This device is similar in operation to RFprotect, but it comes with a 1U rack-mountable server, which configures the remote sensors.
In practice, this makes it easier to configure. First, you need to use SSH to get at the console, configuring the DNS settings so the remote sensors can automatically find the server.
From here you need to connect the 802.11a/b/g sensors to your network, making sure you have enough coverage for your entire company, so you will need a few sensors per floor. Management is performed through a Java-based console using IE 5.5 or higher.
The first time you connect to the console a quick-start wizard takes you through configuration.
The wizard includes being able to define the kinds of wireless access you want, including specifying allowed SSIDs and even access point manufacturers.
Next, you can import the list of authorised and non-authorised access points and clients. If you don’t have a list, you can do this later manually, but it will take a while to get the system running.
The first task you have after completing the wizard is to load your company’s floor plans and place your sensors on these maps. This location-based information is used to help you locate the exact location of a wireless intrusion or rogue access point.
Now you just need to configure your security policy. Most events are catered for and you’ll find that you look for pretty much any network activity.
RF Manager is easy to use, and its neat graphical interface works really well. For each alert you configure you have a choice of responses, including sending an email alert and turning on the vulnerability prevention. This uses the remote sensors to block transmissions to unauthorised devices.
There are three global settings, including Block, which blocks any communications on a single channel, and Interrupt, which causes errors in the communication on any two channels. But the settings are global and you can’t configure them by wireless network.