Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analyze This! The AirMagnet Laptop Mobile WLAN Analyzer: Page 2 of 4

Good
• Thorough security assessment of the network
• Impressive site survey analysis
• Simple to install and use
Bad
• Provides little added functionality compared to the handheld version at a higher cost
• Lacks the portability of the handheld version
• Cannot perform detailed protocol analysis

AirMagnet Laptop displays the basic sources of performance problems in the WLAN environment, including frame errors, retries and excessive bandwidth usage by particular stations. The analyzer specifies the source and destination addresses of devices involved as well helps pinpoint problems. One of the more useful features is the diagnostics utility, which lets users select a client, step through the entire association and authentication process, and determine precisely where a failure is occurring. AirMagnet Laptop also includes several useful client utilities, among them customizable ping and traceroute tools that are helpful in troubleshooting network problems.

Given the heightened interest in WLAN security, we were particularly interested in AirMagnet Laptop's security assessment system. We were able to detect APs not using WEP, APs using factory default SSIDs as well as rogue APs and client stations. Detection of the default SSID of a 3Com HomeConnect Wireless Gateway in the lab set off the analyzer's alarm. In some respects, this tool is similar to the Security Audit template of WildPacket's Airopeerk NX (see
"Sneak an AiroPeek at WLAN Stats").

To detect rogue APs or stations, MAC addresses of all legitimate devices have to be added. Any unlisted AP or station is immediately discovered and flagged. AirMagnet Laptop goes beyond simple security analysis; it has full support for the 802.1x authentication standard, including Cisco's LEAP, TKIP and the MIC security protocols. It gives information on the EAP type and the 802.1x user identities. The diagnostics utility also can be used to troubleshoot failures in 802.1x authentication. Plus, the software monitors for PPTP, L2TP, SSH and IPsec VPN tunnels.