Security Concerns for a Wireless IP Infrastructure
Security against intrusion and theft of data or information being carried over the wireless IP infrastructure should be a top-of-mind concern to any one designing and building the wireless network.
To make theft technically difficult so as to make it commercially unattractive, robust technology is paramount. The wireless network should not only be demonstrably secure but should contain features for foiling pirate attacks when these inevitably occur, so that the value of the facility as a service network is sustained.
Technology exists for building a security system that acts as an impenetrable seal over the wireless networks to quickly identify and neutralize any threats that may arise.
This is achieved through a discipline to carry out continuous threat detection with a suite of active defenses that respond to any event automatically and to automatically defend the network in real-time as threats arise.
Intrusion prevention measures include wireless blocking to stop threats at their source and wired blocking to protect the wired network from wireless intrusions.
Blocking measures can be triggered either manually or automatically. Specialized software is used to alert specific staff members or resources with over a dozen configurable notification and escalation methods.
When threats arise, the system should be able to actively protect the network with multiple layers of automatable defenses. This layered approach insures that technical teams are always armed with tools appropriate for every type of threat.
Wireless blocking gives managers the ability to reach out and stop wireless threats at their source. When a device is blocked wirelessly, it is unable to make or maintain any wireless connections, effectively locking it out of the network. Any client, AP, ad hoc device, or network attacker can be selectively targeted and blocked without impacting the normal operation of the network.
The security system capability should also include the ability to trace and block threats at the wired switch port. This provides a complementary layer of protection that shields the wired network from threats originating in the WLAN.
The security system shows the location of rogues and intrusions on a map of the location. Staff can immediately see if a threat is inside or outside the premises, and can target responses appropriately.
When a threatening device is identified in the network, the system can launch active wired and wireless traces to expose where the device is attached to the wired infrastructure.
Each Security System Sensor can trace across multiple switches, ensuring that every corner of the network is inspected.
The security systemís defensive suite can be tied to policy and triggered automatically. This insures networks are protected 24 hours a day, even when staff are not readily available. When an attack is detected, the system comes into action to immediately defend the network.
Rogue devices represent a very real and omnipresent threat to any wireless network. The security system must provide a complete approach to rogue management that includes the ability to Detect, Disable, and Document every rogue.
Multiple detection mechanisms immediately expose every rogue, an active blocking suite can disable the rogue both on the wireless and wired side, and a dedicated rogue page provides consolidated details on every device including its physical location on a map, wired trace analysis, event history and more.
© Copyright 1999 Airvenue Inc. All rights reserved.