Upload
grabonlee
View
215
Download
0
Embed Size (px)
Citation preview
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 1/6Technical Data
unique ramework or maintaining the most
up-to-date WLAN security posture or the
enterprise.
The AirWISE engine constantly analyzes all
wireless devices and trac using a
combination o rame inspection, stateul
pattern analysis, statistical modeling, RF
analysis and anomaly detection, enabling
detection o hundreds o specic threats such
as rogue devices, spooed devices, DoS
attacks, man-in-the-middle attacks, evil
twins, as well as the most recent hacking
tools and vulnerabilities such as WPS brute
orce attack, Karmetasploit and 802.11n
uzzing attacks.
AirMagnet Enterprise –
Complete Wi-Fi Security
AirMagnet Enterprise protects against every
wireless threat by combining the industry’s
most thorough wireless monitoring with lead-
ing research, analysis and threat remediation.
Full Visibility
AirMagnet Enterprise scans all possible
802.11 channels (including the 200 extended
channels), ensuring there are no blind
spots where rogue devices may be hiding.
AirMagnet Enterprise goes beyond Wi-Fi
analysis with optional spectrum analysis that
detects and classies RF jamming attacks,
Bluetooth devices and many other
non-802.11 transmitter types, such
as unapproved wireless cameras.
Industry Leading Threat Detection
The AirMagnet Intrusion Research Teamconstantly investigates the latest hacking
techniques, trends and potential
vulnerabilities to keep organizations ahead
o evolving threats. New Dynamic Threat
Update technology speeds the creation,
automation and immediate deployment o
new threat signatures through the AirMagnet
AirWISE® engine. As soon as any new threat
denition is ready, it can be deployed with
no impact to system operation, providing a
AirMagnet Enterprise provides a scalable
WLAN security and perormance monitor-
ing solution that enables any organization
to mitigate all types o wireless security
threats, enorce enterprise policies, proac-
tively detect and pinpoint wireless peror-
mance problems and audit the regulatory
compliance o all Wi-Fi assets and users
worldwide. It oers 24x7 WLAN monitoring
and protection, delivering:
• Full-timepacketandRFscanningofthe
air so costly threats aren’t missed
• Powertoactivelytest,diagnoseand
remediate problems remotely in less time
• Dynamicupdatetechnologyensures
thenetworkisalwaysprotectedasnew
threats emerge
• FlexibledeploymentoptionswithSoft -
wareSensorAgentstomeetanybudget
•Versatiletri-radiosensordesignsupporting
two 802.11n 3x3 MIMO Wi-Fi radios plus
dedicated spectrum analysis radio
• Easyintegrationwithexisting
inrastructure and practices reducing
burden on sta
AirMagnet Enterprise oers complete visibil-
ity and control over the wireless airspace,
enabling any organization to maximize
eciency o IT sta to reliably deliver the saest and highest availability Wi-Fi access
to mission critical users, while meeting all
compliance requirements.
Dynamicthreatupdate
24x7 WLAN Security and Perormance Monitoring
A i r M a g n e t E n t e r p r i s e
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 2/6
Automated Response and Network Protection
AirMagnet Enterprise provides a ull arsenal o remediation and
investigation options that can be triggered by policy to ensure
that WLAN problems are quickly and accurately detected and that
appropriate automated protection mechanisms are activated.
Threat Tracing, Blocking/Suppression and Mapping
All devices are traced using a suite o wired and wireless tracing
methods to quickly and reliably determine i a device is connected to
the network. The system uses a newly enhanced set o sophisticated
techniques, including use o SNMP, automated switch discovery, and
hardware and trac analysis, to ensure accurate, ast tracing in any
network topology.
Threats can be manually or automatically remediated with a combina-tion o both wired and wireless threat suppression. Wireless blocking
targets a threat at the source and specically blocks the targeted
wireless device rom making any wireless connections. Wired blocking
automatically closes the wired switch port where a threat has been
traced.
All threats and devices can be located on a map or foor plan and set
to trigger rogue alarms based on the device’s location.
Event Forensics
AirMagnet Enterprise captures a complete packet or RF orensic record
o any network event, allowing appropriate sta to investigate the
issue in depth, at any time.
Notication and Integration
Managers have access to more than a dozen notication and escalation
mechanisms, making it easy to alert specic sta members o issues
or integrate wireless event data into larger enterprise management
systems and operations.
Flexible Sensor Architecture
The new SmartEdge Sensor, Series 4, supports a tri-radio design,
including two 802.11n 3x3 MIMO Wi-Fi radios and dedicated spectrum
analysis. This design enables a wireless connection rom the sensor,
eliminating the need or costly Ethernet cabling, or simultaneous
security monitoring and perormance testing. Using the Sotware Sen-
sor Agent, security monitoring deployments or WIPS can be achieved
on any budget and with increased fexibility. Installed on existing
Windows PCs, the Sotware Sensor Agent provides essential protection
or requirements such as PCI compliance without the need or costly
installation or additional cabling and switch inrastructure.
Roguemanagement
Roguedevicedetectedandtraced
Locate rogue device on a foor map
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 3/6
Best o Breed Security Architecture
AirMagnet Enterprise oers the only solution in the industry to meet
the established standards o a mission-critical security application.
It is the only system to build ault-tolerance into each component,
with ail-over boot images in every sensor and automatic server
ail-over licenses that come standard with the system. Additionally,
AirMagnet Enterprise sensors can operate as ully independent IDS/IPS
nodes detecting and remediating threats without losing inormation,
even i the network connection to the server is lost or days.
Additional unique benets o the AirMagnet Enterprise
architecture include:
Massive Scalability
With intelligent sensors that locally analyze Wi-Fi and RF conditions,
more than 1,000 sensors can be supported through a single centralizedserver in the data center, requiring minimal network bandwidth.
Highest System Resilience
Processing at the sensor level means that each sensor continues to
enorce the security policy even i connection to the server is lost or
more than 24 hours. Hot standby server sotware (included) enables
ully redundant datacenter operations or maximum wireless security
protection.
Designed or Correlation
The AirMagnet Enterprise server continuously correlates analysis rom
all sensors, ensuring that intelligence is always coordinated across
the entire enterprise.
Notication options
AirMagnet Enterprise system
AirMagnetSensor
PRIMARY HOT STANDBY
Interna
l Network
AME Servers in the Data Center
Local Site
Remote Site
Wireless ConnectSoftware Sensor Agent
Console running at theNOC/SOC or remotely
SSA
Spectrum Analysis
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 4/6
Perormance Optimization and TroubleshootingPerormance and reliability o a WLAN are oten directly tied to the
value a wireless network delivers to an organization. AirMagnet
Enterprise technology has consistently been at the oreront o
innovation, developing into wireless network monitoring solutions thathelp IT proessionals identiy and mitigate WLAN problems beore they
impact users. By digging into the root-cause o any issue and arming
users with the critical tools needed to resolve problems when they
happen, AirMagnet Enterprise ensures wireless networks can reliably
support business critical applications.
Find Outages and Emerging Problems Beore Users are Aected
Powered by the Automated Health Check (AHC), AirMagnet Enterprise
sensors and Sotware Sensor Agents actively test and veriy complete
WLAN connectivity rom the wireless link all the way through to appli-
cation servers or the Internet, automatically detecting critical outages
or network degradation while pinpointing the exact source o trouble.
Sensors running AHC tests provide a true client perspective, as they
ully authenticate to the network and proactively probe or problems,
which can be related to WLAN issues or other network resources. This
provides network sta with immediate and specic inormation on the
root cause, so they can respond oten beore users are impacted.
Comprehensive Wireless Analysis
AirMagnet Enterprise identies and generates AirWISE alarms or
perormance issues such as trac congestion, overloaded devices and
channels, device miscongurations, collisions, roaming problems, QoS
issues, as well as complications between 802.11a/b/g/n devices. Toolsor 802.11n optimization enable network sta to ensure that their
WLAN investment is delivering the expected real world perormance
to users.
Unmatched RF Intererence Analysis
AirMagnet Enterprise is the only WLAN monitoring system support-
ing dedicated spectrum analysis hardware in the sensor or the most
accurate and complete RF intererence detection and remote real-time
analysis. The environment is scanned 100 percent o the time over
both 2.4 GHz and 5 GHz Wi-Fi bands, and specically classies interer-
ence sources like video cameras, cordless phones and microwave ovenswhich can seriously impact the perormance o the WLAN.
Real-time Remote Troubleshooting
AirMagnet Enterprise allows IT proessionals to troubleshoot wireless
problems remotely to x problems aster and without costly “truck
rolls”. AirMagnet Enterprise sensors contain a real-time analysis in-
terace based on AirMagnet Wi-Fi Analyzer and Spectrum XT, enabling
sta to track utilization and bandwidth, view real-time decodes,
troubleshoot user connectivity and RF intererence problems without
leaving their desks.
AirWISEalarmwithdetailsofsourceofinterference
AutomatedHealthCheckperformancetestresults
Real-timeremoteWi-Fianalysisinterface
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 5/6
Simple Policy-Driven Management
As Wi-Fi adoption continues to expand, it is increasingly important
or network managers and wireless proessionals to leverage tools that
allow them to easily cut through the food o Wi-Fi data and devices,
revealing the inormation that matters most. AirMagnet Enterprise does
this with tools that easily classiy new Wi-Fi devices, score and
prioritize issues in the network and share timely inormation with
network sta and management systems.
Automatic Device Classication
The AirMagnet Enterprise device classication engine allows a user
to easily and accurately identiy Wi-Fi devices as rogue, neighbors,
monitored or approved devices. Classication rules are built using
simple straightorward sentences and Boolean rules to classiy devices
based on their wired traced status, the device vendor, securitysettings, signal level, association history and variety o other actors.
The system also allows managers to preview new rules so they can see
what devices will be reclassied and catch any problems beore the
policy is pushed live.
Finding the Inormation that Matters
The AirMagnet Enterprise dashboard shows key headline inormation
or all major job roles including the top security issues, perormance
issues, problem devices and compliance issues. All threats are corre-
lated and scored according to user controlled policies. This allows sta
to quickly see and prioritize important events, and see devices that are
at the root o multiple problems.
Focus on Users
The system also includes a concept o VIP users or devices, allowing
sta to prioritize alarms aecting key resources. Similarly, events are
scored on their impact to the network, letting sta prioritize issues
that are aecting many users versus lower impact issues.
Reporting and Compliance
Compliance Reports
AirMagnet Enterprise outputs detailed compliance reports covering a
variety o regulatory standards including Sarbanes-Oxley, HIPAA, PCI,
DSS GLBA, DoD 8100.2, ISO 27001, BASEL 2 and CAD3. Reports provide
a step-by-step pass/ail assessment o each section o the standard. As
a result, IT sta can take the guesswork out o compliance audits and
complete work in a raction o the time.
DashboardviewoftopWLANissues
Intererence
7/27/2019 AirMagnetEnterp_3988735_0000_ENG_D_W.PDF
http://slidepdf.com/reader/full/airmagnetenterp39887350000engdwpdf 6/6
Integrated Reporting
AirMagnet Enterprise’s integrated reporting engine makes it easy to
generate proessional customized reports or any location or date
range. Reports cover all areas o management including RF statistics,
device reports, security and perormance reports. Reports can be
scheduled to run at regular intervals and delivered to key managers
by email.
Intererence (continued)
Ordering Inormation
Model Description
A5505 Enterprise console and server sotware, unlimited sensors
A5115 Enterprise server license or 802.11n eatures, unlimited sensors
A5106 Enterprise server license or spectrum analysis eatures, unlimited sensors
AM/A5311G AirMagnet Enterprise Server License or Sotware Sensor Agent (100)
AM/A5630G AirMagnet Enterprise Server License or AHC
SENSOR4-R1S0-I AirMagnet Sensor, 4th Gen, 1 X 11n Radio, Internal Ant.
SENSOR4-R1S1-I AirMagnet Spectrum Sensor, 4th Gen, 1 X 11n Radio, Internal Ant.
SENSOR4-R2S0-I AirMagnet Sensor, 4th Gen, 2 X 11n Radio, Internal Ant.
SENSOR4-R2S1-I AirMagnet Spectrum, 4th Gen, 2 X 11n Radio, Internal Ant.
SENSOR4-R1S0-E AirMagnet Sensor, 4th Gen, 1 X 11n Radio, External Ant.
SENSOR4-R1S1-E AirMagnet Spectrum, 4th Gen, 1 X 11n Radio, External Ant.
SENSOR4-R2S0-E AirMagnet Sensor, 4th Gen, 2 X 11n Radio, External Ant.SENSOR4-R2S1-E AirMagnet Spectrum, 4th Gen, 2 X 11n Radio, External Ant.
AM/A5032 Power Injector or AirMagnet Sensors
AM/A5033 External Power Adapter or AirMagnet Sensors
CABLEKIT-SENSOR4 Console Cable Kit or Sensor 4 Series
Gold Support (various) Gold support services or each sensor model, 1 yr and 3 yr
Note:TheAirMagnetEnterprisesystemrequiresaserver/database.UserscanpurchaseaserverfromFlukeNetworksorusetheir own server that meets the minimum requirements below.
Server Minimum Requirements
Operating system Microsot Windows Server 2008 / VMware ESX
Processor Intel Xeon E3 Series CPU
Memory 8 GB / 1333 MHz or aster
HD Size 146 GB / 10,000 RPM SAS
Note: Additional requirements may apply when sizing the server to support specic system congurations.Visithttp://www.fukenetworks.com/enterprise-network/wireless-network/AirMagnet-Enterpriseor urther inormation.
Certifcations
Common Criteria Evaluation Assurance Level 2
U.S. FIPS 140-2 Certication
Fluke NetworksP.O. Box 777, Everett, WA USA 98206-0777
Fluke Networks operates in more than 50 countriesworldwide. To nd your local oce contact details,go to www.fukenetworks.com/contact .
©2012 Fluke Corporation. All rights reserved.Printed in U.S.A. 8/2012 3988735D