Welcome to the AirWise Community Blog! This is a resource designed to share information on wireless network technology, trends and best practices related to security, performance, troubleshooting, management, design and regulatory compliance. We hope to actively engage with you, so please feel free to comment and offer opinions.
AirMagnet Enterprise Wins Network Products Guide Bronze Award for Mobility and Wireless Solution
Author/Blog Contributor - AirMagnet Wireless Intrusion Detection Research Team
Date: May 17, 2013
Fluke Networks’ AirMagnet team works hard to deliver the industry’s premier overlay wireless intrusion detection and prevention system (WIPS/WIDS) – for companies that have the most stringent security requirements. And, we’re excited to say, the industry has recognized us for our efforts.
How to ensure Wi-Fi networks are ready for Cisco Location Services: Fluke Networks’ AirMagnet Survey PRO First to Use Real-World Data
Author/Blog Contributor - Dilip Advani
Date: April 25, 2013
Image this situation: Your IT department selects a new service to keep your organization better organized, more secure, and better equipped for emergencies. Your department invests ample time into deploying the new service, diligently working to meet specific requirements, and triple checking work completed. And then, to your surprise the service doesn’t act quite as it should.
Does Wi-Fi Network Compliance Equal Corporate Data Security?
Author/Blog Contributor - Sean La Roque Doherty
Date: April 24, 2013
If a network is compliant with regulations, does that mean it’s secure? Unfortunately for both IT professionals and businesses, no it doesn’t. Why? Compliance is not security, but security can be compliant - with a set of requirements and guidelines that ensure data is confidential to authorized users, has integrity, has not been changed or modified, and is available on demand.
Three Steps for Making BYO Access Points a Company Benefit, Not an IT Risk
Author/Blog Contributor - Lisa Phifer
Date: April 22, 2013
As I discussed in my last blog post, Bring Your Own Access Points (BYO APs) are quickly growing both in public use and in the workplace. In fact, according to a February 2013 survey conducted by Smith Micro, 62 percent of smartphone users use their handset’s personal hotspot feature.
Bring Your Own Access Point (BYO AP): IT Friend or Foe?
Author/Blog Contributor - Lisa Phifer
Date: April 18, 2013
As the bring-your-own (BYO) explosion continues, a rising tide of smartphones and pocket-sized personal hotspot gadgets are bringing BYO access points (APs) into the workplace. Whether powered by smartphone software or mobile router hardware, BYO APs can turn any 3G/4G cellular data connection into a small footprint Wi-Fi hotspot, whenever and wherever Internet access is needed.
AirMagnet Enterprise Helps University IT from Getting "Schooled" by BYOD
Author/Blog Contributor - Milind Bhise
Date: April 5, 2013
The Bring-Your-Own-Device (BYOD) phenomenon is growing with fervor in enterprises worldwide. And with a population of busy, information-seeking people, it isn't surprising that the trend extends to university campuses. University IT faces unique wireless challenges: inconsistent bandwidth use that ebbs and flows with the academic calendar; differing IT needs from students and staff; and the constant threat of malicious attacks that threaten not only the classroom, but also critical student and staff data
Troubleshoot BYOD Problems Fast
Author/Blog Contributor - AirMagnet Intrusion Detection Research Team
Date: March 28, 2013
The tsunami of employee-owned smart devices used at work - known as BYOD or Bring Your Own Device - has emboldened employees to feel confident in their networking skills… to the point of residential gateways, routers, access points (APs), and switches creeping into the enterprise. And, while having a tech-savvy workforce can make IT's job a little easier, the complications outweigh the convenience.
Clear the Air of Layer 1 Wireless Vulnerabilities
Author/Blog Contributor - Kartik Krishnaswamy
Date: March 26, 2013
Wi-Fi isn't just for smartphones, tablets, and laptops anymore. Cheap and relatively easy to deploy, Wi-Fi has transformed over the last decade from a convenience to a strategic network parameter. Carriers are using wireless to offload 3G and 4G cellular traffic, verticals like healthcare and retail use it for crucial applications like processing credit cards, and end users expect wireless access everywhere from the local cafe to even in the latest models of cars.
Why Secure Your Wi-Fi Router?
Author/Blog Contributor - Sean La Roque Doherty
Date: March 25, 2013
Occasionally we like to go a bit off topic and cover emerging general market trends. Recently I’ve been getting a lot of questions about liability associated with an unsecure Wi-Fi router. This post should help demystify the topic.
How to Handle Bad SSIDs
Author/Blog Contributor - Lisa Phifer
Date: March 14, 2013
If you’re attending this week’s Black Hat Europe conference, check out Deral Heiland’s session on malicious Service Set Identifiers (SSIDs). According to the abstract, Heiland plans to demonstrate the use of specially-crafted SSIDs to initiate cross site scripting (XSS), cross site request forgery (CSRF), command injection and format string attacks against various Wi-Fi products.
What the Final Rule to HIPAA Means for Wireless Security
Author/Blog Contributor - Sean La Rogue Doherty
Date: February 28, 2013
To protect individually identifiable information and realize the benefits and cost savings of new electronic medical record technology, The Health Insurance Portability and Accountability Act (HIPAA) directed the Secretary of the U.S. Department of Health and Human Services (HHS) to develop new privacy and security regulations to meet today’s healthcare security challenges.
How to Protect Yourself from the Top Wireless Hotspot Security Threats
Author/Blog Contributor - Lisa Phifer
Date: February 26, 2013
Wi-Fi hotspots are spreading at a record pace. As of February 18, 2013, the Wi-Fi Alliance Wi-Fi Finder registry contained 816,810 Wi-Fi hotspots in 145 countries, topped by South Korea, the UK and the U.S.
Bring-Your-Own Mobile Malware
Author/Blog Contributor - Lisa Phifer
Date: February 21, 2013
The tide of mobile malware continues to grow, from 2004’s tiny trickle of Bluetooth worms to a steady stream of malicious Android apps that topped 350,000 in 2012 [1]. While this tally pales in comparison to PC malware, there’s a key distinction: most business PCs are somewhat defended by IT-managed anti-malware. The same can’t be said for consumer smartphones and tablets. In fact, you’d be hard-pressed to find a bring-your-own Android running anti-malware.
How-To Guide for Managing and Securing BYOD
Author/Blog Contributor - AirMagnet Intrusion Detection Research Team
Date: January 30, 2013
Bring Your Own Device (BYOD) is as much a sign of cultural change as it is an indicator of prevailing technology trends. Shifting work patterns and the need to be smarter and more flexible have neatly coincided with the proliferation of connected devices like smartphones, tablets and netbooks. But, network performance and security concerns can arise when employees want to use their personal devices at work.
Quantifying BYOD impact
Author/Blog Contributor - Lisa Phifer
Date: January 24, 2013
For IT admins concerned about planning WLAN capacity or securing WLAN access, bring-your-own Wi-Fi enabled consumer electronic devices are posing significant concerns. But just how big is their impact on enterprise WLANs? Let’s put some metrics around these trends.
Top 5 WLAN Security Threats to Defend Against in 2013
Author/Blog Contributor - Milind Bhise
Date: January 21, 2013
For nearly a decade, Wi-Fi has been a "nice-to-have" technology for most corporations, and wired networks have been the backbone for transmitting sensitive information. That time is long gone. With the explosive growth of Wi-Fi and the dramatic increase in smart devices usage, more and more industry leaders, including top retailers, manufacturers and healthcare organizations, are using Wi-Fi as a critical medium for transmitting sensitive data. Is your organization ready for the increased threats caused by this growth? Check out these top trends that will affect the enterprise in 2013:
Get ready to use - and safeguard - more spectrum
Author/Blog Contributor - Lisa Phifer
Date: January 11, 2013
At CES 2013, FCC chairman Julius Genachowski announced that regulatory efforts are well underway to free up "substantial" additional spectrum for Wi-Fi to accommodate sky-rocketing demand with less congestion. In comments made at the industry's largest annual consumer electronics event this week, Genachowski said that the FCC hopes to expand the 5 GHz band by about 35 percent. That's the band soon to be occupied by next-generation 802.11ac Wi-FI products, along with other government uses.
Top Three Mobile Payment Threats and How to Secure Your Wireless Network: Part 2
Author/Blog Contributor - Milind Bhise
Date: December 18, 2012
Last week we discussed mobile payment threats and looked at the first of three: DoS Attacks. This week, it is on to number two, Skimming Cardholder data.
How to Get Unprecedented Visibility into Approved and Unapproved BYOD Devices on a Wi-Fi Network
Author/Blog Contributor - Dilip Advani
Date: December 17, 2012
According to Gartner, 821 million smart devices (smartphones and tablets) will be purchased worldwide in 2012, accounting for 70 percent of total devices sold. As these devices come onto corporate networks, it is increasingly critical for network engineers to be able to identify and report on them, optimize the network for BYOD (Bring Your Own Device) in real-time, and instantly identify and take action when unauthorized devices or rogues appear.
Top Three Mobile Payment Threats and How to Secure Your Wireless Network: Part 1
Author/Blog Contributor - Milind Bhise
Date: December 13, 2012
How consumers pay for products and services evolves just as rapidly as the products and services they're paying for. Case in point: mobile payments, the combination of payment cards and wireless technology that facilitates monetary transactions. Mobile payments can reduce transaction costs for buyers and sellers, and reduce the costs of circulating a cash supply – hence the growing popularity. However, this new payment technology presents many security challenges that must be addressed by merchants to keep customer data safe.
Wireless Security Series Part 2: Honeypot AP Basics
Author/Blog Contributor - AirMagnet Intrusion Detection Research Team
Date: October 17, 2012
Today, we're going to review honeypots. A honeypot AP is anything but sweet. Commonly known as an "evil twin," the attack's concept is simple: First, an attacker sets up a fake access point typically outside of the building. Most often, an attacker emulates a real access point on their laptop – the honeypot AP - for unsuspecting users using a supported wireless card. The honeypot AP spoofs the SSID of the corporate network's access point, and uses a high gain antenna to broadcast the spoofed SSID at a higher signal rate than the actual corporate access points. By doing this, the honeypot AP lures unsuspecting clients into connecting, compromising the security of the whole network.
Fluke Networks Celebrates Its Platinum Anniversary! 20 years of Network Insight and Innovation
Author/Blog Contributor - Milind Bhise
Date: October 12, 2012
Fluke Networks is proud to mark its 20th anniversary in network innovation. Today, we are a world-leading provider of network test and monitoring solutions, offering the industry's broadest range of network deployment, performance management, and security products. We're trusted by 98 of the Fortune 100 (in addition to agencies, enterprises and carriers in more than 50 countries) to solve today's toughest issues in business critical network deployment, management, and troubleshooting.
BICSI Goes Wireless? WLAN Observations from BICSI Anaheim 2012
Author/Blog Contributor - Karthik Krishnaswamy
Date: October 02, 2012
Last month, I attended the Building Industry Consulting Service International (BICSI) conference in Anaheim, CA. BICSI is a professional association that supports the information technology systems (ITS) industry. ITS covers the spectrum of data, electronic safety and security, project management, and audio and video technologies.
Wireless Security Series Part I: Deauthentication Attacks
Author/Blog Contributor - AirMagnet Intrusion Detection Research Team
Date: September 27, 2012
Welcome to the first post of the new AirWISE Wireless Security series. This series will explore some of the latest wireless security attacks, vulnerabilities, trends, prevention and solutions to keep your information and organization safe. Each post in this series will have an accompanying video featured at the end of the article. If you have an attack or wireless security concern you'd like us to dive into, tell us in a comment at the bottom of this post and we will try to address them in future posts.
Eliminate the Need for Ethernet Cabling in WIPS Sensor Deployments with New AirMagnet Enterprise SmartEdge Series 4 Sensors
Author/Blog Contributor - Jesse Frankel
Date: September 18, 2012
Wi-Fi is no longer an option for today's organizations. It's become what coffee is to the break room – employees and guests expect it to be available and strong. In a recent study, Infonetics reported WLAN growth recently hit $1-billion-per-quarter, again highlighting the massive growth of this market. Additionally, personal mobile devices on corporate networks (or BYOD) have changed the game for enterprise Wi-Fi. The BYOD phenomenon has exploded, fueling the need for Wi-Fi performance and security monitoring.
New AirMapper™ App for Android First to Visualize Wi-Fi Throughput Performance of Smart Devices on a Heat Map
Author/Blog Contributor - Dilip Advani
Date: August 29, 2012
As a wireless professional, you're likely seeing more and more smart devices coming onto the corporate wireless LAN (WLAN). As BYOD (Bring-Your-Own-Device) continues to flood the market, these smart devices now include personal and business-issued smartphones and tablets. Meeting the performance expectations associated with the users of these devices, as well as the business, is a growing challenge.
Locations, locations, locations. Fluke Networks' Mobile WLAN Tools First to Offer Real-Time Remote Wi-Fi Troubleshooting and Spectrum Analysis, Eliminating the Need for Costly Truck Rolls
Author/Blog Contributor - Karthik Krishnaswamy
Date: August 17, 2012
Let me guess: You are experiencing WLAN issues at a remote location, but you don't have adequate IT resources to send a technician to that location to troubleshoot the problem…yet you're still responsible for supporting that location. I thought that's what was on your mind! Unfortunately, this is a problem that a lot of organizations have, so you're not alone.
Is RF Interference Slowly Killing Your Wireless Network Performance?
Author/Blog Contributor - Karthik Krishnaswamy
Date: July 16, 2012
Do your network users complain about not seeing Access Points, spontaneous network disconnects, poor network and application performances, or an unsecured WLAN? If so, Radio Frequency (RF) interference could be the hidden offender.
Monitoring and Securing Wi-Fi Networks at the Airport
Author/Blog Contributor - Karthik Krishnaswamy
Date: June 06, 2012
Does the Wi-Fi network at your airport meet your performance standards? And, do you know if it's secure?
Last month I wrote a post about the challenges of deploying wireless networks at airports and how performing site surveys can help alleviate these challenges. But, once deployed, it's vital to ensure the ongoing performance and security of that network. To do that, it needs to be actively managed.
New Patch Release for AirMagnet Survey/Planner
Author/Blog Contributor - Dilip Advani
Date: May 16, 2012
Customers have been providing great feedback on AirMagnet Survey/Planner – the industry's most accurate solution for planning and designing 802.11 a/b/g/n wireless LANs. To encorporate feedback, we've released a new version of AirMagnet Survey/Planner (v8.2).
Fluke Networks Teams with Cisco to Help Small Businesses Better Plan Wi-Fi Networks
Author/Blog Contributor - Dilip Advani
Date: May 09, 2012
If you work for a small business or are a reseller serving small businesses then you're experiencing new challenges associated with the Bring-Your-Own-Device (BYOD) phenomenon -- check out the new AirMagnet Planner for Cisco Small Business. The solution helps businesses deploying and planning 802.11 a/b/g/n wireless networks better address emerging performance challenges associated with mobile devices. With most people now carrying an average of three wireless devices into the workplace, this is no longer just an enterprise problem.
Don't Keep Travelers Grounded With Poor Airport Wi-Fi
Author/Blog Contributor - Karthik Krishnaswamy
Date: May 07, 2012
Are you providing a world class Wi-Fi experience to travelers at your airport? According to the Boston Globe, The Massachusetts Port Authority Board recently indicated the number of passengers using its free wireless service at Logan International Airport jumped by 412 percent in 2010. In addition, more than 1.4 million sessions were logged on Boston's Logan International Airport's Wi-Fi network in 2010, compared with just over 349,300 in 2009. This is an example of explosive Wi-Fi usage at just one airport.
10 Important Metrics for Hotspot Performance Testing
Author/Blog Contributor - Dilip Advani
Date: April 27, 2012
Wi-Fi hotspots are, well, hot and have become a huge part of our current technological landscape (you may have read our previous blog on this topic). Customers expect hotspots to be as good or better than today's rapidly improving home Internet. Who hasn't heard of friends or colleagues that cater their trips - or the businesses they frequent (like coffee shops and restaurants) - specifically to a location with the best hotspot service?
The impacts of the BYOD phenomenon: Part 1
Author/Blog Contributor - Warren Blackwell
Date: March 27, 2012
In the last few weeks, it was reported that Apple's iOS and Google's Android Operating Systems suffer from vulnerabilities that allow apps to access data that the user has not given (explicit) permission for. In the case of iOS, The New York Times reports that when users give an app permission to access location data, they are (unwittingly) also giving permission to access the user's photo library. Perhaps worse, it was also reported that when Android users give consent for an app to access the Internet, they give permissions for the app to access the photo library. Both cases highlight the dangers associated with employees having company information on personal (the Bring-Your-Own-Device, BYOD phenomenon) and corporate mobile devices.
Wi-Fi Hotspots growing at 350% a year: New AirMagnet WiFi Analyzer 9.5 Simplifies Testing Connectivity, Supports Multimedia
Author/Blog Contributor - Karthik Krishnaswamy
Date: March 15, 2012
Wi-Fi Hotspots are hot. From coffee shops, to airports, to sport venues, to gas stations and Laundromats, they're springing up everywhere and are projected to grow 350 percent by 2015*. This incredible growth is being driven by two major factors. First, the "instant access anywhere" mentality of everyone today is flooding networks with the latest mobile gadgets, smartphones and tablets, as the Bring-Your-Own-Device (BYOD) phenomenon continues to dominate the market. This means more users, more devices and the need for more connectivity (and we all know users prefer Wi-Fi over an Ethernet cable).
AirMagnet Enterprise Version 10 Offers Industry's First Software Sensor Agent and Automated Health Check Capabilities
Author/Blog Contributor - Jesse Frankel
Date: March 01, 2012
With the explosive growth of Wi-Fi continuing in the enterprise space, the need to secure and monitor wireless networks is more important than ever. This is creating new cost pressures and focus on compliance requirements, for example with PCI and HIPAA. Deployment costs, including physical installation and cabling for a wireless intrusion detection and prevention system (WIPS/WIDS) can be greater than the acquisition costs for traditional sensor technology or AP-based WIPS. For organizations with many remote sites, that spend is magnified even further. All of this has resulted in organizations looking for innovative ways to meet their WLAN security monitoring requirements in the most cost effective fashion.
Are Non-WLAN Sources of Interference Crashing Your Network Performance Party?
Author/Blog Contributor - Karthik Krishnaswamy
Date: February 01, 2012
Wireless networks rely heavily on performance to ensure a functional environment that adds value for an organization. While Wi-Fi use continues to grow by more than 35 percent a year, unfortunately so do interference issues that can upset the performance balance and lead to loss of productivity and functionality of business critical applications and services. This not only decreases employee productivity, but also eats up troubleshooting time for IT staff. New devices and products using radio signals (RF) at offices and campuses – such as microwaves, Bluetooth, x-rays, wireless game controllers, baby monitors, motion detectors, cordless phones and more – wreak havoc on a network's performance and can send WLAN engineers scrambling for solutions.
New AirMagnet Enterprise Threat Signatures Released to Protect Against WLAN Vulnerabilities
Author/Blog Contributor - Jesse Frankel
Date: January 24, 2012
Today the AirMagnet team announced that we've released a new batch of signature updates for AirMagnet Enterprise 9.0. The release includes a signature for the recently discovered Wi-Fi Protected Setup (WPS) PIN Brute Force attack, as well as DNS and ICMP tunnel traffic detection, and 802.11 fuzzing attacks.
Fluke Networks WLAN Planning Technology to Power New Tool for D-Link
Author/Blog Contributor - Dilip Advani
Date: January 18, 2012
The team at Fluke Networks is expanding the usability and reach of AirMagnet Planner by working with D-Link to create a new tool for wireless professionals called the D-Link Wi-Fi Planner, Powered By AirMagnet®.
Introducing our new Preferred VAR Program
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: January 09, 2012
For all of those wireless professionals working within the VAR community: Fluke Networks today introduced a new Preferred Value Added Reseller (VAR) program designed to provide partners with complete end-to-end solutions for their customers in the areas of network and application performance management, as well as wireless LAN (WLAN) security and network monitoring.
Redefining Interference Identification and Classification on a WLAN
Author/Blog Contributor - Karthik Krishnaswamy
Date: December 12, 2011
Today the majority of businesses utilize wireless networks for connectivity and critical business applications. Because of this, wireless engineers and technicians are tasked with ensuring these networks perform at peak levels. However, one of the challenges they constantly face is detecting non-WLAN sources of interference.
Influx of student Wi-Fi devices makes securing and monitoring school WLANs more important than ever
Author/Blog Contributor - Jesse Frankel
Date: December 7, 2011
The BYOD (Bring Your Own Device) phenomenon is not only present in the enterprise environment, it's running rampant across most verticals, including healthcare, retail, manufacturing and, in particular, education. Between faculty and staff bringing in personal Wi-Fi devices and students with all of the latest gadgets and smart phones, there is a real potential for security and performance issues on the wireless LAN. As these trends proliferate, IT staff needs to have complete visibility into these networks and the ability to determine if devices are friend or foe.
AirMagnet Enterprise, the only solution that enables compliance with PCI Wireless guidelines 2.0
Author/Blog Contributor - Bruce Hubbert
Date: November 15, 2011
A large number of organizations today are buying into the idea that a single vendor (Cisco, Aruba, Juniper, etc.) WLAN solution can cover all their needs with regard to PCI compliance. This is a very alluring message to the CIO who is making budgetary decisions and would prefer to limit the cost and variables in implementing a compliance solution. However, this is a false assumption, which may jeopardize an organization's PCI compliance, but if you ask any good Information Security Engineer they'd tell you the same thing – "Limit your exposure and risk through a best-of-breed, layered security model." Or, in other words, use targeted layers of products from different vendors and processes developed in-house to best protect your organization.
Is Your Wireless Network Protected? AirMagnet Enterprise Releases New Wireless Threat Signatures
Author/Blog Contributor - Jesse Frankel
Date: November 08, 2011
With Halloween behind us, wireless engineers are back dealing with the scary realities of today's wireless threats and vulnerabilities. But, if you're a Fluke Networks' customer running the AirMagnet Enterprise 9.0 Wireless Intrusion and Prevention System (WIPS), never fear because you're more prepared than ever to defend your WLAN thanks to the release of new threat signatures.
Restricting your guest access WLAN will only bring you more pain...
Author/Blog Contributor - Jennifer Huber
Date: October 12, 2011
We are quickly approaching the days when 'Free Wi-Fi' is considered as omnipresent as the parking spaces at the shopping center. People have come to expect free open Wi-Fi connections to be available at every large gathering place for people. Stadiums, shopping malls, coffee shops, hotels, hospitals - they all tend to offer a guest Wi-Fi connection. Not all enterprise locations open the pipe to anything and everything that the Internet has to offer. Some lock down the guest network connection by using Web Sense or Blue Coat web filtering. Others throttle down the bandwidth, taking the guest users back to the days of dial up modems.
Site Surveys for Design and Verification: Real-world Tips
Author/Blog Contributor - Dilip Advani
Date: October 10, 2011
Earlier this month, we presented a webinar with Jim Geier, Principal Consultant of Wireless-Nets, Ltd., on site surveys for design and verification. During his presentation, Jim walked through wireless site survey techniques and requirements and provided some great tips for use in the field. I've summarized a few of the points that were touched on during the webinar below. However, he gets into a lot of great technical detail, so, if you'd like to learn more and view the webinar in its entirety, you can download an archived copy of the webcast.
With the Adoption of High-Bandwidth Wireless Applications Comes a Continued Need for Wi-Fi Planning, Managing and Troubleshooting Tools
Author/Blog Contributor - Dilip Advani
Date: September 20, 2011
The team at AirMagnet is happy to announce new versions of AirMagnet WiFi Analyzer PRO 9.1 and AirMagnet Survey PRO 8.2. Both products provide expanded adapter support (for the latest laptop technology) that allows users to deploy, monitor and troubleshoot Wi-Fi devices that employ three spatial streams and deliver performance at data rates up to 450 Mbps (more product upgrade info below).
AirMagnet Mobile Tools on Windows 8…Unofficially!
Author/Blog Contributor - Dilip Advani
Date: September 19, 2011
With all of the hype around the launch of Windows 8, the AirMagnet QA team couldn't resist the urge to quickly test our AirMagnet Mobile tools running on the Windows Developer Preview 64-bit version of the OS. And Voila!!!! It works!!!
Upcoming Wireless Webinar: Call Foul on WLAN Interference
Author/Blog Contributor - Jesse Frankel
Date: August 29, 2011
Come join us this Wednesday (8/31) to hear Rick Murphy, the wireless curriculum director of Wireless Training & Solutions, a member of the IEEE Standards Associations and a founding member of the CWNE roundtable, present a webinar "Call Foul on WLAN Interference."
Feedback from Defcon/BlackHat Security Conferences 2011
Author/Blog Contributor - Bruce Hubbert
Date: August 09, 2011
The scene in Las Vegas last week on the wireless security front was quiet and reserved. There was a veritable dearth of WLAN issues to report on at either BlackHat or Defcon. Sure there was the Wi-Fi hacking UAV and Vivek Ramachandran's normal Wi-Fi security and hacking class, also the wireless water meter 900mhz hack and 1 or 2 new WEP attacks (like WEP needs any more attacks against it, isn't complete penetration in under 5 minutes fast enough?) but nothing really new and interesting. Most of the talks were about making your PSKs long and secure to shield you from, "Sniff now, Crack Later" (using Rainbow Tables found here and here) and talks reminding everyone to monitor their WPA2-EAP implementations against Honeypot Radius WPE (the WPE is not a typo, it stands for, "Wireless Pwnage Edition" and info may be found here and here). This last one is an old vulnerability but many people still have not been keeping an eye on it especially if your organization uses server certificates only in their EAP implementation.
It's 802.11 day!!!! Make it count!
Author/Blog Contributor - Bruce Hubbert
Date: August 02, 2011
Today is 802.11 day, August 8th 2011 or 8/02/11. As a friend of mine noted in Google+, Hallmark probably does not make a card for that. In honor of this auspicious day I think now is a great time to reflect on this amazing technology that we use every day and almost take for granted.
New Dynamic Threat Update Available for Aruba Cross-site Scripting Vulnerability
Author/Blog Contributor - Jesse Frankel
Date: August 01, 2011
Recently Aruba Networks issued an advisory on a Cross Site Scripting vulnerability in their ArubaOS and AirWave web management interfaces. A malicious user could plant a physical or soft AP anywhere near the WLAN and broadcast a specific SSID that contains Cross-site scripting content. Once the Aruba system records that malicious SSID and an unsuspecting admin runs a report and clicks on the link that contains the malicious SSID, it is possible to create a Cross-site scripting condition. A Cross-site scripting condition is where a user injects the client side script into the browser. In the Aruba case, it's the Access Point that is injecting the client side script. This could potentially execute commands on the systems with admin credentials.
Don't Miss the Next Wireless Security Webinar - Road Kill: How to Protect and Defend yourself from Wireless Clients
Author/Blog Contributor - Jesse Frankel & Lisa Phifer
Date: July 25, 2011
This week, Lisa Phifer and I will be talking about the hot topic of wireless client devices - how to protect your corporate network, how to protect those devices when they are away from the office and more.
Best Practices for Performing VoWLAN Surveys
Author/Blog Contributor - Bruce Hubbert
Date: June 30, 2011
Voice over WLAN has been growing in use over the past years, not only in the enterprise, but also in a number of different vertical industries. In the enterprise, VoWLAN is a convergence of two proven technologies, Wi-Fi and VoIP, and supports the overall shift to an IP infrastructure for voice. In healthcare, there is a heavy reliance on mobile users (physicians, nurses), and voice is increasingly becoming the critical application that drives Wi-Fi deployments. Retail and manufacturing settings both historically suffer from spotty cellular coverage and VoWLAN can be used to communicate with on-the-floor employees, and it can act as an extension to a company's larger telephone infrastructure. There is also marked growth in VoWLAN use in the hospitality industry, both for employees and guests.
Great Information Shared in the Latest Network World Wi-Fi Challenge Podcast
Author/Blog Contributor - Jesse Frankel
Date: June 22, 2011
I recently had the pleasure of recording a podcast for the Network World Wi-Fi Challenge with analysts Robin Layland and Joanie Wexler, as well as Manju Mahishi, director of wireless product strategy at Motorola Solutions. During the session, we covered a wide variety of WLAN topics, from best practices for reliability to dealing with latency, client devices and more.
Don't Miss This Upcoming Wireless Security Webinar - ABCs of Wireless Exploits and Vulnerabilities
Author/Blog Contributor - Chris Roeckl
Date: June 15, 2011
We're really excited about an upcoming webinar with Lisa Phifer happening next week. Don't miss out on this great topic, and your chance to ask direct questions to the wireless experts!
The impact of smartphones and tablets on enterprise wireless networks
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: May 24, 2011
Smart devices (smartphones, tablets, etc.) are proliferating and entering the enterprise work place at a staggering rate. According to a Barclays Capital CIO Survey 2011, the adoption medium is already very high for tablets, with 32+% of organizations already supporting their use, and 35+% currently testing or in trials. The functional differences between conventional PCs and smart devices, like tablets, is getting smaller too. Data suggests that these devices will replace 45% of notebooks and 12% of desktop PCs. Because of these smart devices advances, the wireless LAN (WLAN) rose to become the #1 priority for enterprise networking in 2011 (from #2 in 2010).
A Closer Look at RF Interference and Spectrum Analysis - Part 3
Author/Blog Contributor - Jesse Frankel, AirMagnet Product Marketing Manager at Fluke Networks
Date: May 10, 2011
So far, we've taken a deep dive into basic RF interference and spectrum analysis definitions, decision drivers, deployment models and technical comparisons. With this final post in the series we will examine the technical and deployment trends we see in the field.
A Closer Look at RF Interference and Spectrum Analysis - Part 2
Author/Blog Contributor - Jesse Frankel, AirMagnet Product Marketing Manager at Fluke Networks
Date: April 28, 2011
Now that we've established the basics of RFI and spectrum analysis in an early post, let's take a look at the typical deployment models for spectrum analysis-enabled sensors, and what an enterprise should consider when choosing an SA monitoring system.
The Value of Dynamic Wireless Threat Detection - A Primer
Author/Blog Contributor - Lisa Phifer, Core Competence
Date: April 21, 2011
Enterprise wireless LANs have matured into critical network infrastructure, vital to every-day operation. As a result, effective wireless threat detection and prevention have become indispensible.
AirMagnet Survey and Planner Integrate with Cisco WCS to Streamline Wireless Network Planning and Management
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: April 12, 2011
Exciting news for all of our Cisco customers. Today we're announcing that AirMagnet Survey and AirMagnet Planner now integrate with the Cisco Wireless Control System (WCS). This integration dramatically increases operational efficiencies for both AirMagnet and Cisco WCS customers by eliminating the need to repeat wireless planning and site survey tasks commonly associated with deployment and ongoing management of a WLAN network.
A Closer Look at RF Interference and Spectrum Analysis - Part 1
Author/Blog Contributor - Jesse Frankel, AirMagnet Product Marketing Manager at Fluke Networks
Date: March 31, 2011
Over the next few weeks, we're going to take a closer look at something that has become a common pain point for wireless LANs in the enterprise - RF interference. As we look at this issue, we will also be taking a crash course in spectrum analysis.
Identifying WLAN Interference Issues 101
Author/Blog Contributor - Dilip Advani, Product Marketing Manager at AirMagnet
Date: March 22, 2011
Performance is key when deploying a business-critical WLAN. However, with technology evolving so fast in the workplace, keeping a WLAN operating at a high level can be extremely challenging. Whether it's network connection issues, bad download/upload speeds, poor application performance or mobility issues, identifying sources of WLAN interference is vital to success.
Do Wireless Intrusion Detection Solutions need Dynamic Signature Updates like their Wired Counterpart?
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: February 24, 2011
Within the wire line security industry, most network intrusion detection and anti-virus protection systems separate their detectionsignatures (or rules) from the engine that executes the signatures and rules. These signatures are usually updated periodically to catch new attacks, while the engine remains unchanged. Although signatures are updated less frequently, when a new outbreak or vulnerability does occur or is identified, updating in a timely fashion is crucially important for security. These signatures are often thought of as the intellectual property and crown jewels of a solution provider, and significantly differentiate one detection system from another.
New WiFi Freakquency Podcast with Dave Molta
Date: January 31, 2011
There's a great new WiFi Freakquency podcast in the AirWISE Community library! The new post focuses on wireless education and gets perspective from Dave Molta, Professor of Practice at Syracuse University's School of Information Studies, and former editor of Network Computing. Tune in and hear Dave talk about his testing lab, current wireless developments, and some current work with students.
Still Not Sure Of The Best WIPS Approach? A Few More Points to Consider
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: January 24, 2011
While a self-tuning, self-defending, self-configuring wireless network sounds like a fantastic thing to have, the reality of wireless network infrastructure is not quite that simple. There are some things your wireless network already does very well, but there are many areas where it falls short, and those are the areas hackers love to exploit. It's difficult to argue with the idea that some problems are just too hard for a self-defending, self-healing network to handle on its own. In this blog post, we will take another look at overlay vs. integrated WIPS approaches and shed light on what to evaluate when making the choice for your organization.
New AirMagnet Spectrum XT Allows Custom Signatures For WLAN RF Interference Issues
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: December 07, 2010
Calling all wireless professionals! AirMagnet is releasing the latest version of the industry's first USB-based professional spectrum analyzer solution, AirMagnet Spectrum XT 2.0.1. What's new?
AirMagnet WiFi Analyzer PRO and AirMagnet Survey PRO Garner Product Review Praises
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: December 03, 2010
The new versions of AirMagnet Analyzer PRO and Survey PRO, which were released last month, have been reviewed by some of our favorite technology outlets, including CWNP, Network World and eWeek. Read on below for a comprehensive summary of the reviews.
Don't get burned by dual function rogue APs
Author/Blog Contributor - Greg Rayburn, AirMagnet Wireless Security Expert
Date: November 17, 2010
By now, most in the wireless security space understand the threat posed by rogue APs (any access point connected to a wired network without consent of the IT department). The situation is all to familiar — an employee brings in their AP from home and plugs it into the corporate network, or a hacker places an AP somewhere in the building and tries to connect internally to the network. It's probably the biggest security risk facing most networked companies today (but obviously not the only risk).
Protecting the wireless network from zero-day attacks: Choosing a WIPS solution
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: November 08, 2010
We all know the use of wireless is rapidly expanding, for both personal and business purposes, and Wi-Fi enabled devices are proliferating throughout enterprise networks. What you might not know is that the growing number of corporate client devices in use are prime targets for attackers to gain entry onto corporate networks and potentially access sensitive information and data. Hackers are growing more sophisticated each day, combining various attack techniques and developing new hacking tools to evade traditional security measures. When the rest of us have gone home for the night, hackers are just getting started, and, unfortunately, they never quit. New exploits are discovered all the time, as hackers get smarter and discover new ways to capitalize on vulnerabilities. Even small vulnerabilities (like SkyJack) can have a big impact on networks - and with each new technology (such as 11n) come new attacks.
New multi-adapter solution sets new standard for WLAN design and troubleshooting
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: November 02, 2010
Some quick shameless promotion. Our entire team is very excited today to be launching two new product versions - AirMagnet Survey PRO 8.0 (including the AirMagnet Planner module) and AirMagnet WiFi Analyzer PRO 9.0. Both products now include our new multi-adapter solution, which delivers dramatic enhancements to the WLAN designing and troubleshooting process by going beyond just collecting greater amounts of data, to integrating that data into features that help speed the performance and accuracy of site surveys, and deliver the industry's most in-depth client roaming analysis to ensure wireless continuity.
AirMagnet on Mobile Security Panel at Interop New York
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: October 15, 2010
Jesse Frankel, senior product manager at AirMagnet, will participate in the upcoming Interop New York panel, "Mobile Security: New Challenges, Practical Solutions." The panel will take place Thursday, October 21, 2010, 3:15 - 4:15 p.m. EDT, at Interop New York, Javits Convention Center, New York, NY.
Wireless Threat Triage and Response: Part 3, Response
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: September 28, 2010
Over the past few weeks, we've been evaluating the three basic factors used to triage wireless threats. But what happens when you've fully evaluated a threat? Prioritized it and properly escalated it? It's time for a response.
Wireless Threat Triage and Response: Part 2, Impact and Correlation
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: September 24, 2010
Welcome to part two of a three part series on wireless threat triage and response. In the last post, we discussed the first of three key factors in evaluating wireless threats: severity. Today, we'll look at two more elements - who the threat will affect and correlation.
AirMagnet Enterprise Named Winner of 2010 Tomorrow's Technology Today Award
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: September 23, 2010
Our team always likes winning awards, so we're happy to report:
Info Security Products Guide, the industry's leading information security research and advisory guide, has named AirMagnet Enterprise a winner of the 2010 Tomorrow's Technology Today Award. This award recognizes security vendors with advanced, ground-breaking technologies and solutions that are helping set the bar higher for others in all areas of information security.
Wireless Threat Triage and Response: Part 1, Evaluate the Threat
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: September 16, 2010
Understanding how to evaluate and prioritize wireless LAN security threats and performance issues, and elicit quick responses without overburdening IT staff, can be a tricky balancing act. Which threats are most important and should be attended to first? When is it okay to put off addressing a threat? Just like a triage nurse quickly evaluate ER patients andchoose who receives attention first, IT managers can also use proven techniques to easily choose which wireless threats are most important and which can sit in the "waiting room" for a bit.
Quick Tips for Remotely Troubleshooting a WLAN
Author/Blog Contributor - Dilip Advani, Product Manager at AirMagnet
Date: August 31, 2010
Wireless is fast becoming the default access method for end-users on a corporate network. The reason: easy of use, user satisfaction and productivity gains. But, these advantages quickly evaporate when the wireless network has problems with connectivity and performance. Perhaps this is due to a lack of access points or equipment interference - the list of problems affecting the WLAN can be long and sometimes complicated.
Please vote for AirMagnet Enterprise
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: August 27, 2010
AirMagnet Enterprise was named a Finalist in the Computing Security Awards. Now it's time to vote for the winners.
Hole196: To Worry or Not to Worry?
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: August 17, 2010
Hole196, a vulnerability in the WPA2 security protocol, has been a topic of debate in the wireless security industry since its discovery was announced a few weeks back. Everyone's got an opinion on this one - is it legitimately dangerous or much ado about nothing?
The Unique Challenges of Keeping WLANs Secure in Manufacturing Facilities
Author/Blog Contributor - Jesse Frankel, Wireless Intrusion Research Team
Date: August 02, 2010
Wireless LANs have been used in manufacturing environments for some time now, as industry-specific mobile application devices can greatly increase productivity and efficiencies for these businesses. However, these facilities face a unique challenge because they often use a wide variety and number of mobile devices. They also frequently use a large number of older, sometimes outdated, devices on a day-to-day basis throughout their network and work environment. Unfortunately, many of these devices have either very limited or no network security capabilities at all, creating constant headaches for the wireless network manager.
Defining the primary architectural approaches for today's WIPS solutions
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: July 22, 2010
Today I'd like to review the different architectural approaches for deploying WIPS solutions. As we move ahead, the debate over which approach is best for what situation will likely intensify and is thus a great topic for discussion. WIPS solutions come in three basic architecture types; they are all fundamentally very different, with a variety of pros and cons.
New AirMagnet Product: AirMedic USB
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: July 20, 2010
We all know that Wi-Fi troubleshooting can be a complex and time-consuming task. One of our jobs at AirMagnet is to design tools that make Wi-Fi troubleshooting easier! Most in the wireless world understand that visibility of the Wi-Fi spectrum and clear issue diagnosis is a fundamental element for operating a reliable WLAN, no matter how large or small your business is. Traditionally, tools have either targeted the expert with all the bells and whistles (and cost), or been single function freeware tools for the hobbyist, unable to solve read-world issues.
TMC Announces 2009 Communications Solutions Product of the Year Awards
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: July 09, 2010
In the shameless self-promotion department, AirMagnet has won the Communications Solutions Product of the Year Award, for integration around AirMagnet Survey PRO and AirMagnet VoFi PRO. The award acknowledges the most innovative products that facilitate voice, data and video communications, or combinations of them, according to TMCnet. "With hundreds of applications this year, judging the products and services was difficult. However, the selected winners have demonstrated a commitment to quality and excellence for the development of the communications industry," said Erik Linask, TMC's Group Editorial Director.
Recognizing and Combating Wireless Client Threats
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: July 06, 2010
Wi-Fi is not only critical to business, but is now a dominant and increasingly pervasive means of communicating in the office, in the home and on the road. Client devices, countless in number, go everywhere, connecting in all types of environments. Because of their dynamic nature, they are vulnerable, even when deployed with the strongest available security standards. Enterprises understand that they must secure the boundary between the inside and outside world. But, what they must recognize is that Wi-Fi increasingly acts as a connection point - or bridge - between that trusted inside network, users and data, and that outside world. And this bridge is literally in the air around us.
It's all about community — the AirWISE Community!
Author/Blog Contributor - Chris Roeckl, vice president of marketing at AirMagnet
Date: June 29, 2010
Over the years, AirWISE has become synonymous with expert WLAN advice relating to security and performance. And today, the AirMagnet team is happy to announce that we've launched a new AirWISE Community, an online resource center designed to foster education, collaboration and contribution around WLAN security and reliability topics, including current threats and new vulnerabilities/exploits, and intrusion prevention and security best practices.
Compliance for Compliance Sake?
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: May 17, 2010
When it comes to network security and privacy, there's no shortage of regulatory compliance, including PCI-DSS, HIPAA, Sarbanes-Oxley, GLBA, FISMA, and more. Although compliance guidelines are laid out differently for each industry, they're essentially the same when it comes to requiring stringent discipline around wireless LAN security. These compliance rules and regulations help raise awareness for wireless security and require significant action on the part of organizations in order to be compliant.
Great Googly Moogly
Author/Blog Contributor - Chris Roeckl, VP Marketing at AirMagnet
Date: May 12, 2010
Google reportedly has plans to sniff out the world's WLANs in order to put them on a map and make them easier to find for consumers.
The report from Germany, and reported on newfactor.com (http://www.newsfactor.com/news/You-Can-t-Hide-WLANs-from-Google/story.xhtml?story_id=0230029FFNG7&full_skip=1), has consumer advocate groups up in arms and encourages the need to secure WLANs using WPA2. The article falters (and gives poor advice) when it goes on to say that hidden SSIDs will do the trick for amateur security - but we all know how truly lame that is, right?
AirMagnet's Director of Product Management Talks WIDS/WIPS with Wireless LAN Professional
Date: May 06, 2010
AirMagnet's Wade Williamson talks about Wireless Intrusion Detection and Prevention Systems with Wireless LAN Professional host, Keith Parsons. Wade shares answers to questions garnered from a recent Network World Q&A on WIDS, and about the general importance of WLAN security. (For the second half of the show, hear Jeff Keenan, a reseller dedicated to the Wireless space, answers some of the most popular FAQs he has seen from his clients.)
Register for the latest AirMagnet Webinar — "A Practical Guide to Meeting the PCI Wireless Guidelines"
Date: May 03, 2010
Join AirMagnet PCI expert Skip Bayro, and a representative from one of our Nation's leading hospitality companies, Bobby Cox Inc., as they explore the most recent PCI guidelines and practical methods for maintaining compliance, this Thursday, May 6, 2010, 11:00 a.m. PST, 2:00 p.m. EST.
Wi-Fi Troubles for the iPad?
Author/Blog Contributor - Wade Williamson, Director of Product Management at AirMagnet
Date: April 13, 2010
Last week, Apple rolled out its latest game-changing device, the iPad, to the sort of excitement and media frenzy that our culture usually reserves for hero pilots, astronauts and philandering golfers. However, as with any new product, there have been reports of a few rough edges, and one of the main sources of user complaints has centered on the iPad's Wi-Fi connectivity.
WLAN's Future
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: April 01, 2010
We recently participated in a Thought Leadership Summit on Webtorials with other WLAN vendors. Wade Williamson, our director of product management, did a great job summarizing (as did our competitors) upcoming advancements in WIPS as related to threats, and I wanted to take a moment to quickly recap some of his comments and expand on some thoughts in other areas of security and performance, as it pertains to the future of WLAN.
The (Other) Important Research Note from Gartner
Author/Blog Contributor - Chris Roeckl, VP Marketing at AirMagnet
Date: March 12, 2010
Gartner Magic Quadrants regularly grab all the attention when they're issued. In our little corner of the world the latest one got issued last month and led to a predictable stream of press releases from the WLAN infrastructure vendors, each crowing about their placement in the quadrant: "I'm a leader," "I'm a visionary"... yup we've all been spammed with these releases over the last few weeks.
Window 7 Virtual AP - Not at all a "new" threat!
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: March 04, 2010
The growing popularity of Wi-Fi is driving wireless applications and connectivity for consumers. But, is it doing it at the cost of enterprise WLAN security? For as long as access points (APs) have been available via the local electronic stores, enterprise security has been battling the rogue AP threat (or unauthorized APs connected to enterprise wired networks). Recently, the world of rogue APs got a little trickier with the introduction of the virtual AP feature by Microsoft in the new Windows 7 operating system. This virtual AP feature allows a Windows 7 PC to act as an AP for other wireless clients looking to share Internet access. This feature also allows the user to leverage the virtual AP to create a Personal Area Network (PAN) where he/she can connect personal devices, such as a wireless printer and/or multi-media equipment. If a virtual AP is connected to the enterprise network via wire or wireless, it is a rogue AP capable of compromising the network security of an enterprise.