AirMagnet Enterprise

The most comprehensive 24x7 wireless intrusion detection system (WIDS) / wireless intrusion prevention system (WIPS) WiFi Network and Cellular security solution.

AirMagnet Enterprise is a full-time wireless intrusion prevention system (WIPS), wireless intrusion detection system (WIDS) and wireless network (WLAN) security monitoring system that provides dedicated monitoring of the airspace to enable the security, performance and compliance of WLANs. AirMagnet Enterprise is used by organizations for the most complete WIPS and WIDS, remote network troubleshooting, enforcing no-wireless zones, and proving compliance.

Overview

AirMagnet Enterprise - Complete Cellular and Wireless Network Security

AirMagnet Enterprise protects against every wireless network (WLAN) security threat by combining the industry's most thorough wireless intrusion detection system (WIDS) and wireless network security monitoring with leading research, analysis and security threat remediation.

Full Network Visibility

AirMagnet Enterprise scans all possible 802.11 wireless channels (including the 200 extended channels), and cellular spectrum channels ensuring there are no blind spots where rogue or interfering devices may be hiding.

AirMagnet Enterprise goes beyond WiFi network analysis with optional WiFi and cellular spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras and cell phones.

Industry Leading Wireless Intrusion Prevention System (WIPS) and Wireless Intrusion Detection System (WIDS)

The AirMagnet Intrusion Research Team constantly investigates the latest hacking techniques, trends and potential wireless network security vulnerabilities to keep organizations ahead of evolving wireless network security threats.

Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures.

As soon as any new wireless network security threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the organizations.

Provides significant security protection over existing AP infrastructure

Security is not the APs primary focus, thus APs typically miss many security threats. AirMagnet Enterprise dedicated Wireless Intrusion Detection System and Wireless Intrusion Prevention System (WIDS/WIPS) solution provides peace of mind and assurance that your critical wireless network is protected full time, not part of the time like with APs.

Find Outages and Emerging Problems Before Users are Affected

AirMagnet Enterprise Automated Health Check (AHC) technology actively tests and verifies complete wireless LAN connectivity from the wireless link all the way through to application servers or the Internet, automatically detecting critical outages or network degradation while pinpointing the exact source of trouble. Sensors running AHC tests provide a true client perspective to:

 

Features


BYOD Classification

The industry's first over-the-air smart device detection and classification provides unprecedented level of visibility and gives IT professionals the ability to optimize the wireless networks for BYOD. This information enables an engineer to quickly troubleshoot and remediate any wireless network security or performance issues caused by these devices.


Software Sensor Agent (SSA)

The industry's first software-based sensor which runs on Windows PCs delivers basic wireless network security monitoring at a very low cost structure and enables true client based performance measurement. This new flexibility to combine SSA-based sensors with hardware sensors allows users to build the wireless network security monitoring solution which is best optimized for their requirements and budget.


Automated Health Check (AHC)

Automated Health Check provides the fastest and most accurate way to detect and pinpoint the cause of problems which impact the productivity of WLAN users. Software or hardware sensors actively probe the wireless network from the wireless user's perspective, to verify connectivity across the wireless link to critical network resources. AHC reduces the costs associated with user productivity loss and troubleshooting process caused by complex wireless problems. Supports Captive Portal verification to ensure performance and security of Guest network.


24x7 Cellular Spectrum Security

Activity by cellular devices like cell phones and jammers is tracked and reported. Cellular security events such as Mobile cellular events, Cellular interference events, and Base station cellular events are monitored and reported on. Associate carrier information with cellular event. Triangulate and locate non-compliant cellular event on floor plan for quick remediation.


24x7 Wireless Intrusion Detection and Prevention

AirMagnet Enterprise scans all possible 802.11 wireless network channels (including the 200 extended channels), ensuring there are no blind spots where rogue devices may be hiding. AirMagnet Enterprise goes beyond Wi-Fi analysis with optional spectrum analysis that detects and classifies RF jamming attacks, Bluetooth devices and many other non-802.11 transmitter types, such as unapproved wireless cameras.

The AirWISE engine constantly analyzes all wireless devices and traffic using a combination of frame inspection, stateful pattern analysis, statistical modeling, RF analysis and anomaly detection, enabling detection of hundreds of specific threats, attacks and vulnerabilities such as rogue devices, spoofed devices, DoS attacks, man-in-the-middle attacks, evil twins, as well as the most recent hacking tools and techniques such as MDK3, Karmetasploit and 802.11n DoS attacks.


Dynamic Threat Protection Technology

Dynamic Threat Update technology speeds the creation, automation and immediate deployment of new security threat signatures through the AirMagnet AirWISE® engine. As soon as any new threat definition is ready, it can be deployed with no impact to system operation, providing a unique framework for maintaining the most up-to-date wireless network security posture for the enterprise. DTU signatures are separate from the firmware image to allow quick response to new threats. DTU signature updates are seamless with no downtime to ensure you are protected against latest security threats.


Threat Tracing, Blocking & Mapping

Threat Tracing, Blocking & Mapping All devices are traced using a suite of wired and wireless tracing methods to quickly and reliably determine if a device is connected to the wired network. The system uses a newly enhanced set of sophisticated techniques, including use of SNMP, automated switch discovery, and hardware and traffic analysis, to ensure accurate, fast tracing in any network topology.

Threats can be manually or automatically remediated with a combination of both wired and wireless security threat suppression. Wireless blocking targets a threat at the source and specifically blocks the targeted wireless device from making any wireless connections. Wired blocking automatically closes the wired switch port where a threat has been traced.

All security threats and devices can be located on a map or floorplan and set to trigger rogue alarms based on the device's location.


Massive Scalability & System Resiliency

AirMagnet Enterprise offers the only WIPS and WIDS solution in the industry to meet the established standards of a mission critical security application. It is the only WIPS and WIDS solution to build fault-tolerance into each component, with fail-over boot images in every sensor and automatic server fail-over licenses that come standard with the system. Additionally, AirMagnet Enterprise sensors can operate as fully independent WIDS/WIPS nodes detecting and remediating threats without losing information, even if the network connection to the server is lost for days.

With intelligent sensors that locally analyze Wi-Fi and RF conditions, more than 1,000 sensors can be supported through single centralized server in the data center, requiring minimal network bandwidth.

Processing at the sensor level means that each sensor continues to enforce the security policy even if connection to the server is lost for more than 24 hours. Hot standby server software (included) enables fully redundant data center operations for maximum wireless security protection.


Event Forensics

AirMagnet Enterprise can capture a complete packet or RF forensic record of any network event, allowing appropriate staff to investigate the issue in depth, at any time. By leveraging its unique intelligent sensors, AirMagnet Enterprise provides the only WIPS and WIDS solution in the industry to automatically capture forensic information from before, during and after the event.


Performance Monitoring and Remote Troubleshooting

In addition to rich WIPS and WIDS features, AirMagnet Enterprise constantly monitors the health of the wireless LAN and RF environment to proactively detect evolving problems that can lead to an interruption to the network. The wireless network security system detects these issues, gives engineers topical remediation advise and includes active remote tools to troubleshoot the issue. This allows staff to avoid network downtime and vastly reduce the time-to-fix for any outage, leading to more uptime, improved user satisfaction and a higher performing network.


Integrated 802.11n and Spectrum Intelligence

The AirMagnet Enterprise system can monitor the RF Spectrum and 802.11n traffic. AirMagnet Enterprise performs a complete interference analysis of the air. This includes co-channel interference from Wi-Fi devices, as well as optional spectrum analysis of non-Wi-Fi devices, such as microwave ovens, cordless phones or legacy wireless equipment.

AirMagnet Enterprise goes beyond simple 802.11n support to provide managers with hands-on 802.11n optimization tools and intelligence focused on real-world performance and network throughput. Tools include live diagnostics of any 802.11n connection that automatically highlights and explains how performance can be improved.


Automated Business and Regulatory Compliance Reporting

AirMagnet Enterprise provides automated compliance reporting for all major network regulations including PCI, HIPAA, Sarbanes-Oxley, GLBA and more. Reports provide instant visibility into issues that may need to be addressed for compliance and exactly what needs to be fixed. Reports can be scheduled to run and delivered automatically, ensuring a complete library of regulatory reports in the case of an audit.


802.11ac Detection, Rogue Device Blocking, and Location

AirMagnet Enterprise v10.9 provides 802.11ac analysis capabilities utilizing existing SmartEdge Series4 sensors to provide:

  • Detection and location of 802.11ac Access Points (AP) and Stations (STA)
  • Blocking of rogue 802.11ac devices
  • Wireless and wire-side tracing of 802.11ac rogue devices
  • User Wi-Fi Remote UI to view 802.11ac frames.
  • When using the Decodes feature of the Remote Wi-Fi Analyzer, provides frame-level visibility into
    - AP: Beacon, Probe Response, STA Probe Request, Policy Management of 802.11ac - create policies around 802.11ac management
  • View 802.11ac devices in AME Reports
  • Remote Spectrum Analyzer support for all 802.11ac channels