- Wireless intrusion prevention counters growing threat
- AirMagnet
Enterprises are expanding their wireless networks with increasing confidence, believing that rooting out rogue access points and implementing WPA2 will put an end to Wi-Fi security concerns. But attackers are, nevertheless, zeroing in on the many millions of corporate client devices, exploiting them to gain entry to corporate networks and sensitive information. These new hacking tools and techniques underscore the need for wireless intrusion prevention systems (WIPS) that can leverage the power of stateful traffic analysis to effectively deal with these and other security threats.
Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)
Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)
This paper addresses an absolutely critical issue facing all enterprises - the security of wireless clients on the corporate network. This is an issue that is becoming absolutely critical as the number of wireless devices continue to expand exponentially, and many of these, from PCs to iPhones and Droids, are gaining the ability to serve as both APs and clients.
(Just as a note, an 802.11 radio is by its nature a full duplex device. So it's "only software" for a client to be converted to an AP as well.)
As noted in the paper, "The fact is that rogue AP detection is trivial compared to managing client-side wireless exposures, and the client threat has become far more dangerous. Rogue APs are easy to find because there are few of them, and APs are relatively static. As mentioned earlier, newer wireless LAN systems can automatically scan for unauthorized wireless APs, and security and network managers are attuned to the threats and generally proactive – and even aggressive – about seeking them out.
"On the other hand, client vulnerabilities and exploits are much harder to detect, and far more threatening because they require stateful monitoring and analysis of network traffic in the air."
A "must read" part of your library.