AirMagnetEnterp_3988735_0000_ENG_D_W.PDF

7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF

http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 1/6Technical Data

unique ramework or maintaining the most

up-to-date WLAN security posture or the

enterprise.

The AirWISE engine constantly analyzes all

wireless devices and trac using a

combination o rame inspection, stateul

pattern analysis, statistical modeling, RF

analysis and anomaly detection, enabling

detection o hundreds o specic threats such

as rogue devices, spooed devices, DoS

attacks, man-in-the-middle attacks, evil

twins, as well as the most recent hacking

tools and vulnerabilities such as WPS brute

orce attack, Karmetasploit and 802.11n

uzzing attacks.

AirMagnet Enterprise –

Complete Wi-Fi Security

AirMagnet Enterprise protects against every

wireless threat by combining the industry’s

most thorough wireless monitoring with lead-

ing research, analysis and threat remediation.

Full Visibility

AirMagnet Enterprise scans all possible

802.11 channels (including the 200 extended

channels), ensuring there are no blind

spots where rogue devices may be hiding.

AirMagnet Enterprise goes beyond Wi-Fi

analysis with optional spectrum analysis that

detects and classies RF jamming attacks,

Bluetooth devices and many other

non-802.11 transmitter types, such

as unapproved wireless cameras.

Industry Leading Threat Detection

The AirMagnet Intrusion Research Teamconstantly investigates the latest hacking

techniques, trends and potential

vulnerabilities to keep organizations ahead

o evolving threats. New Dynamic Threat

Update technology speeds the creation,

automation and immediate deployment o

new threat signatures through the AirMagnet

AirWISE® engine. As soon as any new threat

denition is ready, it can be deployed with

no impact to system operation, providing a

AirMagnet Enterprise provides a scalable

WLAN security and perormance monitor-

ing solution that enables any organization

to mitigate all types o wireless security

threats, enorce enterprise policies, proac-

tively detect and pinpoint wireless peror-

mance problems and audit the regulatory

compliance o all Wi-Fi assets and users

worldwide. It oers 24x7 WLAN monitoring

and protection, delivering:

• Full-timepacketandRFscanningofthe

air so costly threats aren’t missed

• Powertoactivelytest,diagnoseand

remediate problems remotely in less time

• Dynamicupdatetechnologyensures

thenetworkisalwaysprotectedasnew

threats emerge

• FlexibledeploymentoptionswithSoft -

wareSensorAgentstomeetanybudget

•Versatiletri-radiosensordesignsupporting

two 802.11n 3x3 MIMO Wi-Fi radios plus

dedicated spectrum analysis radio

• Easyintegrationwithexisting

inrastructure and practices reducing

burden on sta

AirMagnet Enterprise oers complete visibil-

ity and control over the wireless airspace,

enabling any organization to maximize

eciency o IT sta to reliably deliver the saest and highest availability Wi-Fi access

to mission critical users, while meeting all

compliance requirements.

Dynamicthreatupdate

24x7 WLAN Security and Perormance Monitoring

A i r M a g n e t E n t e r p r i s e


http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 2/6

Automated Response and Network Protection

AirMagnet Enterprise provides a ull arsenal o remediation and

investigation options that can be triggered by policy to ensure

that WLAN problems are quickly and accurately detected and that

appropriate automated protection mechanisms are activated.

Threat Tracing, Blocking/Suppression and Mapping

All devices are traced using a suite o wired and wireless tracing

methods to quickly and reliably determine i a device is connected to

the network. The system uses a newly enhanced set o sophisticated

techniques, including use o SNMP, automated switch discovery, and

hardware and trac analysis, to ensure accurate, ast tracing in any

network topology.

Threats can be manually or automatically remediated with a combina-tion o both wired and wireless threat suppression. Wireless blocking

targets a threat at the source and specically blocks the targeted

wireless device rom making any wireless connections. Wired blocking

automatically closes the wired switch port where a threat has been

traced.

All threats and devices can be located on a map or foor plan and set

to trigger rogue alarms based on the device’s location.

Event Forensics

AirMagnet Enterprise captures a complete packet or RF orensic record

o any network event, allowing appropriate sta to investigate the

issue in depth, at any time.

Notication and Integration

Managers have access to more than a dozen notication and escalation

mechanisms, making it easy to alert specic sta members o issues

or integrate wireless event data into larger enterprise management

systems and operations.

Flexible Sensor Architecture

The new SmartEdge Sensor, Series 4, supports a tri-radio design,

including two 802.11n 3x3 MIMO Wi-Fi radios and dedicated spectrum

analysis. This design enables a wireless connection rom the sensor,

eliminating the need or costly Ethernet cabling, or simultaneous

security monitoring and perormance testing. Using the Sotware Sen-

sor Agent, security monitoring deployments or WIPS can be achieved

on any budget and with increased fexibility. Installed on existing

Windows PCs, the Sotware Sensor Agent provides essential protection

or requirements such as PCI compliance without the need or costly

installation or additional cabling and switch inrastructure.

Roguemanagement

Roguedevicedetectedandtraced

Locate rogue device on a foor map



Best o Breed Security Architecture

AirMagnet Enterprise oers the only solution in the industry to meet

the established standards o a mission-critical security application.

It is the only system to build ault-tolerance into each component,

with ail-over boot images in every sensor and automatic server

ail-over licenses that come standard with the system. Additionally,

AirMagnet Enterprise sensors can operate as ully independent IDS/IPS

nodes detecting and remediating threats without losing inormation,

even i the network connection to the server is lost or days.

Additional unique benets o the AirMagnet Enterprise

architecture include:

Massive Scalability

With intelligent sensors that locally analyze Wi-Fi and RF conditions,

more than 1,000 sensors can be supported through a single centralizedserver in the data center, requiring minimal network bandwidth.

Highest System Resilience

Processing at the sensor level means that each sensor continues to

enorce the security policy even i connection to the server is lost or

more than 24 hours. Hot standby server sotware (included) enables

ully redundant datacenter operations or maximum wireless security

protection.

Designed or Correlation

The AirMagnet Enterprise server continuously correlates analysis rom

all sensors, ensuring that intelligence is always coordinated across

the entire enterprise.

Notication options

AirMagnet Enterprise system

AirMagnetSensor

PRIMARY HOT STANDBY

Interna

l Network

AME Servers in the Data Center

Local Site

Remote Site

Wireless ConnectSoftware Sensor Agent

Console running at theNOC/SOC or remotely

SSA

Spectrum Analysis



Perormance Optimization and TroubleshootingPerormance and reliability o a WLAN are oten directly tied to the

value a wireless network delivers to an organization. AirMagnet

Enterprise technology has consistently been at the oreront o

innovation, developing into wireless network monitoring solutions thathelp IT proessionals identiy and mitigate WLAN problems beore they

impact users. By digging into the root-cause o any issue and arming

users with the critical tools needed to resolve problems when they

happen, AirMagnet Enterprise ensures wireless networks can reliably

support business critical applications.

Find Outages and Emerging Problems Beore Users are Aected

Powered by the Automated Health Check (AHC), AirMagnet Enterprise

sensors and Sotware Sensor Agents actively test and veriy complete

WLAN connectivity rom the wireless link all the way through to appli-

cation servers or the Internet, automatically detecting critical outages

or network degradation while pinpointing the exact source o trouble.

Sensors running AHC tests provide a true client perspective, as they

ully authenticate to the network and proactively probe or problems,

which can be related to WLAN issues or other network resources. This

provides network sta with immediate and specic inormation on the

root cause, so they can respond oten beore users are impacted.

Comprehensive Wireless Analysis

AirMagnet Enterprise identies and generates AirWISE alarms or

perormance issues such as trac congestion, overloaded devices and

channels, device miscongurations, collisions, roaming problems, QoS

issues, as well as complications between 802.11a/b/g/n devices. Toolsor 802.11n optimization enable network sta to ensure that their

WLAN investment is delivering the expected real world perormance

to users.

Unmatched RF Intererence Analysis

AirMagnet Enterprise is the only WLAN monitoring system support-

ing dedicated spectrum analysis hardware in the sensor or the most

accurate and complete RF intererence detection and remote real-time

analysis. The environment is scanned 100 percent o the time over

both 2.4 GHz and 5 GHz Wi-Fi bands, and specically classies interer-

ence sources like video cameras, cordless phones and microwave ovenswhich can seriously impact the perormance o the WLAN.

Real-time Remote Troubleshooting

AirMagnet Enterprise allows IT proessionals to troubleshoot wireless

problems remotely to x problems aster and without costly “truck

rolls”. AirMagnet Enterprise sensors contain a real-time analysis in-

terace based on AirMagnet Wi-Fi Analyzer and Spectrum XT, enabling

sta to track utilization and bandwidth, view real-time decodes,

troubleshoot user connectivity and RF intererence problems without

leaving their desks.

AirWISEalarmwithdetailsofsourceofinterference

AutomatedHealthCheckperformancetestresults

Real-timeremoteWi-Fianalysisinterface



Simple Policy-Driven Management

As Wi-Fi adoption continues to expand, it is increasingly important

or network managers and wireless proessionals to leverage tools that

allow them to easily cut through the food o Wi-Fi data and devices,

revealing the inormation that matters most. AirMagnet Enterprise does

this with tools that easily classiy new Wi-Fi devices, score and

prioritize issues in the network and share timely inormation with

network sta and management systems.

Automatic Device Classication

The AirMagnet Enterprise device classication engine allows a user

to easily and accurately identiy Wi-Fi devices as rogue, neighbors,

monitored or approved devices. Classication rules are built using

simple straightorward sentences and Boolean rules to classiy devices

based on their wired traced status, the device vendor, securitysettings, signal level, association history and variety o other actors.

The system also allows managers to preview new rules so they can see

what devices will be reclassied and catch any problems beore the

policy is pushed live.

Finding the Inormation that Matters

The AirMagnet Enterprise dashboard shows key headline inormation

or all major job roles including the top security issues, perormance

issues, problem devices and compliance issues. All threats are corre-

lated and scored according to user controlled policies. This allows sta

to quickly see and prioritize important events, and see devices that are

at the root o multiple problems.

Focus on Users

The system also includes a concept o VIP users or devices, allowing

sta to prioritize alarms aecting key resources. Similarly, events are

scored on their impact to the network, letting sta prioritize issues

that are aecting many users versus lower impact issues.

Reporting and Compliance

Compliance Reports

AirMagnet Enterprise outputs detailed compliance reports covering a

variety o regulatory standards including Sarbanes-Oxley, HIPAA, PCI,

DSS GLBA, DoD 8100.2, ISO 27001, BASEL 2 and CAD3. Reports provide

a step-by-step pass/ail assessment o each section o the standard. As

a result, IT sta can take the guesswork out o compliance audits and

complete work in a raction o the time.

DashboardviewoftopWLANissues

Intererence



Integrated Reporting

AirMagnet Enterprise’s integrated reporting engine makes it easy to

generate proessional customized reports or any location or date

range. Reports cover all areas o management including RF statistics,

device reports, security and perormance reports. Reports can be

scheduled to run at regular intervals and delivered to key managers

by email.

Intererence (continued)

Ordering Inormation

Model Description

A5505 Enterprise console and server sotware, unlimited sensors

A5115 Enterprise server license or 802.11n eatures, unlimited sensors

A5106 Enterprise server license or spectrum analysis eatures, unlimited sensors

AM/A5311G AirMagnet Enterprise Server License or Sotware Sensor Agent (100)

AM/A5630G AirMagnet Enterprise Server License or AHC

SENSOR4-R1S0-I AirMagnet Sensor, 4th Gen, 1 X 11n Radio, Internal Ant.

SENSOR4-R1S1-I AirMagnet Spectrum Sensor, 4th Gen, 1 X 11n Radio, Internal Ant.

SENSOR4-R2S0-I AirMagnet Sensor, 4th Gen, 2 X 11n Radio, Internal Ant.

SENSOR4-R2S1-I AirMagnet Spectrum, 4th Gen, 2 X 11n Radio, Internal Ant.

SENSOR4-R1S0-E AirMagnet Sensor, 4th Gen, 1 X 11n Radio, External Ant.

SENSOR4-R1S1-E AirMagnet Spectrum, 4th Gen, 1 X 11n Radio, External Ant.

SENSOR4-R2S0-E AirMagnet Sensor, 4th Gen, 2 X 11n Radio, External Ant.SENSOR4-R2S1-E AirMagnet Spectrum, 4th Gen, 2 X 11n Radio, External Ant.

AM/A5032 Power Injector or AirMagnet Sensors

AM/A5033 External Power Adapter or AirMagnet Sensors

CABLEKIT-SENSOR4 Console Cable Kit or Sensor 4 Series

Gold Support (various) Gold support services or each sensor model, 1 yr and 3 yr

Note:TheAirMagnetEnterprisesystemrequiresaserver/database.UserscanpurchaseaserverfromFlukeNetworksorusetheir own server that meets the minimum requirements below.

Server Minimum Requirements

Operating system Microsot Windows Server 2008 / VMware ESX

Processor Intel Xeon E3 Series CPU

Memory 8 GB / 1333 MHz or aster

HD Size 146 GB / 10,000 RPM SAS

Note: Additional requirements may apply when sizing the server to support specic system congurations.Visithttp://www.fukenetworks.com/enterprise-network/wireless-network/AirMagnet-Enterpriseor urther inormation.

Certifcations

Common Criteria Evaluation Assurance Level 2

U.S. FIPS 140-2 Certication

Fluke NetworksP.O. Box 777, Everett, WA USA 98206-0777

Fluke Networks operates in more than 50 countriesworldwide. To nd your local oce contact details,go to www.fukenetworks.com/contact .

©2012 Fluke Corporation. All rights reserved.Printed in U.S.A. 8/2012 3988735D

Documents

AirMagnetEnterp_3988735_0000_ENG_D_W.PDF