Rick Farina describes his Wi-Fi investigations at Wireless LAN Professionals Conference Europe in Maastricht, Netherlands 2014. WIPS Read more
The FCC’s decision to fine Marriott Hotels for unscrupulous Wi-Fi containment practices has set off numerous debates around the use of unlicensed spectrum. Many in the WLAN community have posted their interpretation of the decision and recommended best practices moving forward (see references below). Twitter debates have abounded as well. These parleys have focused on topics ranging from performance, to security, and monetization.
That being said, in the domain of security and PCI compliance, there is one Wi-Fi containment feature that hasn’t been mentioned, but deserves a shout-out as it is still very effective and virtually unperturbed by these events. It is called “wire-side containment”. Read more
After the TJX breach, the PCI security council strengthened their wireless security standard in an attempt to prevent such catastrophic incidents from reoccurring. While some of the largest retailers strengthened their wireless security, small and medium businesses need to take a look at their own security practices because they are just as susceptible, maybe more. … Read More
If you are concerned about the proliferation of smart devices (Iphones, Droids, tablets) and the impact on your network security, then this is a “can’t miss” webinar. The inability to detect and block unauthorized personal devices from attaching to your network puts your business at risk. AirTight CTO and Founder Pravin Bhawat discusses the challenges with mobile device management and the limitations of existing wireless network security measures. Read more
Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be… Read More
Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out. Today, most are aware that Open WiFi on enterprise network… Read More
Without a viable alternative, wireless security auditors had to conduct audits by traipsing around a facility with a handheld scanning device — a time consuming and labor intensive activity. That practice is plagued by many drawbacks that greatly limit the effectiveness and efficiency of wireless security audits. Even with expensive commercial products, handheld wireless audits are cumbersome and error-prone. The use of free scanning tools only exacerbates the problem. And the man-hours and travel expenses incurred per audit negatively impact productivity.
This paper describes a new hosted service architecture offered by AirTight Networks that enables effortless, automated wireless security audits from anywhere on the Internet, anytime. No more “walk arounds.” Plug-and-play wireless scanners onsite scan round-the-clock without human intervention, and securely communicate with a central server hosted on the Internet in a secure data center. The central server analyzes the data with an up-to-date wireless vulnerability database and assesses the wireless security posture or compliance of a network. Rich vulnerability assessment and compliance reports can be generated on demand with just a mouse click. Now finally, auditors can do a large number of wireless security audits accurately and cost-effectively in very little time.
AirTight Networks’ SpectraGuard® Online is the world’s first and only wireless vulnerability management offered as a hosted service. For wireless security auditors, SpectraGuard Online can bring:
• more revenue per customer;
• the ability to serve many more customers simultaneously; and
• low touch engagements.