WHITE PAPERTIRED OF ROGUES?Solutions for Detecting and EliminatingRogue Wireless Networks
Tired of Rogues?: Solutions for Detectingand Eliminating Rogue Wireless NetworksThis paper provides an overview of the dif...
Wireless technology is growing in popularity. Businesses are not only migrating to wireless networking,                   ...
“At least 20%     1. Evolution of Rogue WLANs                                     intruders to find an entry point. Increa...
A malicious association is when a company laptop is             3.	Requirements to Detect 	                               ...
4.	Techniques to Detect Rogue                                   However, SNMP polling of wired switches can reveal        ...
and will not be detected until the next time a network          6. Wireless Traffic Injection                             ...
Sensor Based     SNMP Lookup      Wireless Traffic   Wired Traffic       Rogue Device Scenarios                           ...
Figure 1: AirDefense Enterprise - Rogue Threat Analysis           Figure 2: AirDefense Enterprise - Rogue Device Informati...
“The company          Rogue Termination –                                              Motorola AirDefense Enterprise, the...
motorola.comPart number WP-TIREDOFROGUES. Printed in USA 08/10. MOTOROLA and the Stylized M Logo are registered inthe US P...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_networks
Upcoming SlideShare
Loading in …5

Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_networks


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_networks

  1. 1. WHITE PAPERTIRED OF ROGUES?Solutions for Detecting and EliminatingRogue Wireless Networks
  2. 2. Tired of Rogues?: Solutions for Detectingand Eliminating Rogue Wireless NetworksThis paper provides an overview of the different types of rogue wirelessdevices, risks faced by enterprises due to their proliferation and multipleapproaches to detecting and mitigating them. The AirDefense solutionallows enterprises to effectively detect and eliminate all types of rogues.
  3. 3. Wireless technology is growing in popularity. Businesses are not only migrating to wireless networking, “By 2006,they are steadily integrating wireless technology and associated components into their wired infrastructure.The demand for Wireless Local Area Networks (WLANs) is fueled by the growth of mobile computing devices, 80 percentsuch as laptops and personal digital assistants and a desire by users for continual connections to the network of enterprisewithout having to “plug in. ” WLAN networks will remain vulnerable to intrusion. Action Item: Perform wireless intrusion detection to discover rogue access points, foreign devices connecting to corporate Figure 1: Wireless WLAN adoptor Trends access pointsFigure 1 shows the trends in WLAN adoption based on a Gartner Dataquest survey. Over 50% enterprises havedeployed wireless. The growth in wireless hotspots has also been astonishing. In fact, according to Dell’Oro, and accidentalthere has been an 87% increase in hotspots worldwide from January 2005 through January 2006 - from 53,779 associationin 93 countries to 100,355 in 115 countries. Forward Concepts industry analysts predict that WLAN equipmentwill continue growing at a higher rate in 2006 to the $5.9 billion level as new IEEE 802.11n and voice over WLAN to nearbyequipment is introduced and the infrastructure for traditional WLAN expands. Dell’Oro estimates that the WLANmarket will continue to grow at a compounded annual growth rate of 32% through 2009. access points in use by otherExperts and industry analysts agree that given the proliferation of WLANs, there is a very high probabilityof unauthorized WLAN devices showing up on an enterprise’s network. Any unauthorized wireless device companies. ”that connects to an enterprise’s authorized network or device is defined as a rogue wireless device. Rogue Gartnerwireless devices pose one of the greatest risks to an enterprise’s network security. Figure 2 shows typicalrogue device scenarios that compromise contemporary wired and wireless networks, circumventing traditionalsecurity mechanisms such as firewalls and perimeter protection. Figure 2: Rogue devices compromise traditional wired and wireless security3 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  4. 4. “At least 20% 1. Evolution of Rogue WLANs intruders to find an entry point. Increasingly, we are seeing ad-hoc networks in new networked devicesof enterprises Just as employees first brought personal computers such as printers, projectors, gaming consoles, etc. A to the office in the 1980s for their many benefits, simple printer with an open, unauthenticated, peeralready have employees are installing their own WLANs to to peer ad-hoc wireless network (typically presentrogue WLANs corporate networks when IT departments are slow for ease of use, troubleshooting, etc.) can provide to adopt the new technology. According to Gartner, a bridge to the wired-side network to which it isattached to enterprises that have not deployed wireless are at a connected.networks making them vulnerable to higher risk of exposure from rogue wireless devices. wireless attacks.their corporate Even enterprises that are deploying wireless mustnetworks, tackle the problem of rogue WLANs from employees Soft APs – who do not have wireless access, contractors, While hardware APs have been the focus of securityinstalled by auditors, vendors, etc., who bring in their own issues to-date, wireless-enabled laptops are easilyusers looking equipment while operating within the office, or configured to function as APs with commonly potential espionage traps. available freeware such as HostAP or software fromfor convenience PCTel. Known as “Soft APs, these laptops are harder ”of wireless and Rogue Access Points – to detect than rogue APs. These Soft APs pose all Rogue WLANs most commonly refer to rogue Access the risks of any typical rogue AP by broadcastingunwilling to Points (AP) that when attached to the corporate an insecure connection to the enterprise network. network broadcast a network connection. A rogue However, Soft APs are harder to detect than roguewait for the IS AP is any AP unsanctioned by network administrators APs because the Soft AP can appear as an authorizedorganization to and connected to the wired network. Most rogue APs station to all wired-side network scans. are improperly secured with default configurationstake the lead.” that are designed to function right out of the box with Stealth Rogue Devices –Gartner no security features turned on. Employees or even Several new and sneaky rogue WLAN devices are business units seeking to enhance their productivity constantly being exposed. Examples include rogue deploy rogue APs innocently without comprehending APs that look like power adapters plugged into a wall overall security risks. unnoticed, and can be located jack. These devices have a WLAN AP built in and use anywhere. power-line communications as the wired-side link! Such a device will never be detected by wired-side The Real Rogue Threat: Wireless Stations network scanners. Nevertheless, it can be within the and Not APs – enterprise perimeter luring unsuspecting corporate WLANs are comprised of APs that are attached to users to connect wirelessly and reveal confidential the enterprise network and WLAN access cards for information to a hacker well outside the perimeter. laptops, hand-held devices, and desktop computers. Other examples include stealth rogue APs that are Both unauthorized APs and unauthorized activity from completely silent until they hear a special “knocking” WLAN access cards can pose significant security sequence over the air, upon which they wake up, risks. As more and more confidential information is communicate and go back to silent mode. These locally stored on mobile laptops equipped with WLAN rogues cannot be detected by occasional walk-around access, these become the weakest link in the security tests with handheld sniffers. They require, 24x7 infrastructure. Wireless laptops often run supplicants “always on” monitoring of the airspace. , designed to effortlessly connect to available wireless networks making them vulnerable to wireless attacks. Accidental and Malicious Associations – Accidental associations are created when a Devices with Built-in WLAN Access – neighboring AP across the street or on adjacent floors Major computer vendors are selling increasing of a building bleeds over into another organization’s number of laptops with built-in WLAN access cards. airspace triggering its wireless devices to connect. A rogue WLAN has traditionally been thought of as a Once those devices connect with the neighboring physical AP unsanctioned by network administrators. network, the neighbor has access back into the Today rogue WLANs are further defined as laptops, organization. Accidental associations between a handhelds with wireless cards, barcode scanners, station and a neighboring WLAN are recognized as a printers, copiers or any WLAN device. These devices security concern. have little to no security built in making it easy for 4 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  5. 5. A malicious association is when a company laptop is 3. Requirements to Detect “Through 2006,induced to connect with a malicious device such asa Soft AP or laptop. The scenario also exists when a Rogue WLANs 70 percentmalicious laptop connects with a sanctioned AP Once . In confronting the issue of rogue WLAN detection, of successfulthe association has been made the hacker can use the a user must consider the functional requirementswireless device as a launch pad to attack servers and and return on investment of the solution. IT security wireless local areaother systems on the corporate network. managers should evaluate various approaches based network (WLAN) upon technical requirements, enterprise scalability,Ad-Hoc Networks – cost, and ability to cover the future needs of network attacks will beSimilar to rogue APs, ad-hoc wireless networks security.represent another major concern for WLAN security because of thebecause they can put a network at risk without Functional Requirements misconfiguration ofsecurity managers ever seeing the vulnerability.WLAN cards enable peer-to-peer networking A comprehensive solution to detect rogue WLANs WLAN accessbetween laptops without an AP These ad-hoc . must detect all WLAN hardware and activity thatnetworks can allow an authorized user to transfer includes: points (APs) andprivate corporate documents and intellectual client software. ”property to unauthorized users without going over • Detection of all rogue devices and associations • Ability to classify and clearly distinguish rogues Gartner, 2004the corporate network. While WLAN cards operatein ad-hoc mode, the user must be able to trust all on the network from unauthorized wireless devicesstations within range because ad-hoc networks offer sharing the airspacelittle or no authentication management. A hacker’s • Detailed forensic analysis of rogue devices andstation could directly connect to an authorized user, associationsaccess local information and potentially gain access to • Assessment of threat from a rogue device basedthe rest of the wired network if the user happens to on present and past behaviorbe connected to the wired network as well. • Physical and network location of rogue devices • Termination of rogue devices using wired and wireless mechanisms2. What is at Risk?Because WLANs operate in an uncontrolled medium, Scalable and Cost Effective for the Enterprise –are transient in the way they connect, and come with Rogue detection must scale to fit the specific needsinsecure default configurations, they provide an easy of an enterprise. Some piece-meal solutions workopen door to the wired network and wireless access for smaller organizations but do not scale for largedevices. Insecure wireless networks can easily be enterprises with dozens or hundreds of locationssniffed acting as a launch pad to the wired network around the globe. Large enterprises require a cost-and an organization’s corporate backbone. Once effective solution that can be centrally managed. Inaccessed an insecured WLAN can compromise: determining the cost of rogue detection, IT security managers must consider the initial costs of the • Financial data, leading to financial loss solution and additional costs needed for on-going • Reputation, damaging the efforts spent building support. the brand • Proprietary information, leaking trade secrets Future Proof – or patents Rogue detection should scale to meet the future • Regulatory information, foregoing customer needs of enterprise network security. An organization privacy or ignoring government mandates that bans all WLANs today is likely to move ahead • Legal or regulatory ramifications with a pilot deployment in the next year. At this time, • Wired infrastructure such as switches an enterprise with limited WLANs must maintain its and routers rogue detection for unauthorized areas and secure the pilot WLAN from accidental associations and ad-hoc networks. As WLANs are deployed throughout an enterprise, rogue detection must be complemented with 24x7 monitoring and intrusion detection. Other value added benefits that can be leveraged such as performance and network health monitoring should also be considered in the decision process.5 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  6. 6. 4. Techniques to Detect Rogue However, SNMP polling of wired switches can reveal MAC addresses of wireless devices connected to WLANs them. Intelligent analysis of this information with correlation of wireless information can be used forOnce an organization decides on a policy that bans rogue detection.WLANs completely or more precisely prohibitsemployees from deploying their own networks, theorganization must decide how to enforce that policy 3. Wired-side Network Scannersacross the enterprise. This section outlines several Wired-side network scanners work similar to SNMPapproaches that have been used to detect rogue polling to identify IP devices attached the networkWLANs and their strengths and weaknesses. and key characteristics of those devices, such as MAC addresses and open ports. Rather than the SNMP 1.) Wired-side Intrusion Detection System protocol, scanners typically use TCP fingerprints to 2.) Wired-side SNMP Polling identify various types of devices. 3.) Wired-side Network Scanners Network scans can also be extremely intrusive and 4.) Wireless Scanners and Sniffers they require that an IT security manager have access 5.) Wired-side Traffic Injection to all the IP devices on the network and know all IP 6.) Wireless Traffic Injection addresses. To locate every rogue AP a scan would , 7 AirDefense 24x7 Centralized Wired and .) have to be performed on the entire network, whichWireless Monitoring would cause personal firewall alerts and multiple alarms from network intrusion detection systems.1. Wired-side Intrusion Detection Traditional wired-side network scanners are not an effective solution for enterprise rogue WLAN System detection because wired-side scannersWired-side intrusion detection system (IDS) offersvirtually no ability to detect rogue WLANs but can • Require an accurate database of all IP devicesbe useful in a limited capacity. While intruders • Are limited to subnets unless routers areentering the network through a rogue WLAN appear reconfiguredmostly as authorized users, a wired-side IDS may • Produce multiple false positives from networkalert IT security managers when the intruder tests IDS and personal firewallswired-side security measures. A wired-side IDS fails • Cannot detect Soft APs, accidental associations,as an effective approach to detecting rogue WLANs or ad-hoc networks.because it cannot identify APs attached to the wirednetwork, soft APs, accidental associations and ad-hocnetworks. These are typically below the radar for 4. Wireless Scanners and Snifferswired IDS. Wireless sniffers and scanners differ greatly from wired-side tools because wireless sniffers and scanners capture and analyze WLAN packets from the2. Wired-side SNMP Polling air. By monitoring the airwaves for all WLAN activity,Simple Network Management Protocol (SNMP) wireless sniffers and scanners detect most APs andpolling can be used to query information from IP active wireless stations within range. They also candevices attached to the wired network, such as provide detailed information about the configurationrouters, stations, and authorized APs. This process and security employed by each device.requires that the IT security manager conductingthe SNMP poll to know the IP address of all devices Both sniffers and scanners are limited by their needbeing polled, which must also be configured to enable for a network administrator to physically walk the areaSNMP For these reasons, SNMP polling by itself is . with a laptop or hand-held device running the sniffernot an effective approach to detecting rogue WLANs. or scanner application. A research brief from METAThe IT security manager is not likely to know the IP Group questioned the viability of wireless sniffers andaddress of the rogue AP and the rogue AP is not likely , scanners for enterprise security.to have SNMP enabled. In addition, an SNMP pollagainst an authorized station operating as a Soft AP While this process requires the physical presencewould not detect any WLAN activity. SNMP polling and valuable time of a network manager, thealso would not detect accidental associations or effectiveness is limited because it only samples thead-hoc networking between stations. airwaves for threats at any given time. New rogue APs and other vulnerabilities can arise after a scan6 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  7. 7. and will not be detected until the next time a network 6. Wireless Traffic Injection “WIDS mustadministrator surveys the network. In addition, sincehandheld sniffers do not have wired-side information, This method is similar to wired traffic injection except continuously scandetermining a rogue is typically done by walking right it relies on a wireless device to inject a special frameup to it and making sure it is connected to the wired over the air. If a sniffer sees an unauthorized AP it , for and detect tries to connect to it wirelessly and subsequentlynetwork. Stealth rogue devices might go undetected inject a frame that can be traced on the wired-side authorized andas would transient station associations. by a server or by another sniffer connected on the unauthorizedThis approach is particularly unreasonable for wired-side. While this technique works with rogue APs that have activities.enterprises operating dozens of offices around the built in routers, it fails if the rogue AP has securitycountry or retailers with hundreds of stores. Even if enabled. If security is enabled, the sniffer will not Continuousthese organizations could feasibly devote a networkadministrator’s full attention to survey each site on a be able to connect with the device. Further, this scanning ismonthly basis, rogue APs and other vulnerabilities can technique exposes the wireless IPS system by forcing it to transmit frames over the air in an effort to detect 24 hours/day,pop up the minute the survey is completed. rogues. 7 days/week. ”Smaller organizations operating in a single location Gartnerwithout potential for growth may find sniffers and 7 AirDefense 24x7 Centralized Wired .scanners to be their most cost-effective solution and Wireless Monitoringif the organization is willing to accept the threat of Enterprise rogue WLAN detection requires a scalablerogue WLANs popping up between network audits. solution that combines the centralized managementThe vast limitations of physical site surveys and the of wired-side scanners and radio frequency analysisdemands for personnel time, limit the effectiveness of wireless scanners. AirDefense Enterprise providesof sniffers and scanners for large enterprises. this comprehensive solution with an innovativeSniffers and scanners are simply not cost-effective approach to WLAN security that includes a distributedfor an enterprise with multiple locations or sensitive architecture of remote sensors to monitor theinformation that cannot risk rogue networks operating airwaves for all WLAN activity and report to abetween security audits. In addition, IT security centrally managed server appliance. The remoteadministrators would find this decentralized approach sensors are equivalent to wireless scanners but addextremely difficult to manage and collect information 24x7 monitoring to provide 100% coverage againstfor multiple locations. rogue WLANs the minute they are connected to the network or enter the coverage area. This approach to5. Wired-side Traffic Injection rogue WLAN detection and mitigation is akin to theSome vendors have used dedicated wired-side security of physical buildings whereby video camerasdevices to inject special broadcast frames over the are deployed at key locations for 24x7 monitoring andwired network segment. These broadcast frames a central security station analyzes the incoming videoare then transmitted over the air by any wireless APs for security risks. The video cameras reduce the needpresent on the same network segment. By detecting for costly security guards to walk through the buildingthese frames over the air, using wireless sniffers, just as the remote sensors of AirDefense Enterpriseand analyzing the transmitter’s MAC address, the replace the need for handheld manual wirelessuser is able to determine if any unauthorized APs are scanners.connected to that network segment. The server appliance also maintains a detailedThe primary drawback of this method is that it minute-by-minute forensic database of every wirelessrequires a wired traffic injector in every network device in the airspace. By intelligently correlatingsegment. This might make it infeasible with multiple real-time wireless information and wired-side dataVLANs. In addition, this method fails to detect any with historical behavior, the AirDefense system is ablerogue APs that have built in routers. Routers will to determine and eliminate all rogues with the lowestseparate broadcast domains and the special wired false positive rate of any system available today. Tablebroadcast frame will not be transmitted over the air. 1 compares the detection performance of severalSince most common consumer APs that end up as techniques under different rogue scenarios. Therogues have built in routers, this method is not very AirDefense system is capable of detecting virtuallyeffective. Further, this technique provides zero client any type of rogue device.side rogue detection function.7 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  8. 8. Sensor Based SNMP Lookup Wireless Traffic Wired Traffic Rogue Device Scenarios AirDefense Detection Detection Injection Injection Consumer AP Yes Yes Yes Yes Yes Consumer AP Yes Yes No Yes Yes with security Consumer AP/Router No Yes Yes No Yes with NAT Consumer AP/Router No Yes No No Yes with NAT & security Consumer AP/Router Yes Yes Yes No Yes without NAT AP Consumer AP/Router Yes Yes No No Yes without NAT & security Enterprise AP Yes Yes Yes Yes Yes Enterprise AP Yes Yes Yes Yes Yes with MBSSID Enterprise AP Yes Yes No Yes Yes with security Enterprise AP Yes Yes No Yes Yes with MBSSID & security Rogue Client connecting Yes Maybe No No Yes to Authorized AP Rogue Client connecting Maybe No No No Yes Client to Rogue AP Authorized Client Yes No No No Yes with Ad-Hoc connection Authorized Client Yes No No No Yes with Ad-Hoc connection5. The AirDefense SolutionThe centralized management and 24x7 monitoring of the airwaves provides a scalable and cost-effectivesolution that enables enterprise WLAN detection throughout multiple locations of an organization. A fewsensors are deployed in each location to provide comprehensive, 24x7 detection of rogue WLANs. As newoffices are opened, AirDefense Enterprise easily scales to secure that office with the addition of sensor(s)deployed in the new location. AirDefense provides comprehensive and advanced rogue managementcapabilities that go beyond simple alerts of broadcasting APs. The functionality includes:Detection of All Rogue WLAN Devices and Activity –AirDefense recognizes all WLAN devices, which include APs, WLAN user stations, Soft APs, and specialtydevices such as printers, wireless bar code scanners for shipping or inventory applications, etc. AirDefensealso identifies rogue behavior from ad-hoc or peer-to-peer networking between user stations and accidentalassociations from user stations connecting to neighboring networks.8 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  9. 9. Figure 1: AirDefense Enterprise - Rogue Threat Analysis Figure 2: AirDefense Enterprise - Rogue Device InformationThreat-Based Rogue Management –AirDefense goes beyond simple detection of rogue devices and assesses the risk associated with an unknowndevice. Clearly not every unauthorized AP is a rogue device. In a business park, one is likely to see manyunauthorized devices from neighboring buildings. AirDefense uses patented techniques to determine if arogue is connected to the internal network, pinpointing those unauthorized APs that present the highest threatpotential. AirDefense’s advanced threat assessment capabilities enable the user to focus their attention on realthreats and safely ignore neighboring APs.Risk and Damage Assessment –AirDefense tracks all rogue communication and provides forensic information to identify when the rogue firstappeared, how much data was exchanged, and the direction of traffic. With detailed analysis, AirDefenseassists IT personnel assess the risk and damage from the rogue. Packet capture can also be enabled forfurther analysis of the rogue in a packet analyzer.Rogue WLAN Location –To find the location of the rogue device, AirDefense provides accurate location tracking using signal strengthtriangulation and fingerprinting techniques. Location tracking enables the IT administrator to locate and trackrogue devices in real-time. Location determination is also available in AirDefense Mobile, a complementaryproduct to AirDefense Enterprise, which allows administrators to locate and track down rogue devices duringwalk around tests. Figure 3: AirDefense Enterprise - Rogue Device Location Tracking9 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  10. 10. “The company Rogue Termination – Motorola AirDefense Enterprise, the flagship product, is a wireless intrusion prevention systemhas only a small AirDefense not only detects all intruders and rogue that monitors the airwaves 24x7 and provides the devices in an enterprise’s airwaves, but allows them most advanced solution for rogue detection andCisco WLAN, but to actively protect and respond to threats manually or mitigation, intrusion detection, policy monitoringit uses AirDefense automatically using predefined policies. AirDefense and compliance, automated protection, forensic uses multiple methods to ensure that the wireless and incident analysis and remote troubleshooting.to monitor network is secure and protected. As a key layer of security, AirDefense EnterpriseWLAN activity. AirTermination – complements wireless VPNs, encryption and authentication. Using a monitoring architecture(AirDefense AirDefense can protect against wireless threats of distributed smart sensors and a secure server via the air by terminating the wireless connection appliance, the AirDefense Enterprise system providesEnterprise) between any rogue device and an authorized device the most comprehensive detection of all threats andlets network using AirDefense patented methods. intrusions. Unlike any other solution on the market, AirDefense Enterprise analyzes existing and day zeromanagers Wired-side Port Suppression – threats in real time against historical data to more accurately detect threats and anomalous behaviorimmediately and The Port Suppression feature enables the originating inside or outside the organization. The administrator to suppress the communications portremotely disable for any network device. The Port Suppression feature system automatically responds to threats according to appropriate business process and compliancea rogue device turns off the port on the network switch through requirements on both wireless and wired networks, which a device is communicating.with a single making AirDefense Enterprise the industry’s most secure and cost-effective wireless intrusionkeystroke. ” Conclusion prevention and troubleshooting solution. With the proliferation of rogue wireless devices and Motorola AirDefense Personal, the industry’s firstFrederick Nwokobia, unauthorized wireless connections, it is imperative end-point security solution, provides uninterruptedLehman Brothers for organizations to understand the risks caused protection for all mobile employees and their by these rogue devices and employ 24x7 real-time enterprise wireless assets, regardless of location monitoring solutions to detect, locate and disable – at work, home, airports or other wireless hotspots. these devices. By utilizing patented techniques that Policy profiles are defined centrally on AirDefense use real-time wireless and wired-side information Enterprise and automatically downloaded to each along with historical behavior, the AirDefense system mobile user. If threats are discovered, AirDefense is capable of detecting and eliminating all types Personal notifies the user and sends the alerts of rogue devices with the highest accuracy and to AirDefense Enterprise for central reporting effectiveness compared to any solution available in and notification. This unique solution allows the the market today. network administrator to enforce corporate policies and provide complete protection for the mobile workforce, regardless of location. About Motorola AirDefense Solutions Motorola AirDefense, the market leader in The Motorola AirDefense InSite Suite is a anywhere, anytime wireless security and monitoring, collection of powerful tools available today for is trusted by more Fortune 500 companies, network architects to design, install, maintain and healthcare organizations and high-security troubleshoot wireless networks. Tools included government agencies for enterprise wireless in the suite are: Motorola AirDefense Mobile, protection than any other wireless security provider. complementary to AirDefense Enterprise allows Ranked among Red Herring’s Top 100 Private administrators to perform wireless assessments, Companies in North America, AirDefense products security audits, locate and manage rogues. Motorola provide the most advanced solutions for rogue AirDefense Architect provides complete design wireless detection, policy enforcement and intrusion and 3D RF simulation of wireless LANs based on prevention, both inside and outside an organization’s building-specific environments. Motorola AirDefense physical locations and wired networks. Common Survey provides real-time, in-the-field measurements Criteria-certified, AirDefense enterprise-class of Wi-Fi RF environments for site-specific surveys. products scale to support single offices as well as organizations with hundreds of locations around For more information or feedback on this white paper, the globe. please contact info@airdefense.net or call us at 770.663.8115. 10 WHITE PAPER: TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks
  11. 11. motorola.comPart number WP-TIREDOFROGUES. Printed in USA 08/10. MOTOROLA and the Stylized M Logo are registered inthe US Patent & Trademark Office. All other product or service names are the property of their respective owners.©Motorola, Inc. 2010. All rights reserved. For system, product or services availability and specific information withinyour country, please contact your local Motorola office or Business Partner. Specifications are subject to changewithout notice.