SpectraGuard Online FAQs
Overview
What is SpectraGuard Online?
Because of widespread proliferation of wireless devices,
every corporate network has to deal with wireless vulnerabilities, even if
wireless is not officially deployed.
SpectraGuard Online from AirTight Networks® is the world’s
first wireless vulnerability management solution that delivers wireless security
online, on-demand. It is now available in a pay-as-you-go subscription model
that does not compromise on features, functionalityand scalability.
Highlights:
- Incur no capital expenditures – No equipment purchases
- Pay only for the wireless security features you subscribe for
- Pricing starts at less than $2 per day per building floor
- Affordable and predictable total cost of ownership (TCO)
- Future-proof – no hardware or software obsolescence
Why should I buy SpectraGuard Online?
If you are interested in a wireless vulnerability
management solution that does not require any equipment purchase or large
upfront cost, you should consider SpectraGuard Online. It is available on a
pay-as-you-go monthly subscription model.
With SpectraGuard Online, there is no need to incur any capital expenditures or to go through complex deployment. Pricing starts as low as $2 per building floor per day. You are assured of an affordable and predictable total cost of ownership (TCO)
What are the capabilities of SpectraGuard Online?
SpectraGuard Online capabilities include all steps involved
in the wireless vulnerability management lifecycle. SpectraGuard Online offers
three service modules:
Vulnerability Assessment
Scan your network for wireless threats. SpectraGuard Online
automatically scans, detectsand classifies all unauthorized access and rogue
traffic to your network. Generates global wireless vulnerability assessment
reports with 1-click
Regulatory Compliance
Meet all your wireless compliance requirements for
regulatory standards such as PCI, SOX, HIPAA, GLBA and others. Simplify the
reporting process with user-friendly predefined reports.
Vulnerability Remediation
Take proactive action against any wireless security threat
by blocking it and removing it by accurately locating it on your floor map with
the most precise location tracking solution.
Is there an alternative to SpectraGuard Online?
An alternative to SpectraGuard Online is to perform the
wireless vulnerability assessment manually. You can take a handheld or laptop
based scanner and walk around through all global locations in your organization.
This process is time-consuming, expensive and not repeatable. It also requires
wireless expertise.
Instead with SpectraGuard Online, you plug in the wireless scanners and generate the global wireless vulnerability assessment reports with a single mouse click.
How do I choose between SpectraGuard Online and
SpectraGuard Enterprise?
Both SpectraGuard Online and SpectraGuard Enterprise
solutions deliver a comprehensive set of features for wireless vulnerability
management and wireless security.
SpectraGuard Online is the solution for you if:
- You have an opex budget
- You want to start with a small wireless security deployment and grow gradually
- If you want a pay-as-you-go monthly pricing
SpectraGuard Enterprise is the solution for you if:
- You have a capex budget
- You are interested to purchase and own the wireless security equipment
- You are planning an extremely large wireless security deployment
Wireless Vulnerability Assessment
Why should I conduct a wireless vulnerability scan?
A wireless
vulnerability scan enables you to:
- Discover and prioritizes all wireless assets on a 24x7 basis
- Perform wireless policy audits
- Generate wireless vulnerability reports with 1-click
- Create a snapshot of your wireless security posture
- Assess your overall wireless security risk
Since your wireless environment is dynamic and new wireless threats emerge every day, we recommend that a wireless vulnerability scan be conducted every 15 days.
I do not have a wireless network. Should I worry about
wireless vulnerabilities?
Many wireless vulnerabilities exist even if you do not have
an official wireless network. For example, a rogue access point (AP) plugged
into your network or an employee laptop connecting to an AP in your neighbor’s
network are high severity vulnerabilities. In addition, data security standards
such as PCI, SOX, GLBA, HIPAA have wireless compliance requirements. Hence, you
should scan for wireless vulnerabilities to make sure that your network is
protected against wireless threats.
I am new to SpectraGuard Online. Which module should I
start with?
You should start with the basic vulnerability assessment
module. It allows you to scan the network for wireless vulnerabilities and
generate a report on your wireless security posture.
If compliance standard applies to your organizations, add the regulatory compliance module. Add the vulnerability remediation module after you want to automatically protect against the wireless vulnerabilities.
Will wireless scanning cause disruption in my network?
No. Wireless scanning will not cause any disruption in your
network. SpectraGuard Online conducts a passive wireless scan.
Regulatory Compliance
Why do I need the regulatory compliance module?
Regulatory compliance module conducts a wireless
vulnerability assessment, baselines it against the applicable data security
standard and generates a wireless compliance report. It evaluates your wireless
security posture relative to the data security standard and assigns you an
overall risk score.
How do I use the regulatory compliance module?
With the regulatory compliance module, you can generate
wireless compliance reports with a single mouse-click. Wireless compliance
reports can be generated on-demand or can be scheduled for periodic delivery.
What data security standards are covered by the
regulatory compliance module?
Regulatory compliance module can handle any data security
standard. Currently with the Regulatory compliance module provides pre-defined
wireless compliance reports for PCI, Sarbanes-Oxley (SOX), Gramm-Leach-Bliley
(GLBA), Health Information Portability and Accountability Act (HIPAA) and
Department of Defense Directive 8100.2. You can add compliance reports for other
data security standards by simply defining a custom report.
Wireless Vulnerability Remediation
Why do I need the wireless vulnerability remediation
module?
You can remediate wireless vulnerabilities manually by
patching each wireless device and correcting the vulnerabilities. However, this
is a time-consuming and expensive process.
If you want to automate the containment of wireless vulnerabilities without leaving your desk, you should consider the wireless vulnerability remediation module. You can set up policies to automatically prevent wireless threats. Alternately, you can block a wireless device manually.
My wireless vendor provides me with security features.
Do still I need SpectraGuard Online?
Yes. SpectraGuard Online performs wireless vulnerability
assessment and compliance in an unbiased, independent and vendor-agnostic
manner. It looks at your overall wireless security posture without considering
the wireless network provider.
If you believe that there should be a separation between the solution providing the “wireless network” and the solution conducting a “wireless security audit”, you should consider SpectraGuard Online.
If you believe in this separation between the “church” and the “state”, then you should consider an independent solution.
What does the wireless vulnerability remediation module
offer?
Wireless vulnerability remediation module offers you
multiple capabilities:
- Provides 24x7 notification of wireless vulnerabilities as they occur
- Prevents breaches by blocking wireless vulnerabilities and security threats
- Tracks the location of security threats on a floor map with pinpoint accuracy
- Provides a visual view of wireless signal spillage from corporate APs
Wireless Security as a Service
I have heard of the term SaaS. What is it?
SaaS stands for “Software as a Service”. You use the software over the internet via a web based interface. Instead of buying the software license and installing the application on your computers, you subscribe to use the application hosted by the company that develops and sells the software.
In case of SaaS, you are not locked to a solution or vendor. You are not stuck with capital equipment purchases. You also save on the infrastructure and manpower cost required to deploy and maintain the application.
Can wireless security be offered as a
Software-as-a-Service (SaaS)?
Yes, wireless security can be offered as a
Software-as-a-Service(SaaS), like other software products. You do not have to
purchase or own the security equipment. You do not have to go through complex
deployment to obtains the benefits of wireless security.. You pay only for the
modules that you subscribe for.
With a SaaS model, subscription pricing is all inclusive. You never have to pay extra for 24x7 technical support, zero-day attack protection, software or hardware upgrades. You are completely insured against hardware or software obsolescence.
Do you have a non-SaaS version of SpectraGuard Online?
Yes. AirTight Networks also sells SpectraGuard Enterprise
for large customers who have a capex budget and wish to purchase the wireless
security equipment outright. This solution is suited for large customers who are
willing to commit deployment and management resources to maintain an in-house
security solution.
Reports
What reports can SpectraGuard Online generate?
SpectraGuard Online can generate various wireless
vulnerability assessment reports that assess the overall wireless security
posture of your organization. Additionally, it can generate regulatory
compliances reports for PCI, SOX, GLBA, HIPAAand DoD Directive 8100.2. You can
also define custom compliance reports to support additional regulatory
requirements.
What are the supported output formats for reports?
Reports can be generated in either in HTML or XML format.
PDF format will be supported in the future.
Can I generate reports on-demand?
Yes, you can generate reports on-demand. When you select a
report for immediate generation, this report either opens in another browser
window (HTML format) or is saved as a file (XML format).
Can I schedule the reports to be automatically generated
and delivered?
Yes, you can schedule reports for automatic generation and
delivery via email. When you select a report for automatic generation and
delivery, you can schedule either a one-time delivery or a recurring delivery of
report.
Pricing
I need wireless security but do not have the capex
budget. Can I afford the service?
Yes. With SpectraGuard Online there is no need for capital
expenditure or deployment and maintenance costs. You pay on a per service
module/per wireless scanner/per month basis.
Pricing starts at approximately $2/day per building floor.
To put the pricing in perspective, it is less than:
- The cost of printer paper per floor per day
- The cost of drinking water per floor per day
- The cost of janitorial services per floor per day
- The cost of coffee per floor per day
If wireless security is important to you, then yes, you can afford the SpectraGuard Online service.
We are a large enterprise with our own technical staff.
Is SpectraGuard Online still beneficial to us?
Yes. SpectraGuard Online automates the process of assessing
and remediating wireless vulnerabilities. You technical staff can spend time
quickly fixing the wireless vulnerabilities rather than hunting for them with
wireless handhelds.
How much does SpectraGuard Online cost?
Typically, pricing starts at approximately $2 per day per
building floor. You pay on a per service module/per wireless scanner/per month
basis
Contact sales for pricing details.
Each wireless scanner scans about 20,000 sq. ft of area. You buy only as many wireless scanners as you need. The monthly cost of the service depends upon the number of service modules that you subscribe to.
Can I pay as I go?
Yes. SpectraGuard Online is priced monthly with a minimum 1
year commitment. Contracts are renewed yearly.
It is recommended that you start with a basic service module and a minimum number of wireless scanners to cover your airspace. As you grow, you can add more wireless scanners and additional service modules.
How does your 30-day free-trial work?
The
30-day free trial
comes with absolutely no financial obligation. We want to
you feel comfortable with the value provided by SpectraGuard Online. You can use
the trial period to conduct a wireless vulnerability assessment and understand
your organization's wireless security posture.
At the end of the 30-day free trial, your annual subscription will start automatically without any interruption to the service. If you cancel before the end of the 30-day free trial, there is absolutely no financial obligation.
Do I have to pay support and maintenance charges?
No. SpectraGuard Online subscription pricing is all
inclusive. You will never have to pay extra for support and maintenance
charges. 24x7 technical support and hardware replacement is included in the
pricing.
Do I have to pay for hardware and software upgrades?
No. SpectraGuard Online subscription pricing is all
inclusive. You will never have to pay extra for hardware and software upgrades
or zero-day attack protection.
What if wireless security technology changes. Will my
investment become obsolete?
No. With SpectraGuard Online you are completely
future-proofed against wireless security technology obsolescence. You will get
the latest wireless security technology (software and hardware) at no additional
as long as you are subscribed to SpectraGuard Online.
General
Does anyone else offer a service similar to SpectraGuard
Online?
No. SpectraGuard Online is the world's first end-to-end
wireless vulnerability management solution that is delivered online, on-demand.
AirTight Networks is the pioneer in providing wireless vulnerability assessment
and remediation in a Software-as-as-Service (SaaS) model.
Where are SpectraGuard Online's secure data centers
located?
SpectraGuard Online's secure data centers (SDCs) are
currently located in Silicon Valley, California. SDCs are hosted in SAS 70
certified co-location facilities, known for their extremely high standards of
data security, availability and uptime. We plan to add more SDCs all over the
world in the near future.
How does it work?
How often does SpectraGuard Online scan my network for
wireless vulnerabilities?
SpectraGuard Online scans the network for wireless
vulnerabilities every 2 minutes. The wireless scanner (sensor) must be connected
to the secure data center (SDC). The results of scans are sent to the SDC where
they are compiled and reports are created.
How do I access the service?
You can access the service at
https://online.spectraguard.net. Enter your customer ID and you will be
taken to a login page where you can enter the login credentials provided to you.
After login, you can access the SpectraGuard Online service.
How are reports delivered?
Scheduled reports are delivered by email. They are sent to
the email address set up in your user profile. The on-demand report either opens
in another browser window or is saved as a file, depending upon the format
specified.
Will I be notified instantly when vulnerability occurs?
Yes. If you purchase the add-on Vulnerability Remediation
module, you will get an instant notification by email when vulnerability occurs.
You can configure SpectraGuard Online to send the notification to one or more
one email addresses.
Wireless Scanner (Sensor) Deployment
What are Sensors?
Sensor is a popular name for our Wireless Scanner. They are
small devices with wireless antennas and an Ethernet port. These sensors are
plugged into your network ports that have access to the Internet. They transmit
the scan data to the secure data center (SDC) where wireless security data is
processed.
Why are Wireless scanners needed?
Wireless scanners (sensors) are needed to scan the wireless
environment in your organization. Wireless scanners scan the wireless activity
in your environment and transmit the scan data to the secure data center (SDC)
where wireless security data is processed .
How easy is it to deploy Wireless scanners?
Wireless scanners (sensors) are deployed in plug-and-play
mode. Just connect the wireless scanner to an Ethernet port with internet
access. If you will see all its 4 LEDs go green, it means that the wireless
scanners are able to communicate with the Secure Data Center (SDC)
successfully,.
Wireless scanners support Power-over-Ethernet (PoE, 802.3af). Wireless scanners can be placed on your desk or on a cubicle wall. Optionally, you can also mount it on the wall or ceiling using an optional bracket accessory.
How many Wireless scanners should I deploy?
You should deploy a wireless scanner (sensor) in each
location where a wireless scan is required. Each wireless scanner can scan about
20,000 sq. ft of moderately populated area. Typically they should be evenly
distributed on the floor. If the floor area is larger or crowded then you may
need more wireless scanners to adequately scan the location.
Can I add more Wireless scanners later?
Yes, you can add more wireless scanners (sensors) at any
time. Typically, more wireless scanners are needed if you want to scan
additional locations or you want to provide additional scanning coverage for a
particular. Just follow the same plug-and-play deployment procedure for
additional wireless scanners.
Is Wireless scanner placement important?
Yes. You must place the wireless scanners (sensors) such
that together they provide full air cover to the entire floor.. Each wireless
scanner can scan about 20,000 sq. ft of moderately populated area. Normally, you
can get air cover by evenly distributing them on the floor. You can also see the
scanner coverage in the “Locations” view of SpectraGuard Online.
If you are interested in accurate wireless scanner placement, visit our security planning solutions page.
Firewall Settings
Do I have to make changes to the firewall to use
SpectraGuard Online?
No. Normally, you do not have to make any charges to your
firewalls settings. Wireless scanners connect in plug-and-play mode.
However, if your wireless scanners are unable to connect to the secure data center (SDC), you will have to reconfigure your firewall allow outbound communication on UDP port 3851 and HTTP port 80 to the secure data center (SDC) IP address.
Contact support if you need help in setting up wireless scanners. They may direct you to use the Connection Tester to test connection with the SDC.
Does opening outbound firewall ports compromise my
network security?
No. Your network security is not compromised by opening
these. We need only outbound ports (UDP 3851 and HTTP 80) to be open, not
inbound ports. Additionally, communication on these ports needs to be allowed
only to the specified IP address range of the secure data center (SDC).
Moreover, port 3851 is reserved by AirTight and no other device should be using that port for communication. Hence, opening outbound ports do not pose a threat to the security of your network.
Wireless Scanner-SDC Communication
How much traffic do wireless scanners send over the
network?
Wireless scanners (sensors) send data to the secure data
center (SDC) only when they see a change in state of any wireless device,
besides keep alive information. In a stable network, there will be a small
transmission from the wireless scanner to the SDC roughly once a minute. Even
with large number of wireless scanners, the impact of wireless scanner-SDC
communication on your network is negligible.
Wireless scanners send the scanned data to the data
center. Is that secure?
SpectraGuard Online encrypts communication between wireless
scanner (sensor) and secure data center using industry standard
AES encryption.
Note that wireless scanners do not process or transmit any business data of your
network. They only send wireless scan data that would have been visible in the
air anyways.
What data will leave my company network?
The data sent from the wireless scanner to the secure data
center (SDC) contains information available in the air about wireless activity
at your locations. This data is available even to a person who is scanning the
location from a parking lot.
Processing of the data is done inside the secure data center (SDC). Information about wireless vulnerabilities is available only after the data is processed and analyzed.
Should I be worried about data leaving my company
network?
No. Wireless scanners do not scan or transmit any
proprietary business information. Wireless scanners (sensors) scan the air for
wireless activity at your locations This data is available even to a person who
is scanning the location from a parking lot.
Wireless network data sent to the SDC is encrypted using proprietary protocol that use AES encryption and hence, cannot be intercepted.
Further, your data is stored in SAS 70 certified secure data centers (SDCs). All the data processing is done inside the SDC. Physical access to the SDC is secured through a triple layer authentication.
Is the data communication across the internet secure?
Yes. Wireless scanners (sensors) communicates with the
secure data center (SDC) using AES encryption.
AES
is one of the most popular algorithms used in
cryptography and a cipher that is approved by US National Security Agency (NSA)
for top secret information. The information transmitted by wireless scanners
cannot be intercepted.
Web Portal
How do I access SpectraGuard Online with a web browser?
SpectraGuard Online web-based user interface is known as
the “Console”. The Console is implemented using Java Applet technology.
You can access the Console on any internet connection with a standard Internet Explorer (6.0+) browser. If Sun JRE 1.5 or higher is not installed, users will be guided through the process of installing Sun JRE 1.5, when they access the Console for the first time.
Is web based access secure?
Yes. Web-based Console access is protected using SSL v3
(HTTPS). To access the Console, you must have the ability to access HTTPS
websites. SSL ensures that the communication between the Console and SDC is
secure.
How often can I access the SpectraGuard Online Console?
You can access the SpectraGuard Online Console using a web
browser any time, anywhere over an internet connection. The SpectraGuard Online
service is available on a 24x7 basis (except scheduled downtime).
Data Security
Where is the data stored?
The wireless security data is stored in the SAS-70
certified secure data centers (SDCs). Wireless scanners only have a volatile
memory and contain only temporary wireless activity data.
Where are your data centers hosted?
SpectraGuard Online's secure data centers (SDCs) are hosted
in SAS 70 certified co-location facilities in Silicon Valley, California. These
co-location facilities are known for their extremely high standards of data
security, availability and uptime. Physical access to SDCs is secured through a
triple layer authentication.
AirTight plans to add additional datacenters all over the world in the future.
What data is stored in the data centers?
The data stored contains information about wireless
devices, wireless activity, wireless vulnerabilities and your overall wireless
security posture. We do not scan or store any proprietary business or customer
data.
What safeguards are taken to protect the data?
The secure data center (SDC) is hosted in a SAS 70
certified co-location facility and is designed for high availability. Physical
access to this SDC is only through a triple layer authentication. It ensures
that your data is always available and can be accessed only by an authorized
person.
Support
Do I pay separately for support?
No. SpectraGuard Online subscription pricing is all
inclusive. You will never have to pay extra for 24x7 technical support via phone
and email.
How does support work?
You have three options to contact support:
- Send an email to support@airtightnetworks.com
- Call our 24 hour support hotline at +1-650-641-0027
- Log a request on our customer support portal
You will receive an acknowledgement immediately. The actual time to resolve a query depends on the nature of the support query.
When is support available?
Support is available 24x7x365.
Upgrades
How will I receive new capabilities from SpectraGuard
Online upgrades?
SpectraGuard Online upgrades are applied to the secure data
centers (SDC). You will automatically receive the new capabilities for the
modules that you have purchased. Wireless scanner software will be upgraded
automatically when required.
Will there be downtime during upgrades?
Yes. There will be a short duration when the service will
be down for upgrade. There will always be a prior notification when this
happens.
Future Proofing
Will my investment in SpectraGuard Online become
obsolete after I buy?
No. With SpectraGuard Online you are completely
future-proofed against wireless security technology obsolescence. You will get
the latest wireless security technology (software and hardware) at no additional
as long as you are subscribed to SpectraGuard Online.
Will I be protected when new attacks are discovered?
Yes. You will receive zero-day attack protection
automatically. At AirTight, we continuously monitor emerging vulnerabilities and
upgrade SpectraGuard Online to protect against them. As soon as it is upgraded,
the new capability will be available to you if you have purchased the applicable
service modules. You will get these new capabilities at no extra charge.
Service Availability
Is the service highly available?
Yes. SpectraGuard Online's secure data centers (SDCs) are
configured for High Availability and maximum uptime. Also, SpectraGuard Online
performance is monitored constantly so that appropriate action can be taken
something is wrong.
Is there downtime? Do I get notified?
Yes. There may be downtime during the system maintenance
and upgrades. These upgrades are made from time to time to ensure that you get
vulnerability management capabilities against the latest threats discovered. You
will be notified for possible downtime during the upgrade in advance.
-
-
Jump to FAQs Section
- Overview
- Wireless Vulnerability Assessment
- Regulatory Compliance
- Wireless Vulnerability Remediation
- Wireless Security as a Service
- Reports
- Pricing
- General
- Wireless Scanner (Sensor) Deployment
- Firewall Settings
- Wireless Scanner-SDC Communication
- Web Portal
- Data Security
- Support
- Upgrades
- Future Proofing
- Service Availability
-
Product Information