AirTight’s flagship product, SpectraGuard® Enterprise, achieved FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) of the United States and the Communications Security Establishment of Canada (CSEC). Simultaneously, AirTight’s SpectraGuard Server TIC tests for inclusion on the DISA UC APL. The DISA UC APL is the single consolidate list of products that have completed interoperability (IO) and information assurance (IA) certification. Read more
Due to the overwhelming attendance and response we got to the recent WPA2 Hole196 webinar, we did not have time to answer all the questions asked during the webinar. In this post, we are keeping our promise and answering those webinar questions. By the way, the webinar slides and recording from this webinar as well… Read More
Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be… Read More
The WiFi snooping row Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been “mistakenly” snooping… Read More
AirTight Repeats live Webinar Windows 7: a New Wireless Enterprise Risk March 10, 11 AM Pacific Read more
The new 802.11 security protocol called 802.11w was recently ratified. Check this 802.11w-Tutorial to know how it works and what it means for your WLAN.
When talking about wired security, enterprise IT administrators talk about multiple layers of defense such as internet firewalls, VPNs, admission control, email filtering, content filtering, web application scanning and many others. However, when considering the security of a wireless network, the same enterprise IT administrators are content with the basic security provided as a part of wireless LAN infrastructure by vendors such as Cisco Systems and Aruba Networks. This is a flawed security practice.
A Wireless Intrusion Prevention System (WIPS) must be installed as a strong inner layer of defense when hackers penetrate the basic security built into the wireless LAN infrastructure. Additionally, the WIPS and the WLAN infrastructure should be sourced from different vendors to ensure non-overlapping weaknesses and hence, strong security. A WIPS combined with WLAN infrastructure from different vendors enables a strong wireless security posture for an organization.
The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again. In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms. The proposed attack assumes (somewhat unrealistically) that the… Read More
Security is hard to get right and shortcuts — be it coding shortcuts or design shortcuts – come back and haunt the product designers when the rubber hits the road. The recently discovered “skyjacking” vulnerability of the Cisco LAPs seems to be a classic example. The “Over The Air Provisioning” (OTAP) feature allows an out-of-the-box… Read More
Any organization handling payment card data should pay immediate attention to the PCI DSS Wireless Guideline published by the PCI Security Standards Council Wireless Special Interest Group last week. The key highlights are: