices connected to them. deploying their own networks, the organization must Intelligent analysis of this information with correlation of decide how to enforce that policy across the enterprise. wireless information can be used for This section outlines several approaches that have been rogue detection. used to detect rogue WLANs and their strengths and weaknesses. 3. Wired-side Network Scanners 1.) Wired-side Intrusion Detection System Wired-side network scanners work similar to SNMP 2.) Wired-side SNMP Polling polling to identify IP devices attached the network and key 3.) Wired-side Network Scanners characteristics of those devices, such as MAC addresses 4.) Wireless Scanners and Sniffers and open ports. Rather than the SNMP protocol, scanners 5.) Wired-side Traffic Injection typically use TCP fingerprints to identify various types of 6.) Wireless Traffic Injection devices. 7.) AirDefense 24x7 Centralized Wired and Wireless Monitoring Network scans can also be extremely intrusive and they require that an IT security manager have access to all the 1. Wired-side Intrusion IP devices on the network and know all IP addresses. To Detection System locate every rogue AP, a scan would have to be performed Wired-side intrusion detection system (IDS) offers virtually on the entire network, which would cause personal no ability to detect rogue WLANs but can be useful in a firewall alerts and multiple alarms from network intrusion limited capacity. While intruders entering the network detection systems. Traditional wired-side network through a rogue WLAN appear mostly as authorized users, scanners are not an effective solution for enterprise rogue a wired-side IDS may alert IT security managers when the WLAN detection because wired-side scanners intruder tests wired-side security measures. A wired-side • Require an accurate database of all IP devices IDS fails as an effective approach to detecting rogue • Are limited to subnets unless routers are reconfigured WLANs because it cannot identify APs attached to the • Produce multiple false positives from network IDS and wired network, virtual Wi-Fi, accidental associations and personal firewalls ad-hoc networks. These are typically below the radar for • Cannot detect virtual Wi-Fi, accidental associations, wired IDS. or ad-hoc networks. 2. Wired-side SNMP Polling 4. Wireless Scanners and Sniffers Simple Network Management Protocol (SNMP) polling Wireless sniffers and scanners differ greatly from wired- can be used to query information from IP devices attached side tools because wireless sniffers and scanners capture to the wired network, such as routers, stations, and and analyze WLAN packets from the air. By monitoring authorized APs. This process requires that the IT security the airwaves for all WLAN activity, wireless sniffers and manager conducting the SNMP poll to know the IP address scanners detect most APs and active wireless stations of all devices being polled, which must also be configured within range. They also can provide detailed information to enable SNMP. For these reasons, SNMP polling by itself about the configuration and security employed by each is not an effective approach to detecting rogue WLANs. device. The IT security manager is not likely to know the IP address of the rogue AP, and the rogue AP is not likely to have Both sniffers and scanners are limited by their need SNMP enabled. In addition, an SNMP poll against an for a network administrator to physically walk the area authorized station operating as with virtual Wi-Fi enabled with a laptop or hand-held device running the sniffer or would not detect any WLAN activity. SNMP polling scanner application. A research brief from META Group also would not detect accidental associations or ad-hoc questioned the viability of wireless sniffers and scanners networking between stations. for enterprise security. PAGE 7
  • 8. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks While this process requires the physical presence and 5. Wired-side Traffic Injection “WIDS must valuable time of a network manager, the effectiveness is Some vendors have used dedicated wired-side devices to continuously scan for limited because it only samples the airwaves for threats inject special broadcast frames over the wired network at any given time. New rogue APs and other vulnerabilities and detect authorized segment. These broadcast frames are then transmitted can arise after a scan and will not be detected until the over the air by any wireless APs present on the same and unauthorized next time a network administrator surveys the network. In network segment. By detecting these frames over the air, activities. Continuous addition, since handheld sniffers do not have wired-side using wireless sniffers, and analyzing the transmitter’s scanning is 24 hours/ information, determining a rogue is typically done by MAC address, the user is able to determine if any day, 7 days/week.” walking right up to it and making sure it is connected to the unauthorized APs are connected to that network segment. wired network. Stealth rogue devices might go undetected The primary drawback of this method is that it requires Gartner as would transient station associations. a wired traffic injector in every network segment. This might make it infeasible with multiple VLANs. In addition, This approach is particularly unreasonable for enterprises this method fails to detect any rogue APs that have built operating dozens of offices around the country or retailers in routers. Routers will separate broadcast domains and with hundreds of stores. Even if these organizations could the special wired broadcast frame will not be transmitted feasibly devote a network administrator’s full attention over the air. Since most common consumer APs that end to survey each site on a monthly basis, rogue APs and up as rogues have built in routers, this method is not very other vulnerabilities can pop up the minute the survey is effective. Further, this technique provides zero client side completed. rogue detection function. Smaller organizations operating in a single location without 6. Wireless Traffic Injection potential for growth may find sniffers and scanners to This method is similar to wired traffic injection except it be their most cost-effective solution if the organization relies on a wireless device to inject a special frame over is willing to accept the threat of rogue WLANs popping the air. If a sniffer sees an unauthorized AP, it tries to up between network audits. The vast limitations of connect to it wirelessly and subsequently inject a frame physical site surveys and the demands for personnel that can be traced on the wired-side by a server or by time, limit the effectiveness of sniffers and scanners for another sniffer connected on the wired-side. large enterprises. Sniffers and scanners are simply not cost-effective for an enterprise with multiple locations While this technique works with rogue APs that have built or sensitive information that cannot risk rogue networks in routers, it fails if the rogue AP has security enabled. If operating between security audits. In addition, IT security security is enabled, the sniffer will not be able to connect administrators would find this decentralized approach with the device. Further, this technique exposes the extremely difficult to manage and collect information for wireless IPS system by forcing it to transmit frames over multiple locations. the air in an effort to detect rogues. PAGE 8
  • 9. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 7. AirDefense 24x7 Centralized and a central security station analyzes the incoming video Wired and Wireless Monitoring for security risks. The video cameras reduce the need for Enterprise rogue WLAN detection requires a scalable costly security guards to walk through the building just as solution that combines the centralized management of the remote sensors of the AirDefense Services Platform wired-side scanners and radio frequency analysis of replace the need for handheld manual wireless scanners. wireless scanners. The AirDefense Services Platform provides this comprehensive solution with an innovative The server appliance also maintains a detailed minute-by- approach to WLAN security that includes a distributed minute forensic database of every wireless device in the architecture of remote sensors to monitor the airwaves airspace. By intelligently correlating real-time wireless for all WLAN activity and report to a centrally managed information and wired-side data with historical behavior, server appliance. The remote sensors are equivalent to the Motorola AirDefense system is able to determine and wireless scanners but add 24x7 monitoring to provide eliminate all rogues with the lowest false positive rate of 100% coverage against rogue WLANs the minute they any system available today. Table 1 compares the detection are connected to the network or enter the coverage area. performance of several techniques under different rogue This approach to rogue WLAN detection and mitigation scenarios. The AirDefense system is capable of detecting is akin to the security of physical buildings whereby video virtually any type of rogue device. cameras are deployed at key locations for 24x7 monitoring Sensor SNMP Wireless Wired Rogue Device Based Lookup Traffic Traffic AirDefense Scenarios Detection Detection Injection Injection AP Consumer AP YES YES YES YES YES Consumer AP with security YES YES NO YES YES Consumer AP/Router YES YES YES YES YES with NAT Consumer AP/Router YES YES NO YES YES with NAT & security Consumer AP/Router YES YES YES YES YES without NAT Consumer AP/Router YES YES NO YES YES without NAT & security Enterprise AP YES YES YES YES YES Enterprise AP with MBSSID YES YES YES YES YES Enterprise AP with security YES YES YES YES YES Enterprise AP with YES YES YES YES YES MBSSID & security Client Enterprise AP with YES MAYBE NO NO YES MBSSID & security Rogue Client connecting to MAYBE NO NO NO YES Authorized AP Authorized Client with YES NO NO NO YES Ad-Hoc connection Authorized Client with YES NO NO NO YES Ad-Hoc connection PAGE 9
  • 10. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks 5. The Motorola AirDefense Solution The centralized management and 24x7 monitoring of the Detection of All Rogue airwaves provides a scalable and cost-effective solution WLAN Devices and Activity that enables enterprise WLAN detection throughout AirDefense recognizes all WLAN devices, which include multiple locations of an organization. A few sensors are APs, WLAN user stations, virtual Wi-Fi, and specialty deployed in each location to provide comprehensive, 24x7 devices such as printers, wireless bar code scanners detection of rogue WLANs. As new offices are opened, for shipping or inventory applications, etc. AirDefense the AirDefense Services Platform easily scales to secure also identifies rogue behavior from ad-hoc or peer-to- that office with the addition of sensor(s) deployed in the peer networking between user stations and accidental new location. AirDefense provides comprehensive and associations from user stations connecting to neighboring advanced rogue management capabilities that go beyond networks. simple alerts of broadcasting APs. The functionality includes: Figure 2 – AirDefense Services Platform - Rogue Threat Analysis Figure 3 – AirDefense Services Platform - Rogue Device Information PAGE 10
  • 11. White paper Solutions for Detecting and Eliminating Rogue Wireless Networks Threat-Based Rogue Management Rogue Termination “The company Motorola AirDefense goes beyond simple detection of Motorola AirDefense not only detects all intruders and has only a small rogue devices and assesses the risk associated with an rogue devices in an enterprise’s airwaves, but allows them Cisco WLAN, but unknown device. Clearly not every unauthorized AP is a to actively protect and respond to threats manually or rogue device. In a business park, one is likely to see many automatically using predefined policies. AirDefense uses it uses Motorola unauthorized devices from neighboring buildings. Motorola multiple methods to ensure that the wireless network is AirDefense to monitor AirDefense uses patented techniques to determine if a secure and protected. WLAN activity. rogue is connected to the internal network, pinpointing (AirDefense Services those unauthorized APs that present the highest threat AirTermination Platform) lets potential. AirDefense’s advanced threat assessment Motorola AirDefense can protect against wireless network managers capabilities enable the user to focus their attention on real threats via the air by terminating the wireless connection threats and safely ignore neighboring APs. between any rogue device and an authorized device using immediately and AirDefense patented methods. remotely disable a Risk and Damage Assessment rogue device with a Motorola AirDefense tracks all rogue communication and Wired-side Port Suppression single keystroke.” provides forensic information to identify when the rogue The Port Suppression feature enables the administrator to first appeared, how much data was exchanged, and the suppress the communications port for any network device. Frederick Nwokobia, direction of traffic. With detailed analysis, AirDefense The Port Suppression feature turns off the port on the Lehman Brothers assists IT personnel assess the risk and damage from network switch through which a device is communicating. the rogue. Packet capture can also be enabled for further analysis of the rogue in a packet analyzer. Conclusion With the proliferation of rogue wireless devices and Rogue WLAN Location unauthorized wireless connections, it is imperative for To find the location of the rogue device, Motorola organizations to understand the risks caused by these AirDefense provides accurate location tracking using rogue devices and employ 24x7 real-time monitoring signal strength triangulation and fingerprinting techniques. solutions to detect, locate and disable these devices. By Location tracking enables the IT administrator to locate and utilizing patented techniques that use real-time wireless track rogue devices in real-time. Location determination and wired-side information along with historical behavior, is also available in Motorola AirDefense Mobile, a the Motorola AirDefense system is capable of detecting complementary product to the AirDefense Services and eliminating all types of rogue devices with the highest Platform, which allows administrators to locate and track accuracy and effectiveness compared to any solution down rogue devices during walk around tests. available in the market today. About Motorola AirDefense Solutions We deliver seamless connectivity that puts real-time information in customers’ hands. Our proven solutions provide the agility needed to grow business or better protect and serve the public. Working seamlessly together with world-class devices, our portfolio includes indoor WLAN, outdoor wireless mesh, and voice over WLAN solutions. Combined with powerful software for wireless network design, security, management and troubleshooting, wireless network solutions deliver trusted networking and anywhere access to organizations across the globe. Figure 4 – The AirDefense Services Platform – Rogue Device Location Tracking PAGE 11
  • 12. Motorola, Inc. 1303 E. Algonquin Road Schaumburg, Illinois 60196 U.S.A motorola.com/wms MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC GO-29-118 and are used under license. All other trademarks are the property of their respective owners. © 2011 Motorola Solutions, Inc. All rights reserved. Printed in USA 10/11