The new client-side WLAN exposures — the enhanced TKIP crack and the Windows 7 virtual AP feature — can only be seen by dedicated wireless intrusion detection/prevention systems, such as AirMagnet Enterprise. Furthermore, AirMagnet is the only WIDS/WIPS vendor to have announced protections for the latest TKIP attack that was discovered February 25.
Over the past six months, AirMagnet has seen an increase in client-side wireless security exposures. This activity raises concerns that not all enterprises are taking the necessary steps to properly protect themselves from the latest wireless security threats.
"Many organizations think they can address wireless security concerns by using wired security techniques. And while that may have worked to some extent in the past, and serves a specific function today, there is a massive shift toward client-side exposure on a wireless network. The only way to address these issues is to directly access the airspace and monitor activity in real-time," said Chia Chee Kuan, CTO at AirMagnet.
For example, new enhancements to TKIP cracking (or WPA), which targets end-user stations and not APs, allow hackers to capture larger packet payloads and more quickly re-route traffic using the Chop Chop technique.
Another new threat vector is coming from the virtualization of Wi-Fi adapters in today's new laptop computers, such as the recently highlighted Windows 7 virtual AP function. Driven by chip manufacturers, operating system vendors and the Wi-Fi Alliance, this "feature" allows a laptop to create a wireless bridge while maintaining a connection to an approved network, effectively creating a rogue communication link that can only be seen via dedicated sensor-based monitoring, as done by AirMagnet Enterprise.
"The only way to effectively protect your network from these client-side threats is to directly sample the air, capture that data and remediate. Our WIDS/WIPS technology, AirMagnet Enterprise, delivers the most powerful and comprehensive set of tools to accomplish that," continued Kuan.
AirMagnet Enterprise provides a simple, scalable WLAN monitoring solution that enables any organization to proactively mitigate all types of wireless threats, enforce enterprise policies, prevent performance problems and audit the regulatory compliance of all their Wi-Fi assets and users worldwide. The enterprise WLAN monitoring solution offers complete visibility and control over the wireless airspace, enabling any enterprise to reliably deliver the same standards of security performance and compliance for their wireless networks as they expect from their wired networks. For more information, please visit www.AirMagnet.com/products/enterprise.
About AirMagnet Inc.
AirMagnet Inc., now a part of Fluke Networks, is the leader in security, performance and compliance solutions for wireless LANs. The company's innovative products include AirMagnet Enterprise, the leading 24x7 WLAN security and performance management solution, and AirMagnet WiFi Analyzer " which is known as the "de facto tool for wireless LAN troubleshooting and analysis." Other products provide WLAN site survey and design, RF interference detection, remote diagnostics, and the world's first voice over WiFi analysis solution. AirMagnet has more than 8,500 customers worldwide, including 75 of the Fortune 100. The company, based in Sunnyvale, Calif., has offices worldwide. For more information, visit www.AirMagnet.com.