Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Walk Around Wireless Security Audits – The End Is Near!


Published on

Without a viable alternative, wireless security auditors had to conduct audits by traipsing around a facility with a handheld scanning device — a time consuming and labor intensive activity. That practice is plagued by many drawbacks that greatly limit the effectiveness and efficiency of wireless security audits. Even with expensive commercial products, handheld wireless audits are cumbersome and error-prone. The use of free scanning tools only exacerbates the problem. And the man-hours and travel expenses incurred per audit negatively impact productivity.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Walk Around Wireless Security Audits – The End Is Near!

  1. 1. AIRTIGHT NETWORKS WHITEPAPER Walk Around Wireless Security Audits – The End Is Near! A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 © 2009 AirTight Networks, Inc. All rights reserved. 2008
  2. 2. AIRTIGHT NETWORKS WHITEPAPER Walk Around Wireless Security Audits – The End Is Near! Executive Summary Without a viable alternative, wireless security auditors had to conduct audits by traipsing around a facility with a handheld scanning device — a time consuming and labor intensive activity. That practice is plagued by many drawbacks that greatly limit the effectiveness and efficiency of wireless security audits. Even with expensive commercial products, handheld wireless audits are cumbersome and error-prone. The use of free scanning tools only exacerbates the problem. And the man-hours and travel expenses incurred per audit negatively impact productivity. This paper describes a new hosted service architecture offered by AirTight Networks that enables effortless, automated wireless security audits from anywhere on the Internet, anytime. No more “walk arounds.” Plug-and-play wireless scanners onsite scan round-the-clock without human intervention, and securely communicate with a central server hosted on the Internet in a secure data center. The central server analyzes the data with an up-to-date wireless vulnerability database and assesses the wireless security posture or compliance of a network. Rich vulnerability assessment and compliance reports can be generated on demand with just a mouse click. Now finally, auditors can do a large number of wireless security audits accurately and cost-effectively in very little time. AirTight Networks’ SpectraGuard® Online is the world’s first and only wireless vulnerability management offered as a hosted service. For wireless security auditors, SpectraGuard Online can bring: more revenue per customer; the ability to serve many more customers simultaneously; and low touch engagements. © 2009 AirTight Networks, Inc. All rights reserved. 2
  3. 3. AIRTIGHT NETWORKS WHITEPAPER Introduction Wireless security audits play a crucial role in the wireless vulnerability assessment of IT infrastructure and provide guidance on how organizations can meet regulatory wireless compliance requirements. Assessment of wireless vulnerabilities is challenging because of the dynamic nature of wireless environments. Auditors have to worry about not only the wireless devices in a network environment that is being audited, but also external wireless devices in the vicinity that can impact the susceptibility of the network in question to vulnerabilities and attacks. Wireless laptops, handhelds, and smartphones carried by business travelers can also get infected with vulnerabilities on the road; even organizations that may not have officially deployed a wireless LAN need to be aware of these threats. Unfortunately, wireless security auditors have been underserved by the available auditing tools and methods. Traditionally wireless security audits have been conducted as an onsite activity. The auditor must walk around with a handheld device sniffing over-the-air wireless data. This cumbersome technique with limited wireless vulnerability assessment capabilities makes wireless security audits ineffective and inefficient, and makes auditors less productive. AirTight Networks’ unique service that allows for wireless security audits as a hosted service removes the burden from the auditors and empowers them to deliver premium service to their customers and perform more audits efficiently. Web-based Wireless Security Audits as a Service Web-based wireless security auditing — a radical departure from the conventional onsite approach — leverages the Software as a Service (SaaS) model to offer wireless security audits online, on-demand. Auditors use plug-and-play wireless scanners to monitor the airspace. The scanners automatically connect to a centralized server over a secure connection. The server is powered with an up-to- date vulnerability database and is housed in a secure (SAS 70) datacenter. Auditors access the wireless security auditing portal through a Web browser; no special software is needed. © 2009 AirTight Networks, Inc. All rights reserved. 3
  4. 4. AIRTIGHT NETWORKS WHITEPAPER SpectraGuard Online Architecture SpectraGuard® Online AirTight Networks’ SpectraGuard Online is the world’s first and only service that offers wireless security audits as a monthly subscription-based service. Its benefits for the audit community are powerful: 1. Effortless, effective wireless security audits anywhere, anytime. SpectraGuard Online eliminates “walk arounds” with a handheld device. With the auditing service easily accessible via any Web browser, auditors can conduct a wireless security audit for any customer, anywhere in the world, at any time — they do not even have to leave the comfort of their own offices. Direct or VPN access to customer’s corporate network is not needed. Auditors do not have to own and maintain any hardware or software tools. With AirTight Networks’ pre-configured, plug-and-play wireless scanners continuously scanning the airspace, auditors can generate on-demand wireless vulnerability assessment and compliance reports, and recycle the wireless scanners among multiple sites of a customer or among multiple customers. If needed, multiple audits can be handled simultaneously via a single wireless security portal. The bottom line: auditors can increase their profitability by increasing efficiency — doing more audits in less time and serving customers worldwide without traveling. © 2009 AirTight Networks, Inc. All rights reserved. 4
  5. 5. AIRTIGHT NETWORKS WHITEPAPER 2. Four service offerings SpectraGuard Online offers four service modules to meet the varying needs of enterprises of different sizes and level of wireless deployment. Modules Services Basic Wireless Wireless Wireless Compliance Alerts IDS IPS Automated wireless scanning     Compliance report delivered by email monthly or quarterly     Real-time email alerts for Rogue AP detection and wireless intrusion -    Archiving of alerts for one year -    Access to wireless IDS console - -   24x7 full wireless monitoring - -   Troubleshooting and customizable unlimited reporting - -   24x7 full wireless intrusion prevention and automatic incident response - - -  RF heat maps - - -  Location tracking to physically locate and remove Rogue APs - - -  3. Confidence of a complete wireless vulnerability assessment The inadequacy of handheld scanning for vulnerability assessment leaves audited networks exposed to many common wireless threats and unaware of new vulnerabilities. Free scanning tools such as NetStumbler and Kismet primarily serve the purpose of capturing over-the-air packets, and report only very basic information such as SSID, encryption, and MAC addresses. Further, handheld scanners are not able to distinguish which wireless devices are connected to the wired corporate LAN. This combined with the lack of security policies renders these tools close to useless for alerting against common threats such as rogue APs, client misassociation, and honeypots, to name a few. In addition, most live wireless attacks go undetected during handheld scans. Auditors giving a clean bill of health to such networks run the risk of liability if a wireless security breach or leakage of classified information occurs. © 2009 AirTight Networks, Inc. All rights reserved. 5
  6. 6. AIRTIGHT NETWORKS WHITEPAPER With an up-to-date centralized vulnerability database and AirTight’s patented wireless vulnerability management technology, SpectraGuard Online can automatically detect all known wireless vulnerabilities and attacks. These include client-side vulnerabilities (e.g., clients infected by viral SSIDs or probing for vulnerable SSIDs) that occur when business travelers use their laptops and phones for wireless access on the road. 4. Automated management of wireless security policies Security policies form the basis of any security audit. With little or no support for defining and managing wireless security policies built into most handheld scanning tools, auditors face a daunting task of manually classifying wireless devices, analyzing captured data, and assessing vulnerabilities. With SpectraGuard Online users can easily define and manage wireless security policies. AirTight Networks’ patented autoclassification technology allows quick, accurate classification of access points and clients as authorized and unauthorized including information about their connectivity, e.g., to wired corporate LAN, ad- hoc networks. 5. Professional, pre-defined wireless security audit reports Auditors often complain that communicating to each network administrator which vulnerabilities are critical and need to be fixed is challenging. SpectraGuard Online eliminates this problem by offering pre-defined reports that classify detected wireless vulnerabilities into severity levels. This helps prioritize which vulnerabilities need to be fixed first. Advice for fixing the vulnerability (manually or automatically) is given. Reports can be generated for a moment in time or a period; reports over different time periods can be used to audit the trends in the wireless security posture of a network. Depending on the goal, an auditor can generate a wireless vulnerability assessment report or a regulatory compliance report (e.g., PCI, GLBA, SOX). In a compliance report, each vulnerability is mapped to a specific requirement from the respective compliance legislation. 6. Accurate, instant location tracking Most handheld scanning tools force auditors to locate wireless devices based on a trial-and-error method. The auditor has to walk around the facility and monitor the change in signal strength; the idea is to walk in a direction where signal strength increases eventually leading the auditor to the device of interest. This method can take several minutes to several hours before the device can be located, if at all. Some tools support GPS which is useless for indoor location tracking. © 2009 AirTight Networks, Inc. All rights reserved. 6
  7. 7. AIRTIGHT NETWORKS WHITEPAPER With multiple scanners monitoring the airspace, SpectraGuard Online can instantly and accurately locate wireless devices in the vicinity. This is critical for quickly finding vulnerable or malicious devices. 7. Future-proof system Scanning tools—free and commercial—do not guarantee an up-to-date security audit against new or emerging vulnerabilities and exploits, and newer technologies (e.g., 802.11n). Auditors have to wait for the next software patch or version upgrade. The SpectraGuard Online centralized wireless vulnerability database is continually updated, allowing auditors to offer the world’s first and only zero-day wireless threat auditing capability to their customers. 8. Integrate audit reports from multiple distributed sites Customers with multiple WLAN deployments—some at worldwide locations— often demand integrated wireless security audit reports for their company. With handheld scanning, this has to be handled by auditors manually as a separate task. With AirTight Networks’ patented location-based policy management technology, SpectraGuard Online can naturally integrate wireless security audits at multiple sites worldwide and organize the results into a single audit report, without any effort for the auditor. 9. Customizable wireless security audits to suit your customer’s needs Naturally depending on the type of business, organizations are exposed to different types of wireless vulnerabilities and have different requirements both internal and regulatory for managing wireless security. Unlike the one-size-fits-all handheld scanning, SpectraGuard Online allows auditors to customize wireless security audits to meet the specific needs of their customers. Walk-around Scanning vs. SpectraGuard Online: Cost Comparison While enabling effortless PCI wireless scanning and compliance, the total cost of ownership for SpectraGuard Online is radically less expensive than walk-around scanning using any wireless analyzer especially for large enterprises with hundreds or even thousands of sites across the globe. The pricing starts as low as $20 per month per location. © 2009 AirTight Networks, Inc. All rights reserved. 7
  8. 8. AIRTIGHT NETWORKS WHITEPAPER Walk Around Wireless Security Audits – The End Is Near! ABOUT 5 Cost of PCI Compliance AIRTIGHT NETWORKS (Million $) Wireless analyzer AirTight Networks is the global 4 leader in wireless security and compliance solutions providing 3 customers best-of-breed technology to automatically 2 detect, classify, locate and block all current and emerging 1 wireless threats. AirTight offers SpectraGuard Online both the industry’s leading 0.5 wireless intrusion prevention system (WIPS) and the world’s 500 1000 2000 3000 5000 first wireless vulnerability Number of sites management (WVM) security- as-a-service (SaaS). AirTight’s Estimated one year expense for PCI wireless scanning. For SpectraGuard Online and on-site WIPS, one wireless sensor per loca- award-winning solutions are tion is assumed. Cost for scanning with a wireless analyzer includes logistics cost such as travel and lodging. used by customers globally in the financial, government, retail, manufacturing, transportation, education, healthcare, telecom, Summary and technology industries. AirTight owns the seminal patents SpectraGuard Online is a breakthrough solution that offers wireless security for wireless intrusion prevention audits as a hosted service. It facilitates cost-effective, unattended, non-intrusive, technology with 11 U.S. patents and accurate assessment of wireless vulnerabilities. Wireless security auditors and two international patents are relieved of the drudgery and become more efficient and productive, while granted (UK and Australia), and more than 20 additional patents delivering premium service to their customers. With geographical and time pending. AirTight Networks is a boundaries on wireless security audits removed, auditors can expand their privately held company based services to worldwide locations and simultaneously serve more customers without in Mountain View, CA. For more breaking a sweat. information please visit The Global Leader in Wireless Security Solutions AirTight Networks, Inc. 339 N. Bernardo Avenue #200, Mountain View, CA 94043 T +1.877.424.7844 T 650.961.1111 F 650.961.1169 © 2009 AirTight Networks, Inc. All rights reserved. AirTight Networks and the AirTight Networks logo are trademarks, and AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks mentioned herein are properties of their respective owners. Specifications are subject to change without notice.