AirTight SpectraGuard Products Achieve FIPS 140-2 and DISA UC APL Certification

AirTight’s flagship product, SpectraGuard® Enterprise, achieved FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) of the United States and the Communications Security Establishment of Canada (CSEC). Simultaneously, AirTight’s SpectraGuard Server TIC tests for inclusion on the DISA UC APL. The DISA UC APL is the single consolidate list of products that have completed interoperability (IO) and information assurance (IA) certification.   Read more

WPA2 Hole196 Webinar Q&A

Due to the overwhelming attendance and response we got to the recent WPA2 Hole196 webinar, we did not have time to answer all the questions asked during the webinar. In this post, we are keeping our promise and answering those webinar questions. By the way, the webinar slides and recording from this webinar as well… Read More

Goodbye, WEP & TKIP

Wireless Threats cannot be solved by conventional security mechanisms

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be… Read More

Has your data been “Woogled”?!

Google Street View car gets a ticket

The WiFi snooping row  Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been “mistakenly” snooping… Read More

Is a strong inner layer of defense needed for robust wireless security?

Wireless Security Posture is relatively weak when both WLAN and WIPS are sourced from the same vendor

When talking about wired security, enterprise IT administrators talk about multiple layers of defense such as internet firewalls, VPNs, admission control, email filtering, content filtering, web application scanning and many others. However, when considering the security of a wireless network, the same enterprise IT administrators are content with the basic security provided as a part of wireless LAN infrastructure by vendors such as Cisco Systems and Aruba Networks. This is a flawed security practice.

A Wireless Intrusion Prevention System (WIPS) must be installed as a strong inner layer of defense when hackers penetrate the basic security built into the wireless LAN infrastructure. Additionally, the WIPS and the WLAN infrastructure should be sourced from different vendors to ensure non-overlapping weaknesses and hence, strong security. A WIPS combined with WLAN infrastructure from different vendors enables a strong wireless security posture for an organization.
  Read more

The New Attack on WPA/TKIP: Much Ado About Nothing?

The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again.  In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms. The proposed attack assumes (somewhat unrealistically) that the… Read More

Skyjacking: What went wrong?

Security is hard to get right and shortcuts — be it coding shortcuts or design shortcuts – come back and haunt the product designers when the rubber hits the road. The recently discovered “skyjacking” vulnerability of the Cisco LAPs seems to be a classic example.  The “Over The Air Provisioning” (OTAP) feature allows an out-of-the-box… Read More