Wireless intrusion prevention systems: A buyer's guide
A collection of articles that takes you from defining technology needs to purchasing options
Zebra Technologies' AirDefense is an enterprise wireless intrusion prevention system that was acquired from Motorola Solutions in late 2014. The product is designed to monitor network activity for wireless local area networks. The purpose of this monitoring is to identify WLAN-based attacks and suspicious activity, including rogue WLAN access points and unauthorized WLAN connections, and prevent these attacks from succeeding.
By thwarting threats, Zebra Technologies' AirDefense can prevent WLAN outages and performance degradation caused by attacks, as well as enable faster detection of and response to compromises that occur over the WLAN client devices. This reduces compromises of sensitive data and other negative impacts to the organization.
One general note on Zebra AirDefense: since the product's acquisition, Zebra Technologies has not published much information on the features or other characteristics of the current product. Some information is still available through Motorola Solutions' websites, but the accuracy of this information is unknown and parts of it are likely to be outdated. Therefore, organizations that are interested in the Zebra AirDefense product should contact Zebra Technologies and request the latest detailed information on their current version of the product.
AirDefense is sold in a hardware appliance format, and possibly others as well, for WIPS management. AirDefense dedicated WIPS sensors are also available. More information on Zebra AirDefense product versions can be obtained by contacting the company.
Attack discovery capabilities
Zebra Technologies AirDefense offers the basic WIPS attack discovery capabilities: detection of rogue APs and unauthorized WLAN connections, as well as remote wireless testing for vulnerability assessments. AirDefense does not claim to offer any more advanced attack discovery capabilities such as mapping the physical locations of APs and client devices, and detecting denial-of-service attacks, spoofing attacks and the use of active authentication and encryption cracking techniques. This indicates that AirDefense likely has the weakest attack discovery capabilities of all leading WIPS products in this series when it comes to the types of attack discovery capabilities offered. However, AirDefense does have a "mobile workforce protection" feature in AirDefense Personal, which comes in the form of a software agent that runs on Windows PCs and monitors for suspicious wireless network activity.
Data collection and reporting capabilities
Zebra Technologies AirDefense can perform both basic WIPS data collection functions, and also some forensic data collection activities, to enable retracing an attacker's activities. AirDefense also offers built-in reporting to support multiple security compliance initiatives, as well as other reporting purposes. Compliance initiatives supported include the Payment Card Industry Data Security Standard, HIPAA and the Sarbanes-Oxley Act.
Because Zebra AirDefense appears to be based on hardware appliances for management and dedicated WIPS sensors, it is unlikely that there are other licensing costs associated with their use, except possibly for support contracts.
Because so little information is publicly available about the Zebra AirDefense WIPS and its capabilities and characteristics, it is hard to draw strong conclusions about its potential adoption by organizations. Any organization with an interest in evaluating AirDefense should first contact Zebra Technologies and receive detailed information about all of its capabilities -- not just attack discovery, data collection and reporting; but also high availability, usability and others. Only by receiving and analyzing this information can an organization decide whether Zebra Technologies' AirDefense is a WIPS product worthy of further evaluation and possible adoption.
Part one of this series looks at WIPS in the enterprise
Part two of this series offers six enterprise use cases for WIPS
Part three of this series examines seven criteria for purchasing WIPS products
Part four of this series compares the best WIPS products in the market