802.11n support added to wireless intrusion defense

SpectraGuard Enterprise wireless IPS will let network managers identify and manage 802.11n access points and clients.

Existing wireless-LAN intrusion-prevention systems have a blind spot: Until they're upgraded, they can't detect radio signals from 802.11n WLAN gear.

AirTight Networks in California this week announced the planned mid-September release of its SpectraGuard Enterprise wireless IPS, which will let network managers identify and manage 802.11n access points and clients.

Enterprise-class 300Mbps 802.11n equipment has been available for almost a year, but only fairly recently have an array of wireless security and management products, such as Motorola's WLAN planning application, been updated to support it.

Like most similar products, SpectraGuard combines:

  • Wireless sensors distributed throughout a site, scanning the 2.4GHz and 5GHz frequency bands

  • A management appliance with software that monitors and analyzes the scan data, and can block wireless connections between enterprise devices and rogues

    The 5.7 release includes a new two-radio sensor, based on the Atheros Communications MD8082 802.11a/b/g/n chipset, and updated software that now can detect the radio signature of 802.11n radios. The sensor, with a sleeker,more compact design, can run both radios at once, covering all 802.11 transmissions in both bands. Importantly, the sensors can use an existing 802.1af Power-over-Ethernet system. Some 802.11n products, especially with two radios, need more power, or reduce functions to work with available 802.1af power.

    The new sensors also have greater range, covering on average about twice the area of AirTight's current sensors, which typically blanket 10,000 to 15,000 square feet. One result, according to AirTight, is that enterprises probably could decrease by about 30% the number of sensors needed to cover a site.

    The 7.6 software release, for the first time, lets the sensors continue to enforce the last-known wireless security policies if they are temporarily unable to connect to the server.

    Nothing in AirTight's existing radio-classification algorithms has been changed. Now, however, when SpectraGuard detects a security event, a new feature, called Live Event Architecture, will collect and display data from all related events, says Sri Sundaralingam, vice president of product management at AirTight. For example, when a rogue access point appears, SpectraGuard will identify that event and any connections by enterprise clients.

    The AirTight system can work with Cisco thin access points and their controllers, drawing additional radio-frequency data from them to fix the location of rogue devices.

    The list price for the new sensor is about US$1,300. A starter kit, including the SpectraGuard appliance, Release 7.6 software and two sensors is roughly US$10,000. Sensors and software are expected to ship in mid-September.

    The company also has released a free, simple, interactive planning tool that creates a quick overview of a proposed 802.11n deployment, comparing it with an existing 802.11a/b/g network.

    In August, AirTight will release a new version of the more complex and capable SpectraGuard Planner 5.0, an application for WLAN security planning, also with support for 802.11n access points, as well as a new ability to import AutoCAD files and assign RF propagation characteristics to the probable building materials in walls and floors. The new version's price is unchanged at US$2,500.

  • Join the newsletter!

    Error: Please check your email address.

    More about AirTight NetworksAtheros CommunicationsCiscoIPSMotorola

    Show Comments

    Market Place

    []