PRODUCT GUIDE Wireless Intrusion Prevention Systems

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "PRODUCT GUIDE Wireless Intrusion Prevention Systems"

Transcription

1 PRODUCT GUIDE Wireless Intrusion Prevention Systems The Need for Wireless INTRUSION PREVENTION SYSTEMS A Wireless Intrusion Prevention System (WIPS) is designed to address two classes of challenges facing today s network manager. First is the threat of uncontrolled wireless devices. Wireless is inside almost every organization, whether sanctioned by IT or not. One of the more dangerous forms this takes is the rogue AP a standard Wi-Fi access point deployed by an employee or some other person outside the IT organization. When these rogue APs are connected to an enterprise network, they introduce security holes that may be exploited by an attacker. Another form of uncontrolled wireless is the Wi-Fi enabled laptop, PDA, or phone. Almost all laptops manufactured today include Wi-Fi built in, and the threat of end users misconfiguring these devices and compromising network security is very real. Some users may enable bridging between a wired network and a wireless network, while other users may form ad-hoc peer to peer Wi-Fi networks which may be intercepted by an intruder. All organizations regardless of plans for general Wi-Fi deployment should put measures in place to protect against uncontrolled wireless. If a general Wi-Fi deployment is in place, a second class of challenges presents itself detecting and defending against a wireless attacker. At a basic level, all wireless networks are vulnerable to denial-of-service attacks caused by jamming, flooding of traffic, or malicious manipulation of control and management network traffic. A WIPS can detect such attacks, localize them, and notify an administrator. Next, some types of Wi-Fi networks, particularly open networks or those based on WEP encryption, are vulnerable to a class of attacks such as impersonation, man-in-the-middle, and injection. A WIPS will detect and prevent these types of attacks. Aruba s WIPS Product Offerings Four major classifications of WIPS exist in the market: Wired Rogue Detection Focused on scanning wired and wireless networking equipment to identify rogue APs. Does not use any wireless sensors of its own. On-demand systems Offer portable, on-demand scanning and monitoring for situations where full-time monitoring is not required. Installed on a laptop. Overlay Infrastructure (permanently installed) system that can enforce no-wireless policies or monitor and protect an alreadyinstalled WLAN through a network of sensors communicating with a central server. An overlay WIPS is not part of the WLAN access network, and thus can be used with any vendor s WLAN equipment. Integrated Infrastructure (permanently installed) system that can enforce no-wireless policies or monitor and protect an installed WLAN. In an integrated system, the WIPS is part of the WLAN access network APs can act as hybrid devices by simultaneously serving wireless clients while monitoring for WIPS events. Of the architectures described above, Aruba Networks offers products in all four categories. Each solution offers industry-leading performance and features within their categories. WIRED ROGUE DETECTION The software module is designed for organizations that do not have wallto-wall coverage with RF sensors, but still need to defend their networks against rogue APs. automatically detects and locates unauthorized access points through a combination of wireless and wired network scans. First, the software can use existing authorized APs and wireless LAN controllers to scan the airspace for any unauthorized devices in range. Second, queries wired switches and routers, and scans the wired network to determine whether any unknown devices that are likely rogue APs are connected. Even without an installed wireless LAN, can ensure no rogue APs are on the network. can also be combined with an Aruba or other third-party Wireless Intrusion Prevention System to increase their joint effectiveness. On-Demand For occasional WIPS monitoring or on-demand scanning, Mobile delivers all the power of an infrastructure WIPS in a portable form factor. Mobile Mobile is a powerful, portable suite for vulnerability assessments, incident response and surveying. It is the industry s most complete wireless analysis tool to help design, maintain, and secure wireless networks. Running on a

2 Windows-based laptop and designed for walk-around use, Mobile can be used for locating suspect devices, conducting security audits, site surveys and troubleshooting whether a wireless LAN (WLAN) has been deployed or not. The Mobile system also helps organizations enforce both no wireless policies and WLAN security best practices, as well as ensure compliance with regulations and corporate security policies. OVERLAY is an infrastructurebased two-tier WIPS consisting of a network of sensors, built from Aruba s line of access points, and a centralized server running software. This powerful wireless security solution incorporates the industry s only Wireless Threat Protection Framework for complete threat detection, attack prevention, no wireless policy enforcement and compliance reporting inside the enterprise. secures your wireless network against intrusions that are perpetrated intentionally and from vulnerabilities caused unintentionally through misconfigured network equipment. The solution can be deployed standalone, with no wireless LAN present, or as an overlay to monitor any vendor s wireless LAN equipment. Integrated For organizations that have deployed wireless LAN access using Aruba mobility controllers, or for organizations who wish to enforce a no-wireless policy today but plan to enable wireless in the WIP future, Aruba mobility controllers running include a built-in cost-effective WIPS solution. In this architecture, a network of access points is deployed to provide wireless monitoring coverage throughout a facility. Access points can be configured in dedicated air monitor mode where only scanning and WIPS functions are performed, or as hybrid APs that perform WIPS functions while simultaneously serving WLAN clients. is a modular operating system consisting of multiple licensed software packages. In the base operating system, performs rogue AP detection and containment. With the addition of the Wireless Intrusion Prevention software module, the system is transformed into a full WIPS protecting against malicious attacks as well as misconfigured or uncontrolled wireless devices. How to Choose Each Aruba WIPS product contains industry-leading functionality within its category. The architecture of your wireless network will often help determine which product is right for your organization. Where portable, on-demand monitoring is needed, Mobile is the solution of choice. For infrastructure (permanently installed) systems, the following table presents a summary of the differences between each Aruba WIPS product. Infrastructure WIPS Feature Table Cost Scanning $ $ $$ $$$ Scanning Type Wired All valid channels All valid channels TotalWatch Hybrid APs (Simultaneous WLAN access and WIP monitoring) Rogue AP Detection Future release Rogue AP Detection Detection without APs or sensors deployed Rogue AP Classification Comparing MAC addresses on wireless and wired Packet injection (Open and WEP rogues) Comparing MAC addresses with CAM tables from network switches Rogue AP Containment Techniques Future release Wireless (De-auth method) Wireless (Tarpit method) Wired (SNMP-based shut down of wired switch port) Wired (wired laser beam) Future release Intrusions / Events Security - Vulnerability AP Broadcasting SSID AP is not using encryption AP is using default SSID

3 AP is sending encrypted and unencrypted data Ad-hoc network operating Client is not using encryption Client is sending encrypted and unencrypted data Detected Soft AP Detected AP/Client State change NetBIOS Traffic Station is operating as Unauthorized type Station is using Weak WEP IVs Security - Threat AP is using Hotspot SSID Authorized AP denied association Authorized AP denied authentication Client probing for any access point NetStumbler detected Unauthorized AP detected Unauthorized ad-hoc client detected Unauthorized client detected Wellenreiter detected Security Attack - Intrusion AP channel change AP SSID changed ASLEAP attack detected Adhoc SSID same as authorized AP AirJack attack detected Airsnarf attack detected Aruba attack Broadcast Disassociation packet Broadcast deauthentication packet Client (authorized) connected to rogue AP Client (rogue) connected to authorized AP Constant traffic sent/received by rogue AP Fake AP operating Fake Client operating Fata-jack attack detected Fragmentation attack detected Hotspotter attack detected Improper broadcast packet Possible ARP Poison - IP hijack Possible ARP Poison - multi IP hijack Possible ARP Worm traffic Possible Aireplay WEP attack in use Possible IP Worm traffic Service VAN nearby Spoofed MAC address 1 Spurious traffic sent by AP Spurious traffic sent by client Station is using random MAC address 1 Detected as sequence number anomaly

4 Suspected Evil Twin Attack Unauthorized AP using same SSID as Authorized AP WEPWedgie attack detected Wrong beacon channel number reported Security Attack - DOS AP Overloaded Association storm Authentication storm Deauthentication storm Disassociation storm Duration attack detected EAPOL Logoff storm EAPoL start storm Omerta attack RF Jamming detected Unmodified Omerta attack Operational - Performance Channel with too many APs Channel with excessive errors Client rate support mismatch Station with excess retransmissions Operational AP reported a problem to a client AP supports Multiple SSIDs Access Point restarted Authorized AP is down Client BSSID changed Client reported a problem to AP Client notified AP that it is leaving Constant traffic sent/received by authorized client New AP discovered New Ad-hoc client discovered New Client discovered Radar interference detected Turbocell detected WDS in Operation/Bridging Advanced WIP features PolicyEnforce (Customized security policy creation and enforcement) User Defined Signatures Forensics Reporting Compliance Reporting - PCI Compliance Reporting - HIPAA Compliance Reporting - SOX Standard security reports Custom report generation

5 How to Order The module is included at no extra charge in the Wireless Management Suite. Mobility Software rogue AP detection and containment is enabled in the base operating system, without the need for additional software licenses. To enable full WIP functionality, install the appropriate WIP software licenses from the table below. A WIP license must be installed on each mobility controller in the network. WIP functionality is purchased according to the number of APs connected to the mobility controller. The Aruba 200, 800, 2400, 6000-SC1, and SC2 mobility controllers are fixed-capacity systems; WIP licenses are purchased for the full capacity of the system. The Aruba 3000 series and 6000-M3 Multi-Service Mobility Controllers are variable-capacity systems that support different numbers of APs based on software licenses. For these systems, order enough WIP licenses to support the total licensed AP capacity of the system. For example, if the mobility controller is licensed for 128 campus-connected APs and 16 Remote APs, the WIP license capacity must equal at least 144. Part number Description The following licenses are only applicable for the Aruba 200, 800, 2400, 6000 SC-1, and 6000 SC-2 Mobility Controllers. LIC-200-WIP LIC-804-WIP LIC-800-WIP 804-UG-WIP-1 LIC-2400-WIP LIC-SC1-WIP-48 LIC-SC1-WIP LIC-SC2-WIP LIC-SC1-WIP-UG-1 A200 (6 AP License)) A800-4 (4 AP License) A (16 AP License) Up grade LIC-804-WIP to LIC-800-WIP A (48 AP License) Aruba Supervisor Card I (48 AP) Aruba Supervisor Card I (128 AP) Aruba Supervisor Card II (256 AP) Wireless Intrusion Protection for Sup. Card I (Upgrade 48 AP to 128 AP) The following licenses are only applicable for the M3 and 3000 Series Multi-Service Mobility Controllers. The number of WIP licenses must be equal to the total licensed AP capacity of the mobility controller. Example: If the mobility controller is licensed for 128 campus-connected APs and 16 Remote APs, the WIP license capacity must equal at least 144. LIC-WIP-8 LIC-WIP-16 License (8 AP Support) License (16 AP Support) LIC-WIP-32 LIC-WIP-64 LIC-WIP-128 LIC-WIP-256 LIC-WIP-384 LIC-WIP-512 License (32 AP Support) License (64 AP Support) License (128 AP Support) License (256 AP Support) License (384 AP Support) License (512 AP Support) is delivered as installable software on a CD- ROM. You will need a permanently installed server meeting the minimum system requirements (available in the datasheet) to run the software. is licensed according to the number of sensors it supports, with sensor licenses available in increments of one. Part number RFP W RFP W RFP W RFP L RFP L RFP L Description (Windows) - up to 1 sensor (Windows) - up to 10 sensors (Windows) - up to 100 sensors (Linux) - up to 1 sensor (Linux) - up to 10 sensors (Linux) - up to 100 sensors LIC-RFP-1 RFProtect Expansion License - 1 sensor upgrade LIC-RFP-10 RFProtect Expansion License - 10 sensor upgrade LIC-RFP-100 RFProtect Expansion License sensor upgrade LIC-RFP-UL-1 Mobile Unlimited Sensor Expansion License for RFProtect Server Mobile is distributed as installable software on a CD-ROM. You will need a laptop meeting the minimum system requirements (available in the Mobile datasheet) and with a supported Wireless LAN adapter. RFP RFProtect Mobile Software Crossman Avenue. Sunnyvale, CA Tel Fax Aruba Networks, Inc., Aruba Networks, Aruba Mobility Management System, Bluescanner, For Wireless That Works, Mobile Edge Architecture, People Move. Networks Must Follow, RFProtect, The All Wireless Workplace Is Now Open For Business, Green Island, and The Mobile Edge Company are trademarks of Aruba Networks, Inc. All rights reserved. All other trademarks are the property of their respective owners. PG_WIPS_US_080715

ARUBA INSTANT ROGUE AP TROUBLESHOOTING

ARUBA INSTANT ROGUE AP TROUBLESHOOTING ARUBA INSTANT ROGUE AP TROUBLESHOOTING Technical Climb Webinar 10:00 GMT 11:00 CET 13:00 GST Feb 28th, 2016 Presenter: Anshul Bharthan anshul.bharthan@hpe.com INTRODUCTION TO WIDS/WIPS Classification of

More information

Managing Rogue Devices

Managing Rogue Devices Information About Rogue Devices, page 1 Configuring Rogue Detection (GUI), page 5 Configuring Rogue Detection (CLI), page 8 Information About Rogue Devices Rogue access points can disrupt wireless LAN

More information

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.

More information

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers

More information

Managing Rogue Devices

Managing Rogue Devices Finding Feature Information, page 1 Information About Rogue Devices, page 1 How to Configure Rogue Detection, page 6 Monitoring Rogue Detection, page 8 Examples: Rogue Detection Configuration, page 9 Additional

More information

Multipot: A More Potent Variant of Evil Twin

Multipot: A More Potent Variant of Evil Twin Multipot: A More Potent Variant of Evil Twin K. N. Gopinath Senior Wireless Security Researcher and Senior Engineering Manager AirTight Networks http://www.airtightnetworks.net Email: gopinath.kn@airtightnetworks.net

More information

Wi-Net Window and Rogue Access Points

Wi-Net Window and Rogue Access Points Wi-Net Window and Rogue Access Points The Wi-Net Window (WP150) has several features that make it ideal for detecting and locating rogue access points: A rogue access point is a wireless access point that

More information

Alarms and Events. Using the Alarm Summary CHAPTER

Alarms and Events. Using the Alarm Summary CHAPTER CHAPTER 16 This chapter describes the type of events and alarms reported, how to view alarms and events by product or entity and severity, and how to view IDS signature attacks. It contains these sections:

More information

5 Tips to Fortify your Wireless Network

5 Tips to Fortify your Wireless Network Article ID: 5035 5 Tips to Fortify your Wireless Network Objective Although Wi-Fi networks are convenient for you and your employees, there may be unwanted clients using up the bandwidth you pay for. In

More information

AirMagnet Enterprise DATASHEET

AirMagnet Enterprise DATASHEET DATASHEET AirMagnet Enterprise AirMagnet Enterprise is a comprehensive 24x7 Performance Monitoring & Wireless Intrusion Detection system (WIDS) / Prevention System (WIPS), that enables organizations to

More information

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services CHAPTER 11 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access point/bridges for wireless domain services

More information

Wireless KRACK attack client side workaround and detection

Wireless KRACK attack client side workaround and detection Wireless KRACK attack client side workaround and detection Contents Introduction Components used Requirements EAPoL Attack protections Why this works Possible impact How to identify if a client is deleted

More information

Monitoring Wireless Devices

Monitoring Wireless Devices CHAPTER 6 This chapter describes how to use WCS to monitor your wireless LANs. It contains these sections: Monitoring Rogue Access Points, Adhocs, and Clients, page 6-1 Rogue Access Point Location, Tagging,

More information

Wireless LAN Security & Threat Mitigation

Wireless LAN Security & Threat Mitigation Wireless LAN Security & Threat Mitigation Karan Sheth, Sr. Technical Marketing Engineer Abstract Prevention is better than cure an old saying but an extremely important one to defend your enterprise wireless

More information

Wireless Attacks and Defense. By: Dan Schade. April 9, 2006

Wireless Attacks and Defense. By: Dan Schade. April 9, 2006 Wireless Attacks and Defense By: Dan Schade April 9, 2006 Schade - 2 As more and more home and business users adapt wireless technologies because of their ease of use and affordability, these devices are

More information

Configuring Management Frame Protection

Configuring Management Frame Protection Information About Management Frame Protection, page 1 Restrictions for Management Frame Protection, page 3 (GUI), page 3 Viewing the Management Frame Protection Settings (GUI), page 3 (CLI), page 4 Viewing

More information

Wireless Network Standard

Wireless Network Standard Last Modified: 10/20/15 Wireless Network Standard Purpose The standard and guidelines described in this document will ensure the uniformity of wireless network access points at the University of Georgia.

More information

CSA for Mobile Client Security

CSA for Mobile Client Security 7 CHAPTER A secure unified network, featuring both wired and wireless access, requires an integrated, defense-in-depth approach to security, including comprehensive endpoint security that is critical to

More information

Wireless and Network Security Integration Solution Overview

Wireless and Network Security Integration Solution Overview Wireless and Network Security Integration Solution Overview Solution Overview Introduction Enterprise businesses are being transformed to meet the evolving challenges of today's global business economy.

More information

WHITE PAPER. PCI Wireless Compliance Demystified Best Practices for Retail

WHITE PAPER. PCI Wireless Compliance Demystified Best Practices for Retail WHITE PAPER PCI Wireless Compliance Demystified Best Practices for Retail PCI Wireless Compliance Demystified The introduction of wireless technologies in retail has created a new avenue for data breaches,

More information

How Insecure is Wireless LAN?

How Insecure is Wireless LAN? Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost

More information

Frequently Asked Questions WPA2 Vulnerability (KRACK)

Frequently Asked Questions WPA2 Vulnerability (KRACK) Frequently Asked Questions WPA2 Vulnerability (KRACK) Release Date: October 20, 2017 Document version: 1.0 What is the issue? A research paper disclosed serious vulnerabilities in the WPA and WPA2 key

More information

Cisco NCS Overview. The Cisco Unified Network Solution CHAPTER

Cisco NCS Overview. The Cisco Unified Network Solution CHAPTER CHAPTER 1 This chapter describes the Cisco Unified Network Solution and the Cisco Prime Network Control System (NCS). It contains the following sections: The Cisco Unified Network Solution, page 1-1 About

More information

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake. Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping

More information

ARUBA INSTANT IAP-92 and IAP-93 ACCESS POINTS

ARUBA INSTANT IAP-92 and IAP-93 ACCESS POINTS ARUBA INSTANT IAP- and IAP-93 ACCESS POINTS For low-density Wi-Fi client environments inherits the role of the primary Virtual Controller with no service disruption. The primary Virtual Controller operates

More information

Information Technology Policy Board Members. SUBJECT: Update to County WAN/LAN Wireless Standards

Information Technology Policy Board Members. SUBJECT: Update to County WAN/LAN Wireless Standards COUNTY OF SACRAMENTO Inter-Departmental Correspondence December 6, 2007 TO: FROM: Information Technology Policy Board Members Jeff Leveroni, Chair Technology Review Group SUBJECT: Update to County WAN/LAN

More information

CCNA 3 (v v6.0) Chapter 4 Exam Answers % Full

CCNA 3 (v v6.0) Chapter 4 Exam Answers % Full CCNA 3 (v5.0.3 + v6.0) Chapter 4 Exam Answers 2017 100% Full ccnav6.com /ccna-3-v5-0-3-v6-0-chapter-4-exam-answers-2017-100-full.html CCNA Exam Answers 2017 CCNA 3 (v5.0.3 + v6.0) Chapter 4 Exam Answers

More information

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE COURSE TITLE WIRELESS TECHNOLOGY SPECIALIST COURSE DURATION 13 Hours of Interactive Training COURSE OVERVIEW This course will teach you

More information

GETTING THE MOST OUT OF EVIL TWIN

GETTING THE MOST OUT OF EVIL TWIN GETTING THE MOST OUT OF EVIL TWIN B-SIDES ATHENS 2016 GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > WHOAMI Security Engineer at CENSUS S.A. Cryptography, Wi-Fi hacking,

More information

Wireless# Guide to Wireless Communications. Objectives

Wireless# Guide to Wireless Communications. Objectives Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g

More information

AirMagnet Enterprise Version 6.1. Release Notes. January 24, 2006

AirMagnet Enterprise Version 6.1. Release Notes. January 24, 2006 AirMagnet Enterprise Version 6.1 Table of Contents: Introduction, page 1 Special Notes, page 1 Warning, page 2 New Features, page 2 Known Issues, page 5 Release Notes Technical Support, page 7 Release

More information

WL-5420AP. User s Guide

WL-5420AP. User s Guide WL-5420AP User s Guide Table of contents INTRODUCTION... 1 About the Operation Modes...2 LED Indicators...5 Solid...5 Ports on the Rear Panel...7 GETTING CONNECTED... 8 WPA AP -CONFIGURATION VIA WEB...

More information

TECHNOLOGY GUIDE WIRELESS INTRUSION PREVENTION (WIP)

TECHNOLOGY GUIDE WIRELESS INTRUSION PREVENTION (WIP) TECHNOLOGY GUIDE WIRELESS INTRUSION PREVENTION (WIP) CONTENTS WIRELESS INTRUSION PREVENTION (WIP)... Reference Material... Wireless scanning... Wired Rogue AP Detection... 1 802.11ac Rogue Detection...

More information

Alarm and Event Dictionary

Alarm and Event Dictionary CHAPTER 13 This chapter describes the event and alarm notifications that the wireless LAN controller, access points, and location appliances can receive. It also identifies specific actions the administrator

More information

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking

More information

Implementing. Security Technologies. NAP and NAC. The Complete Guide to Network Access Control. Daniel V. Hoffman. WILEY Wiley Publishing, Inc.

Implementing. Security Technologies. NAP and NAC. The Complete Guide to Network Access Control. Daniel V. Hoffman. WILEY Wiley Publishing, Inc. Implementing NAP and NAC Security Technologies The Complete Guide to Network Access Control Daniel V. Hoffman m WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XIII XV Chapter 1 Chapter

More information

Wireless Networking Basics. Ed Crowley

Wireless Networking Basics. Ed Crowley Wireless Networking Basics Ed Crowley 2014 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE 802.11 Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2

More information

Wireless LAN USB Stick AWL400. User Manual. Version 1.1 June BENQ Corporation

Wireless LAN USB Stick AWL400. User Manual. Version 1.1 June BENQ Corporation Wireless LAN USB Stick AWL400 User Manual Version 1.1 June 2002 Notice I Copyright Statement This manual cannot be reproduced in any form or by any means or used to make any derivative such as translation,

More information

A Configuration Protocol for Embedded Devices on Secure Wireless Networks

A Configuration Protocol for Embedded Devices on Secure Wireless Networks A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders lsanders@ittc.ku.edu 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)

More information

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points)

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points) Product Name: Manufacturer: - Model Number: 901-1106-UK00 Please Note: The Ruckus ZoneDirector 1106 has been discontinued. For an alternative, we recommend the Ruckus ZoneDirector 1205. Ruckus ZoneDirector

More information

CLEARPASS CONVERSATION GUIDE

CLEARPASS CONVERSATION GUIDE CLEARPASS CONVERSATION GUIDE Purpose: Goal: How to use: This document is designed to help you steer customer discussions with respect to the ClearPass solution. It will be useful as an initial conversation

More information

Rogue Access Points and UBC s Wi-Fi Network

Rogue Access Points and UBC s Wi-Fi Network Rogue Access Points and UBC s Wi-Fi Network Arunkumar Chebium, Pawittar Dhillon, Kaveh Farshad, Farhan Masud Department of Electrical and Computer Engineering, University of British Columbia Vancouver,

More information

Lure10: Exploiting Windows Automatic Wireless Association Algorithm

Lure10: Exploiting Windows Automatic Wireless Association Algorithm Lure10: Exploiting Windows Automatic Wireless Association Algorithm HITBSecConf2017, Amsterdam GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > Wi-Fi Automatic Association

More information

ARUBA AIRWAVE. Visibility and management for multi-vendor access networks DATA SHEET REAL-TIME MONITORING AND VISIBILITY

ARUBA AIRWAVE. Visibility and management for multi-vendor access networks DATA SHEET REAL-TIME MONITORING AND VISIBILITY Visibility and management for multi-vendor access networks Aruba AirWave is an easy-to-use network operations system that manages wired and wireless infrastructure from Aruba and a wide range of third-party

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

WAP3205 v2. User s Guide. Quick Start Guide. Wireless N300 Access Point. Default Login Details. Version 1.00 Edition 2, 12/2012

WAP3205 v2. User s Guide. Quick Start Guide. Wireless N300 Access Point. Default Login Details. Version 1.00 Edition 2, 12/2012 WAP3205 v2 Wireless N300 Access Point Version 1.00 Edition 2, 12/2012 Quick Start Guide User s Guide Default Login Details LAN IP Address http://192.168.1.2 Password 1234 www.zyxel.com Copyright 2012 ZyXEL

More information

Installing Your Multifunction to Your Network for the First Time. PIXMA MX350 / PIXMA MX870 Mac OS

Installing Your Multifunction to Your Network for the First Time. PIXMA MX350 / PIXMA MX870 Mac OS Installing Your Multifunction to Your Network for the First Time PIXMA MX350 / PIXMA MX870 Mac OS 1 Navigation Tips for Macintosh Users DOWN To navigate this guide, please use the arrows on the MAC keyboard

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER 2

More information

QuickSpecs. Models HP RF Manager Controller with 50-sensor License HP MSM415 RF Security Sensor

QuickSpecs. Models HP RF Manager Controller with 50-sensor License HP MSM415 RF Security Sensor Overview Models HP RF Manager Controller with 50-sensor License HP MSM415 RF Security Sensor J9521A J9522A Key features Full support for HP and 3rd party WLANs Automatic intrusion threat prevention Central

More information

Cyber Security Audit & Roadmap Business Process and

Cyber Security Audit & Roadmap Business Process and Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G Access Point User Guide Model No. WAP54G v2 Copyright and Trademarks Specifications are subject to change without notice. Linksys is

More information

802.11ac FREQUENTLY ASKED QUESTIONS. May 2012

802.11ac FREQUENTLY ASKED QUESTIONS. May 2012 802.11ac FREQUENTLY ASKED QUESTIONS May 2012 Table of Contents General Questions:... 3 1. What is 802.11ac?... 3 2. When will 802.11ac be ratified into a standard?... 3 5. Will 802.11ac come out before

More information

VLANs and Association Redirection. Jon Ellch

VLANs and Association Redirection. Jon Ellch 802.11 VLANs and Association Redirection Jon Ellch Contents 1 Foreword 2 2 Background 3 3 Introduction 4 3.1 The state of the art......................................... 4 4 PVLANs and virtual BSSIDs

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

Scanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.

Scanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing. I Introduction to Hacking Important Terminology Ethical Hacking vs. Hacking Effects of Hacking on Business Why Ethical Hacking Is Necessary Skills of an Ethical Hacker What Is Penetration Testing? Networking

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE Data Sheet Cisco WAP131 Wireless-N Dual Radio Access Point with PoE Improved Coverage, Easy to Deploy, Secure Business-Class Wireless-N Connectivity Highlights Provides cost-effective 802.11n connectivity

More information

IT ACCEPTABLE USE POLICY

IT ACCEPTABLE USE POLICY CIO Signature Approval & Date: IT ACCEPTABLE USE POLICY 1.0 PURPOSE The purpose of this policy is to define the acceptable and appropriate use of ModusLink s computing resources. This policy exists to

More information

DATA SHEETS. 99 Washington Street Melrose, MA Phone Toll Free Visit us at

DATA SHEETS. 99 Washington Street Melrose, MA Phone Toll Free Visit us at DATA SHEETS Datasheet: AirMagnet Wi-Fi Analyzer AirMagnet Wi-Fi Analyzer PRO helps IT staff Troubleshoot, Analyze, and Audit their wireless network. Quickly solve end-user issues while automatically detecting

More information

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content

More information

Configuring IDS Signatures

Configuring IDS Signatures Information About IDS Signatures, page 1 (GUI), page 3 Viewing IDS Signature Events (GUI), page 6 (CLI), page 7 Viewing IDS Signature Events (CLI), page 8 Information About IDS Signatures You can configure

More information

Wireless Technologies

Wireless Technologies Wireless Technologies Networking for Home and Small Businesses Chapter 7 Manju. V. Sankar 1 Objectives Describe wireless technologies. Describe the various components and structure of a WLAN Describe wireless

More information

1. Intrusion Detection and Prevention Systems

1. Intrusion Detection and Prevention Systems 1. Intrusion Detection and Prevention Systems Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which

More information

Rogue Access Point Detection using Challenge-Response Mechanism

Rogue Access Point Detection using Challenge-Response Mechanism Rogue Access Point Detection using Challenge-Response Mechanism Audumbar Chormale, Kishorkumar Datar Dept of CSEE, University of Maryland, Baltimore County, Baltimore, MD 21250, USA Email: auduc1@umbc.edu,

More information

QuickSpecs. Aruba Airwave Usage Licenses. Overview. Aruba Airwave Usage Licenses. Product overview. Features and Benefits

QuickSpecs. Aruba Airwave Usage Licenses. Overview. Aruba Airwave Usage Licenses. Product overview. Features and Benefits Product overview Centralized visibility and management for multivendor access networks. AirWave is a powerful and easy-to-use network operations system that not only manages wired and wireless infrastructures

More information

EnGenius Quick Start Guide

EnGenius Quick Start Guide T he operates seamlessly in the 2.4 GHz frequency spectrum supporting the 802.11b (2.4GHz, 11Mbps) and the newer, faster 802.11g (2.4GHz, 54Mbpswireless standard. High output power and high sensitivity

More information

Wireless Domain Services FAQ

Wireless Domain Services FAQ Wireless Domain Services FAQ Document ID: 65346 Contents Introduction What is WDS? How do I configure my AP as a WDS? On what platforms does Cisco Structured Wireless Aware Network (SWAN) WDS run? How

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Intrusion Detection Systems Intrusion Actions aimed at compromising the security of the target (confidentiality, integrity, availability of computing/networking

More information

CHAPTER 8 SECURING INFORMATION SYSTEMS

CHAPTER 8 SECURING INFORMATION SYSTEMS CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is

More information

Security Challenges Facing the Future Wireless World (aka.. Alice and Bob in the Wireless Wonderland) Wade Trappe

Security Challenges Facing the Future Wireless World (aka.. Alice and Bob in the Wireless Wonderland) Wade Trappe Security Challenges Facing the Future Wireless World (aka.. Alice and Bob in the Wireless Wonderland) Wade Trappe Talk Overview Security has been one of the great detractors for wireless technologies (and

More information

PMS 138 C Moto Black spine width spine width 100% 100%

PMS 138 C Moto Black spine width spine width 100% 100% Series MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners. 2009 Motorola, Inc. Table of

More information

Cisco NAC Network Module for Integrated Services Routers

Cisco NAC Network Module for Integrated Services Routers Cisco NAC Network Module for Integrated Services Routers The Cisco NAC Network Module for Integrated Services Routers (NME-NAC-K9) brings the feature-rich Cisco NAC Appliance Server capabilities to Cisco

More information

WIRELESS N USB ADAPTER USER MANUAL

WIRELESS N USB ADAPTER USER MANUAL WIRELESS N USB ADAPTER USER MANUAL MAN-525503/525534-UM-0413-01 INTRODUCTION Thank you for purchasing this Manhattan Wireless N USB Adapter. Because many netbooks and laptops (especially those more than

More information

Types of Attacks That Can Be Carried Out on Wireless Networks

Types of Attacks That Can Be Carried Out on Wireless Networks 1 Types of Attacks That Can Be Carried Out on Wireless Networks Westley Hansen CS 4960 Dr. Martin May 7, 2015 2 Abstract Wireless Networks are very mainstream, it allows a way for computer devices to connect

More information

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide May 2006 Version 1.00 1 Table of Contents Table of Contents... 2 List of Figures... 4 List of Tables... 6 Chapter 1. Introduction...

More information

When the Lights go out. Hacking Cisco EnergyWise. Version: 1.0. Date: 7/1/14. Classification: Ayhan Koca, Matthias Luft

When the Lights go out. Hacking Cisco EnergyWise. Version: 1.0. Date: 7/1/14. Classification: Ayhan Koca, Matthias Luft When the Lights go out Hacking Cisco EnergyWise Version: 1.0 Date: 7/1/14 Classification: Author(s): Public Ayhan Koca, Matthias Luft TABLE OF CONTENT 1 HANDLING... 5 1.1 DOCUMENT STATUS AND OWNER... 5

More information

Detecting MAC Spoofing Using ForeScout CounterACT

Detecting MAC Spoofing Using ForeScout CounterACT Detecting MAC Spoofing Using ForeScout CounterACT Professional Services Library Introduction MAC address spoofing is used to impersonate legitimate devices, circumvent existing security mechanisms and

More information

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo ISC2 Exam Questions CISSP Certified Information Systems Security Professional (CISSP) Version:Demo 1. How can a forensic specialist exclude from examination a large percentage of operating system files

More information

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security

More information

OptiView. Series III Network Analyzer Wireless Suite Ensure Security, Performance and Compliance of Your Wireless LAN. Technical Datasheet

OptiView. Series III Network Analyzer Wireless Suite Ensure Security, Performance and Compliance of Your Wireless LAN. Technical Datasheet OptiView Series III Network Analyzer Wireless Suite Ensure Security, Performance and Compliance of Your Wireless LAN Part of the OptiView Management Suite (OMS) OMS provides the breadth of visibility and

More information

NT1210 Introduction to Networking. Unit 6: Chapter 6, Wireless LANs

NT1210 Introduction to Networking. Unit 6: Chapter 6, Wireless LANs NT1210 Introduction to Networking Unit 6: Chapter 6, Wireless LANs Objectives Identify the major needs and stakeholders for computer networks and network applications. Identify the classifications of networks

More information

Course 831 Certified Ethical Hacker v9

Course 831 Certified Ethical Hacker v9 Course 831 Certified Ethical Hacker v9 Duration: 5 days What You Get: CEH v9 Certification exam voucher 5 days of high quality classroom training 18 comprehensive modules 40% of class hours dedicated to

More information

IT220 Network Standards & Protocols. Unit 6: Chapter 6 Wireless LANs

IT220 Network Standards & Protocols. Unit 6: Chapter 6 Wireless LANs IT220 Network Standards & Protocols Unit 6: Chapter 6 Wireless LANs 2 Objectives Identify the major needs and stakeholders for computer networks and network applications. Identify the classifications of

More information

DWS-4000 Series DWL-3600AP DWL-6600AP

DWS-4000 Series DWL-3600AP DWL-6600AP Unified Wired & Wireless Access System Configuration Guide Product Model: Release 1.0 DWS-4000 Series DWL-8600AP DWL-6600AP DWL-3600AP Page 1 Table of Contents 1. Scenario 1 - Basic L2 Edge Setup: 1 Unified

More information

Wireless a CPE User Manual

Wireless a CPE User Manual NOTICE Changes or modifications to the equipment, which are not approved by the party responsible for compliance, could affect the user's authority to operate the equipment. Company has an on-going policy

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value

More information

Cisco IPS AIM Deployment, Benefits, and Capabilities

Cisco IPS AIM Deployment, Benefits, and Capabilities Cisco IPS AIM Abstract The Cisco IPS Advanced Integration Module (AIM) for Cisco modular integrated services routers integrates a high-performance, feature-rich intrusion prevention system (IPS) into the

More information

ARUBA 100 SERIES ACCESS POINTS

ARUBA 100 SERIES ACCESS POINTS Aruba 1 Series Access Points ARUBA 1 SERIES ACCESS POINTS For high-density Wi-Fi client environments Aruba Instant mode. In Aruba Instant mode, a single AP is dynamically elected the Virtual Controller,

More information

Children s Health System. Remote User Policy

Children s Health System. Remote User Policy Children s Health System Remote User Policy July 28, 2008 Reason for this Policy This policy defines standards for connecting to the Children s Health System (CHS) network from any remote host. These standards

More information

DWR G Integrated Access Device. User Manual

DWR G Integrated Access Device. User Manual DWR-923 4G Integrated Access Device User Manual TABLE OF CONTENTS 1. GETTING TO KNOW THE DWR-923... 2 1.1 Introduction... 2 1.2 Package Contents... 3 1.3 System Requirements... 3 1.4 Hardware Overview

More information

Wireless LAN Adapter

Wireless LAN Adapter ANSEL Wireless LAN Adapter 2302-wl360r User s Guide Version 1.1 08/04/2003 User s Guide 0 Copyright statement No part of this publication may be reproduced, stored in a retrieval system, or transmitted

More information

Wireless LAN Access Point

Wireless LAN Access Point Wireless LAN Access Point IEEE 802.11b/g 54Mbps 501903 User s Manual Table of Contents Chapter 1 Introduction... 1 1.1 Package Contents... 2 1.2 Features... 2 1.3 Specifications... 2 1.4 Physical Description...

More information

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access Klaudia Bakšová System Engineer Cisco Systems Cisco Clean Access Agenda 1. Securing Complexity 2. NAC Appliance Product Overview and In-Depth 3. NAC Appliance Technical Benefits The Challenge of Securing

More information

AXILSPOT 2x2 MIMO Dual-Radio ac Indoor or Access ces ASC120. Uncompromising performance for high density wireless deployments.

AXILSPOT 2x2 MIMO Dual-Radio ac Indoor or Access ces ASC120. Uncompromising performance for high density wireless deployments. AXILSPOT 2x2 MIMO Dual-Radio 802.11ac Indoor or Access ces Point ASC120 Uncompromising performance for high density wireless deployments. 01 HIGHLIGHTS Dual-band 802.11ac 2x2 MIMO indoor access point Up

More information

pakedgedevice&software inc.

pakedgedevice&software inc. pakedgedevice&software inc. WAP-W3G Enterprise-Class, Ultra High Power Wireless Access Point- Single Band 2.4Ghz User Guide Version 1.41 FCC Declaration of Conformity Pakedge Device & Software, PO Box

More information

CIT 380: Securing Computer Systems. Network Security Concepts

CIT 380: Securing Computer Systems. Network Security Concepts CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines

More information

A Division of Cisco Systems, Inc. Dual-Band. GHz g a. Dual-Band. Wireless A+G. Access Point. User Guide WIRELESS WAP55AG. Model No.

A Division of Cisco Systems, Inc. Dual-Band. GHz g a. Dual-Band. Wireless A+G. Access Point. User Guide WIRELESS WAP55AG. Model No. A Division of Cisco Systems, Inc. Dual-Band 5 GHz 802.11a + GHz 2.4 802.11g WIRELESS Dual-Band Wireless A+G Access Point User Guide Model No. WAP55AG Copyright and Trademarks Specifications are subject

More information

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK S.DEEPTHI 1 G.MARY SWARNALATHA 2 PAPARAO NALAJALA 3 Assoc. Professor, Dept. of Electronics &Communication Engineering at Institute of Aeronautical Engineering,

More information

Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch

Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch Data Sheet Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch Improved Coverage, Easy to Deploy, Secure Business-Class Wireless-N Connectivity Highlights Provides cost-effective 802.11n

More information