AirMagnet Distributed System
May 05, 2004
- Ease of Use:
- Value for Money:
- Overall Rating:
Collects a great deal of information that is analyzed at the source, thereby minimizing the amount of data sent over the network.
There is potential to make the set-up process more intuitive, but the documentation does a good job of guiding users through the steps.
A well-designed offering. Firms should look at version 4.0 (available as a free upgrade), which came out while we were testing, because it addresses the shortcomings of 3.1 (Build no 1003).
The sensors detect unauthorized wireless connections, enforce policy, monitor network performance, and incorporate signature-based intrusion detection mechanisms.
The sensors, which can analyze 802.11a/b/g traffic, can be hardware and software implementations for Windows and Linux. We reviewed the hardware version, which analyzes at the capture point, minimizing traffic across the WLAN.
We had to follow three installation procedures during the setup. We first installed the management server from the CD in a central point on the network, after which the server runs in the background on the host computer and is accessible via a standard web browser over a secure https connection.
One should pre-configure the sensors so they can be deployed in a plug-and-play state. We connected a computer directly to the sensor with an RJ45 Ethernet crossover cable then accessed the configuration interface using a web browser. During configuration, we identified the server using a secret shared key or password and set the sensor name and IP address, before deploying the sensor. The final part of the installation procedure is the management console. This can be installed on any network-accessible machine by connecting to the server and downloading the console installation image. The console can then be launched and accessed using the logon and password chosen.
The sensors report security alerts and performance information to the management server which runs a SQL database. The database is accessed via the management console, which has sensors organized in a tree enabling one to rapidly assess the network status.
The console features a list of APs and related security alerts. The AirMagnet analysis engine can detect 12 types of denial-of-service attacks and suspicious events like rogue APs, clients sending traffic unencrypted or using default security settings, spoofed MAC addresses, and wardriving and probing activities.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator