AirTight SpectraGuard Products Achieve FIPS 140-2 and DISA UC APL Certification

AirTight’s flagship product, SpectraGuard® Enterprise, achieved FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) of the United States and the Communications Security Establishment of Canada (CSEC). Simultaneously, AirTight’s SpectraGuard Server TIC tests for inclusion on the DISA UC APL. The DISA UC APL is the single consolidate list of products that have completed interoperability (IO) and information assurance (IA) certification.   Read more

Goodbye, WEP & TKIP

Wireless Threats cannot be solved by conventional security mechanisms

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be… Read More

Wireless Forensics: A Review from RSA Conference 2010

Wireless_Forensics_Workflow

With more enterprises deploying wireless LANs and employee-owned WiFi devices flooding enterprises, wireless LAN forensics is becoming a key component of any network forensic audit — whether to prove compliance with a regulation such as PCI DSS or in response to a security incidence. But wireless presents unique challenges to forensic audits. Last month, at… Read More

Is a strong inner layer of defense needed for robust wireless security?

Wireless Security Posture is relatively weak when both WLAN and WIPS are sourced from the same vendor

When talking about wired security, enterprise IT administrators talk about multiple layers of defense such as internet firewalls, VPNs, admission control, email filtering, content filtering, web application scanning and many others. However, when considering the security of a wireless network, the same enterprise IT administrators are content with the basic security provided as a part of wireless LAN infrastructure by vendors such as Cisco Systems and Aruba Networks. This is a flawed security practice.

A Wireless Intrusion Prevention System (WIPS) must be installed as a strong inner layer of defense when hackers penetrate the basic security built into the wireless LAN infrastructure. Additionally, the WIPS and the WLAN infrastructure should be sourced from different vendors to ensure non-overlapping weaknesses and hence, strong security. A WIPS combined with WLAN infrastructure from different vendors enables a strong wireless security posture for an organization.
  Read more

5 Wireless Intrusion Prevention Questions You Should Ask

In my previous blog post (5 Wireless Intrusion Detection Questions You Need to Worry About), I talked about the key questions that are related to the detection of Wireless (WiFi) based intrusions in your enterprise. Today, let’s turn the focus on to the other important aspect of WiFi security – Intrusion Prevention. Here are the… Read More