Wireless Security: AirMagnet
Wireless Security: AirMagnet

Wireless, is it? Everything is going wireless – well almost everything. That, in itself, poses a challenge for a wireless security company, such as this innovator. It also offers big opportunities and AirMagnet has identified and addressed them.

The first opportunity is bridging the gap between wired and wireless security. Not only must a comprehensive security system address wireless-specific threats, it must be able to build a map of what the environment looks like. Only a company with such a complete network view can answer the question, “Where is the threat?” AirMagnet systems answer this question by tracing from the intelligent center and by having these servers learn about what the sensors can see.

The second opportunity is to extend real-time warnings to event forensics and intelligence. This innovator's products are FIPS 140-certified and that means, among other things, that all data is replicated and safely stored so that it is available if needed. In order to be forensically sound, it also is encrypted. Analysis is detailed and a scoring system places emphasis on the most important devices.

Finally, there is an opportunity to address wireless IDS evasion. The only way to address evasion is to put emphasis on evasion technique research, and that is exactly what AirMagnet has done. The challenges here are interesting because, while wired systems' IDS/IPS products work, in part, through some level of stateful analysis, wireless systems cannot. More important, wireless IDS products must be able to watch everything, because wireless signals are not necessarily restricted by the enterprise's gateway firewall.

Meeting the challenges of the next 18 months means understanding the wireless network as a whole, not just its security aspects. A holistic view of the network is the enabler that will allow AirMagnet to address specialized 802.11n and layer one DoS attacks.

What does AirMagnet see as its primary strength? First, providing a complete wireless solution, not just to the problems of wireless security, but to those of wireless management in general. The second piece of the answer is building fault tolerance into sensors and servers so that connection breaks are not of serious concern.