Wireless Intrusion Detection Wireless Intrusion Detection
AirTrust from TrustNet is a cutting edge wireless intrusion detection system that defends the airwaves by detecting, identifying and alerting nefarious wireless traffic. AirTrust is affordable and installs quickly and easily into any existing network. It provides real and measurable benefits from the moment it is deployed, minimal maintenance footprint, and no need for increased headcount.
AirTrust is integrated into the iTrust security management platform cloud and appliance infrastructure. AirTrust helps organizations comply with various regulatory mandates such as the PCI DSS, DoD 8100.2, HIPAA, GLBA, and Sarbanes-Oxley.
Rogue Access Point Detection
A rogue Access Point (AP) is an unauthorized Wireless LAN device that connects to the organizations network. A rogue AP may have the same network name (SSID) as the organization or a different network name with weak or no encryption. Rogue AP's may be maliciously placed on the trusted network by hackers in order to lure trusted clients to connect. They can also be placed by legitimate users unaware of the potential consequence of their actions. When a rogue AP is detected the AirTrust provides alerts via the iTrust ensuring the organization can take immediate action to mitigate the threat. The AirTrust includes sophisticated filtering technology that prevents false positives and ensures that only real threats are identified and alerted on.
Non-Compliant Access Point Detection
A non-compliant AP is a legitimate access point that has been configured and deployed on the WLAN but does not meet the organization's minimum security requirements for strong encryption. AirTrust provides alerts via the iTrust when a non-compliant AP is detected. This allows the organization to remediate the configuration on the trusted AP and mitigate the risks of a misconfigured AP.
Rogue Client Detection
A rogue client is an untrusted client that connects to the organizations trusted WLAN. This could be a malicious user who obtained the credentials necessary to access the trusted WLAN or a trusted user accessing the WLAN with untrusted hardware. For example a user's personal computing device or untrusted WiFi enabled smartphone. In the event that a rogue client is detected AirTrust provides an alert via the iTrust. These alerts enable the organization to take immediate action, preventing rouge clients connecting and ensuring that only trusted clients connect to the organization's WLAN.
Wandering Client Detection
A wandering client is a trusted client that connects to an untrusted WLAN. Wandering clients are frequently seen when an organization enforces strict access control to the internet and the organization is in the vicinity of open untrusted public AP. The detection of wandering clients is essential to ensure that trusted clients are not bridging the organization's network with an untrusted network. When a wandering client is detected AirTrust signals an alert via the iTrust. Action can then be taken to ensure the wandering client is removed from the trusted network pending remediation.
AirTrust Wireless Intrusion Detection Features
Security Event Management: Includes a single dashboard view of all alerts. Alert detail includes color-coded severity ratings, attack sources, attack targets, time, and date stamp. Users can specify actions such as Dismiss and Escalation to another iTrust user or external email address. Alerts can also be dismissed en masse.
Dashboard Management: Easy to use single-view dashboard with status on all devices and alerts on rogue access points, non-compliant access points, rogue clients, and wandering clients.
Reporting: Easy to understand graphical formats in HTML, PDF, and XML formats. Choose from a selection of standardized reports or create your own using the dynamic report generator. Dashboard reporting also includes detailed information on both trusted and untrusted networks.
Trusted Clients: Add trusted clients that are authorized to connect to your wireless network in bulk through a CSV file, individually, and on the fly via the dashboard.
Role Based Permissions: Enterprise-grade role-based security that controls user access rights across all iTrust applications. Create unlimited number of hierarchical roles enabling delegation of responsibilities to reflect your unique organizational structure. Specify specific actions for each role (for example Schedule Scans, Add/Remove False Positives, Location Management) and authorized functional profile (for example Full Vulnerability Assessment, SANS Top 20, PCI Compliance Check).
