Enterprise Security
Rogue devices are a serious threat to enterprise security. A single rogue
access point can allow an attacker to gain full access to the internal network.
Motorola can identify any rogue device and disable it automatically. Motorola
AirDefense Enterprise identifies rogue devices and determines if they are
connected to your internal network. By analyzing wireless traffic, Motorola can
determine the level of threat that a potential rogue poses to your organization.
This allows administrators to ignore neighbouring devices and focus only on the
rogues that present a serious threat. This advanced analysis also ensures that
neighbouring wireless devices are not misclassified as a rogue. Accuracy is
essential as less sophisticated Wireless IPS systems can easily disable a
neighbouring access point by mistake opening your organization to unwanted
liability.
Detect Rogue Devices
| |
• APs, laptops & speciality devices
• Ad-hoc networks & accidental associations
• Search wired networks for rogues |
Assess Threat Level
| |
• Prioritize based on threat level
• Identify rogues connected to the network
• Ignore neighbouring networks |
Analyze Connections
| |
• In-depth analysis of rogue activity
• Who was connected to the rogue
• How much data transmitted |
Eliminate Rogue Threat
| |
• Automated & manual termination
• Wireless or wired termination
• Stop devices even when they roam
• Locate rogue devices in real-time |
| Comprehensive Intrusion Detection |
| |
| Motorola AirDefense Enterprise provides the most
comprehensive detection of wireless intrusion attempts. By analyzing
existing and day-zero threats in real-time against historical data,
Motorola AirDefense Enterprise is able to accurately detect all wireless
attacks and anomalous behavior. With context-aware detection, correlation
and multi-dimensional detection engines, Motorola detects only meaningful
security events and maintains the lowest rate of false positive alarms.
This next-generation wireless protection platform offers the industry’s
most extensive event library, with more than 200 security and performance
events. |
|
 |
Wireless vulnerabilities detected include
reconnaissance (ad hoc stations, rogue APs, open/misconfigured APs),
sniffing (dictionary attacks, leaky APs, WEP/WPA/LEAP cracking),
masquerade (MAC spoofing, evil twin attacks/Wi-Phishing attacks),
insertion (man-in-the-middle attack, multicast/broadcast injection) and
denial-of-service attacks (disassociation, duration field spoofing, RF
jamming).
Motorola allows administrators to easily distribute and process alarms in
enterprise deployments:
| |
• Customized alarm views, notifications and priorities
• Flexible querying and filtering
• Third-party integration |
Automated protection
Motorola responds automatically to wireless threats by stopping the device
involved before it is able to cause damage to the network. By responding on both
the wireless and wired networks, Motorola is the industry’s most secure wireless
intrusion prevention solution. Motorola performs targeted terminations ensuring
that only the correct intruders and rogue devices are disconnected. The system
maintains a record of termination actions to allow for a reliable audit trail.
Motorola also complies with FCC regulations and eliminates the liability that
could be associated with stopping a device wirelessly.
Air Termination™
Motorola can mitigate wireless threats via the air by disabling wireless
connections between intruders and authorized devices. AirTermination is
extremely precise ensuring that only the offending device is prohibited from
operating.
Wired-side Termination
Motorola identifies the switch port to which offending devices are connected and
turns it off thus preventing the rogue device from accessing the network.
| Investigate Incidents
with Forensic Data |
| |
|
|
| Motorola AirDefense Enterprise provides forensic data that
allows you to retrace any one device’s steps down to the minute. With
forensic research, investigating an event takes minutes instead of
potentially hours. Cases that normally would have required administrators
to physically visit sites can now be investigated remotely. |
|
 |
Administrators can rewind and review minute-by-minute records of connectivity
and communication with the network. By storing more than 325 data points per
wireless device, per connection, per minute, Motorola AirDefense Enterprise
allows organizations to view months of historical data on a wireless device that
was recently discovered to be suspicious.
Motorola stores important information such as channel activity, signal
characteristics, device activity and traffic flow. Motorola can display:
| |
• Time of attack/breach
• Entry point used
• Length of exposure
• Transfers of data
• Systems compromised |
For information on how Supportspread can implement Motorola AirDefense on your
system, please email: enquiries@supportspread.co.uk
|
|
