Many industries that once shunned wireless networks for security fears have given in to the siren songs of mobility and portability, while others that have traditionally limited where the WLAN could be used are spreading their wireless wings and doing more business over Wi-Fi. For the financial, retail and health-care sectors, regulatory requirements have evolved along with the value seen in wireless, and the two concepts can be at odds if not properly reconciled. And though many of the latest, high-dollar wireless systems over which business networks are likely to run come with the promise of robust wireless security as part of the do-all, super-system price tag, AirMagnet cautions that these offerings often fall short for effective wireless security.
Where WLAN management systems do claim defensive capabilities--like rogue detection, wireless intrusion prevention and detection systems (IPS/IDS), and the ability to react to attacks--the freshness dating on these capabilities is often measured in months or firmware upgrades, despite new attacks coming out with far greater frequency. More mobile devices afoot mean more potential attack vectors, and increased chances of corporate client devices inadvertently joining unsanctioned networks and being exploited. AirMagnet Enterprise 9.0 (AirMagnet is now part of Fluke Networks) continues the company's tradition of a sensor-based security overlay model for customers that simply can't take for granted that access points servicing wireless clients can also be trusted for security duties. But the latest version has a few cool new tricks up its sleeves.
Recognizing that slow update cycles where threat detection signatures are embedded in controller firmware is far from optimal, AirMagnet takes a swipe at dated detection abilities with its new Dynamic Threat Update (DTU) technology in Enterprise 9.0. DTU provides separately loadable threat definitions, zero day protection, and customization of both threat signatures and threat alarms. Enterprise 9.0 also enhances rogue detection accuracy and speed for both wireless access points and routers (one area in which competitors often overstate their capabilities), and also brings integration with Cisco's WLAN location services data for improved accuracy.
My tour of Enterprise 9.0 with AirMagnet's product management team certainly made me appreciate the weapons available against the many threats to wireless networks, and the ability to quickly update as new threats are recognized. But as I ponder my own very large wireless network and all the various alarms I already get in a given day without being an AirMagnet Enterprise customer, ranging from transient interference to rogues on nearby neighboring campuses that I have no ability to react to, I also have to wonder at what point information overload becomes problematic. Automated mitigation is risky business, and you can't simply react to every fleeting bit of potential trouble in the air when you have thousands of people on hundreds of acres all using that air. Both of these mean that you are still on the hook to give the solution's user interface some serious facetime as you analyze the data presented. As wireless networks continue to grow, the key to real success with AirMagnet's Enterprise solution, or any of its competitors', will be the ability to "tune" it to be truly useful for your individual circumstances---and not just a source of endless alerts that you learn to ignore.