AirTight Networks SpectraGuard Enterprise review
AirTight delivers a wireless security solution that's easy to deploy, elegantly simple and frighteningly effective.
Review Date: 11 Feb 2008
Reviewed By: Dave Mitchell
Price when reviewed: exc VAT for appliance and two sensors
AirTight Networks is a newcomer to the European wireless security market, but aims to stand out by offering a solution that's capable of detecting wireless APs and automatically classifying them.
SpectraGuard Enterprise is also dramatically different to most wireless security solutions, because it doesn't take an all-or-nothing approach to rogue APs and clients. Most consider any AP they don't recognise as a rogue and, if you have containment activated, will attack it. Very real problems can arise where businesses are close to other companies with their own wireless networks, making containment risky.
Although SpectraGuard also offers containment, this appliance-based solution uses sensors that are purely for monitoring, enforcing security policies and location tracking. SpectraGuard uses an obvious test when it detects a new AP because all it needs to know is whether it's wired to your network. The sensors send a broadcast packet via the wired network and check whether it can be received over the wireless network. If the AP is confirmed as connected to your wired network but isn't in the authorised list then it's a rogue. If the AP doesn't have a wired link, it's left alone.
Essentially, SpectraGuard can allow authorised clients and APs to associate with each other and will block authorised clients from accessing rogue and external APs, but won't interfere with external APs and unauthorised clients. Wireless clients that connect to an authorised AP and establish a viable session are placed in the authorised client list, but if they associate with an external AP they won't be allowed to join the protected network.
SpectraGuard can also stop internal wireless clients from accessing external networks other than your own, preventing client mis-associations and stopping APs being used as honeypots.
For testing, we placed the appliance and one sensor in our lab and located two more sensors about 50m away in a decent-sized triangle, running them all over PoE. Little gets past the sensors, as they monitor 2.4GHz and 5GHz frequencies and will see anything in the 802.11 spectrum. We left the system running for a couple of days and it picked up 24 APs and 55 wireless clients. All APs were classified as external because we knew none was wired to our test LAN, and all clients were classified as unauthorised. We placed a Buffalo Wireless-G AP in the lab and SpectraGuard picked it up in seconds, placing it in its external list. We then fired up a PC with a D-Link 11g PCI wireless card, which was also deemed unauthorised. When we added a 3Com AP running from the lab's PoE switch, it was immediately classed as rogue due to its wired connection to our LAN.
The Java management interface dashboard clearly shows all the action. We picked out our rogue AP from the main list and were able to view all details about it, including traffic statistics and associated clients. From the drop-down menu we could authorise the AP, quarantine it or place it in a banned list. Selecting the Location menu option opens a chart showing which sensors detected it and their distances from it. We imported a JPEG floor plan of our building and, after placing the sensor icons within it, were able to pinpoint the AP's position to within a few metres.
SpectraGuard will only enforce compliance once you've created policies. We opted to block rogue APs only and had the policy running with just a couple of mouse clicks. We were shocked by SpectraGuard's swift justice. The wireless client PC blue-screened seconds after the policy was activated. AirTight advised us this could happen, as the sensors are bombarding the client's wireless adapter with de-auth packets, which can cause a buffer overflow and a Windows hardware fault. But the PC remained unharmed. However, the only way we could use it was to stop it trying to associate with the rogue AP, remove the AP or deactivate the policy.
- Samsung tempts the selfie market with A5 and A3 smartphones
- Internet tax: what it is and why it failed
- Android co-founder Andy Rubin leaves Google
- Windows 10 trackpad shortcuts: Microsoft takes a leaf out of Apple's book
- Promo: Using IBM BlueMix to create successful business apps
- Why the Microsoft Band could be a game changer
- What's on this week's PC Pro podcast?
- Microsoft Office 16 set to launch late next year
- HP's vision for the future of PCs: the 3D Sprout
- How Google X plans to detect cancer and heart disease using nano-magnets
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Five smartwatch features we’ll see by 2015
- How to wipe an Android phone or tablet
- iPad Air 2 vs Nexus 9: Apple and Google's latest high-end tablets compared
- Five things that are actually new in the iPad Air 2
- Bendgate, Antennagate, and why Apple doesn’t care about bad news
- iPad Air 2 and iPad mini 3 release date, specs and UK price rumours
- Office Online vs Google Docs: which free online office suite is best?
- iPhone 6 Plus vs iPhone 6 design comparison
- How to speed up an Android smartphone
- Nexus 6 release date, specs, UK price and leaked images
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office