Archive

Archive for June, 2009

Defending Against Zero Day Attacks in WLANs

June 26th, 2009

Zero Day Attack is exotic name for hacks which will be realized in future and which we don’t know about today. Conventionally, it is believed that a zero day attack will create some anomaly in the network behavior and hence some form of anomaly detector can provide protection from zero day attacks. However, there have always been practical difficulties in implementing robust anomaly detector. Fortunately for 802.11 WLANs, there is also an alternative viable way to defend against zero day attacks.

  Read more…

Best practices, Wireless security

Wireless PCI scanning debate

June 20th, 2009

Interesting post on CWNP back in March. 

Douglas Haider compares the pros and cons of quarterly wireless vulnerability scanning vs. a full time wireless IPS to satisfy PCI DSS compliance requirement 11.1.  Douglas writes:

“This requirement begs me to ask which is “better” option?  Quarterly manual scans or a wireless IDS/IPS?   

Maybe it’s the former IT auditor in me, but I think the best way to meet this requirement is by deploying a wireless IDS/IPS. 

http://www.cwnp.com/community/articles/wireless_requirements_of_the_payment_card_industry.html

I agree, the goal of PCI is securing cardholder data than quarterly scanning can’t be taken seriously.  Cost is obviously the biggest issue for merchants with multiple locations.  But surely a hosted wireless scanning services with a low monthly fee would be cheaper AND provide round the clock security, wouldn’t it?  

Hmmm… see my post AirTight on “Cloud Nine”.

Best practices, Compliance, PCI, Wireless scanning, Wireless security ,

AirTight on “Cloud Nine”

June 20th, 2009

Devin Akin wrote a short post about AirTight SpectraGuard Online on CWNP.  He likes our hosted wireless IPS service and seems to think we are on to something!   Now how can I argue with the man. http://www.cwnp.com/on-cloud-nine

Compliance, PCI, Wireless scanning, Wireless security , ,

Using neighborhood wi-fi to get kids into the car

June 16th, 2009

My 12 yr old son was fiddling with his iTouch in the back seat of the car last week when it finally dawned on him that he could see several available wi-fi networks in our neighborhood from the front of the house . “Hey, I can connect to Marci’s wi-fi ! Can we sit in the driveway for a couple minutes so I can download some songs?” 

Hmm.. Maybe I can use this to my advantage to get the kids in the car so we can actually be someplace on time.  “Hey kids, better hurry, you only have 3 minutes to download songs before we go to the dentist.”

Wireless gadgets ,

Live Alerts: A Unique Addition to AirTight`s WIPS functionality

June 16th, 2009

Live Alerts helps system administrators to quickly identify the ongoing vulnerabilities and performance related issues in an enterprise Wi-Fi deployment.

Before Live Alerts, it was very difficult for an administrator to identify the ongoing threats from the list of reported threats/anomalies. However, with the introduction of Live Alerts, he can now easily distinguish and prioritize between ongoing and past threats/anomalies.

Introduction:

Realizing mobility advantages in businesses, Wi-Fi is increasingly being deployed in corporate premises. However, due to the nature of Wi-Fi technology, an administrator has to face certain security and performance challenges while managing the corporate Wi-Fi space.

Read more…

Wireless security ,

Webinar – Effective Strategies for Evaluating WLAN Security

June 15th, 2009
Date: Tuesday, June 16, 2009
Time: 11:00 AM, Pacific Daylight Time (San Francisco, GMT-07:00)
To register click here

This informative Webinar offers a practical guide for selecting a WLAN security solution.
Dr. Hemant Chaskar, Director of Technology at AirTight Networks explains the prevalent methods for wireless access point detection and classification.

Attendees will learn:

  • The difference between active and passive approaches to wireless intrusion prevention
  • The core capabilities of different approaches to wireless intrusion prevention
  • What to look for when testing systems to assure that there are no gaps in WLAN security
  • How to judge when you need more capabilities than you currently have
After the event, attendees will receive a sample test plan to help plan their own comparative testing among vendors.

 

 

 

Wireless security, WLAN planning , , ,

Voice Mobility powered by Wi-Fi Telephony

June 15th, 2009

Wi-Fi telephony is the upcoming technology that can be set up on existing enterprise Wi-Fi network and empowers enterprises with voice mobility benefits in an easy, scalable and cost-effective way.

Increased deployment of superior Wi-Fi networks to achieve wireless data access and increased adoption of VoIP technologies to make cost-effective calls has led the concept of Wi-Fi telephony to emerge in the recent years.

With Wi-Fi telephony in place, voice mobility can be achieved in an easy to use and inexpensive way. Voice mobility in general refers to flexibility for users to make telephone calls from any place within a premise. Enterprise premises empowered with voice mobility have more productive employees, increased employee convenience and improved business process resulting in faster decision making, increased responsiveness and greater overall productivity and efficiency. Read more…

Wireless gadgets , ,

Number of antennas on AP – bellwethers of WLAN technology generation

June 10th, 2009

Early 802.11b APs used to have 1 antenna on them, which later became 2 in the 802.11g/a era, which now have become 3 or 6 in the current 802.11n era. So why do number of antennas keep changing as WLAN technology advances to every next generation.

Read more…

802.11n, Wireless gadgets , , , ,

TKIP Primer on Security Tube

June 8th, 2009

Michael is the Message Integrity Code adapter by the TKIP standard. Michael is actually a weak code which uses simple additions and shift operation which are computationally less expensive, but strong enough as a intermediate solution from WEP. Michael was chosen as MIC in TKIP, so that the already deployed low end Access Points can also be software upgraded to TKIP without any hardware change. This video explains the working of MIC in TKIP.

Wireless security , , , , ,

AirTight on Wired/Wireless Security at HP Technology Forum

June 5th, 2009

AirTight’s director of technology joins HP ProCurve executives for two informative sessions at the HP Technology Forum in Las Vegas
June 15-18, 2009, Mandalay Bay, Las Vegas, Nevada, USA
Session: Wired/Wireless Management
Speakers: Dr. Hemant Chaskar, Director of Technology, AirTight Networks, Carl Blume, HP
This session offers timely advice for managing wireless and integrated wired/wireless networks from the perspectives of security, policy enforcement, performance optimization, and scalability.

Session: Wired and wireless Security
Speakers: Dr. Hemant Chaskar, Director of Technology, AirTight Networks, Mauricio Sanchez, HP
This session will present some differences and commonalities between protecting your network in a wireless versus a wired environment. It will outline the fundamentals of a comprehensive, multi-layered network security strategy and will drill down into some specific IDS/IPS (intruder detection system/intruder protection system) solutions that are particularly useful for combating wireless threats.

Wireless security, WLAN planning , , ,