This article can also be found in the Premium Editorial Download "Information Security magazine: Lessons learned from good and bad NAC implementations."
Download it now to read this article plus other related content.
WIRELESS NETWORK SECURITY
Price: Starts at $7,995
The latest version of AirDefense is a mature enterprise wireless security solution offers a modularized feature set, which allows organizations to customize their installation to meet specific requirements in a cost-effective way.
AirDefense has focused on the shifting threatscape, which has moved from what one observer has called Internet "hooliganism" to organized crime. With pervasive wireless deployments in retail, manufacturing, delivery and healthcare, companies tasked with regulatory compliance will appreciate its policy and reporting capabilities.
There have been numerous updates since we last examined AirDefense in March 2006. Notable improvements include support for Power over Ethernet (PoE), an improved user interface, overhauled reporting, and new features such as WEP cloaking, advanced forensics, spectrum analysis and a centralized console for the management of multiple AirDefense appliances. These additions should automatically put AirDefense on the short list for enterprises with large, distributed wireless installations.
AirDefense offers three different appliance models to meet the needs of organizations of all scales. We tested the mid-range 3650.
The appliance is initialized via command line interface for basic network configuration. When you attach to the appliance through a browser the first time, AirDefense installs its thin client enterprise GUI on Linux or Windows-based workstations.
For our test, we opted for the Startup Wizard, which led us through system settings, network structure, creating user accounts, defining policies, configuring alarms, automated event classifications, notifications and identifying access points. This was the easiest method of deployment, as the overall documentation for the server and administrator were thin and redundant. You can also restore a previously saved configuration (perfect for distributed enterprise deployments) or go directly to the dashboard for a manual configuration.
Overall, administration is much easier, than the last version we reviewed especially for large, distributed deployments, thanks to the division of labor into distinct roles. We created administrators, who are able to manage all aspects of configuration and management; managers who can do everything an administrator can except for editing logs and adding users; network operators who deal specifically with network operations including alerts and alarms, and a guest account with limited manager and network operator functions.
Furthermore, administration roles can be limited through domain-based partitioning which restricts access to different networks, groups and devices. We assigned our partitioning to logical networks; however, it's easy to see how enterprises, such as retail organizations with multiple locations, divisions and business units could take advantage of this feature.
Users can be authenticated locally through the AirDefense server or through remote RADIUS or LDAP servers.
Sensor placement depends on what type of protection is required. Sensor density is lower for rogue detection and policy enforcement than for connection termination. Location tracking and the newest feature, WEP cloaking, both require more sensors per square feet.
The sensors are a huge improvement over previous hardware, as the version we tested solely utilizes PoE and requires no additional power supply.
This was first published in September 2008