AirTight Wi-Fi and wireless security whitepapers

Sign up for a customized personal demo with an AirTight expert.

Fields marked with asterisk (*) are required


    Your privacy is important for us.

Given the complexities of satisfying PCI data security and compliance and on-going high profile retail data breaches, the PCI Security Council determined that additional guidance was needed to provide retailers with more clarity into the intent and scope of several of the PCI data security requirements. With the latest revision of PCI DSS v3.1, the PCI Security Council emphasized implementing security into business as usual activities and best practices for maintaining on-going PCI compliance.

This paper discusses the recent changes in PCI DSS v.3.1and concludes with PCI Security Best Practices, going beyond the PCI compliance "checkmark" to ensure that your sensitive payment card data is secure from wireless secure breaches.

The cost of non-compliance and gap remediation is something many retailers consider as they conduct their yearly PCI audit. Non-compliance fines can range anywhere from $5,000 – 200,000 per month depending on the card brand, the nature of non-compliance, and the number of incidents. This paper discusses the impact of the latest trends on Wi-Fi security and how to leverage technology to maintain PCI compliance in a new world of threats.

With the implementation of the 802.11ac standard, we see a significant improvement in how RF spectrum is used. In many ways 11ac picks up where 802.11n left off by building on many of the successful techniques used by 11n. With 11n we saw a number of very clever techniques introduced such as frame aggregation, MIMO and wider channels that effectively made more effective use of the RF spectrum. With 11ac we see enhancements to a number of innovations introduced by 11n plus one new feature, MU-MIMO, which is a radical departure from anything found in previous 802.11 standards. 

This paper will introduce 11ac features, offer some guidance to those who are considering upgrading to 11ac, discuss deployment considerations, and provide an overview of AirTight Networks’ first 802.11ac access point, the C-75

The latest addition to the IEEE 802.11 standards stable is the 802.11ac standard, which is the next evolutionary upgrade to the standards helping us to achieve better data transfer rates and enhanced performance with our Wi-Fi networks and devices. This document highlights the main technical points in the 802.11ac standard and justifies the use of these features to improve performance.

The Wi-Fi space has seen tremendous growth in terms of its widespread usage as well as its performance capabilities. However, three main pain-points refuse to go away, perhaps due to the fundamental complexity in wireless networks in general. In fact, with increase in popularity and complexity, these system administration issues related to planning, installing, and maintaining Wi-Fi have only become worse with time. This paper provides an insight into AirTight Networks' Wi-Fi solution in alleviating these pain points; primarily from a system administrator's perspective.

There are two primary roles played by engineering academic institutions: the first is teaching, and many advanced institutions also have a significant research component. This white paper explains AirTight Wi-Fi's unique capabilities in significantly enhancing teaching as well as research, in computer networking in general, and wireless networking in particular.

Reserve Bank of India (RBI) guidelines cover all aspects of information technology (IT) infrastructure - Governance, Operations, Security, Audit and Vulnerability Assessment, Cyber Frauds, Outsourcing Management, Business Continuity Planning, Customer Education and Legal issues for organizations providing banking services in India.

This whitepaper presents a detail action plan for compliance with RBI Guidelines for security.

This paper presents a vulnerability, called Hole1961, in the WPA2 protocol that makes all implementations of WPA- and WPA2-secured Wi-Fi networks (regardless of the authentication and encryption used) vulnerable to insider attacks. It discusses ways in which a malicious insider can exploit Hole196 to attack other authorized Wi-Fi users in a WPA2-secured wireless LAN (WLAN). It also explores remediation strategies at various levels that organizations can implement to mitigate this threat.

A soft access point (AP) is a laptop or other wireless enabled device which performs traffic forwarding between its wireless interface and some other interface which is connected to the secure network. A soft AP can show up as rogue access point on the enterprise network. This can happen inadvertently. A soft AP can, however, be maliciously installed as it is perfect hacker "solution" to put a rogue AP on a network while evading wire-side controls such as 802.1x, NACs and wiresideonly rogue AP scanners.

Using Virtual WiFi, Windows 7 laptops can now be connected to your enterprise Wi-Fi network while sharing their enterprise network access with other unauthorized Wi-Fi devices or users.
This means that every Windows 7 laptop is a potential Rogue AP1 that can be used to bypass your wired security and access your private enterprise LAN. Using a Rogue AP, an attacker could compromise your servers, access sensitive data, and launch network reconnaissance and disruption attacks.

WiFi is proliferating fast. The convenience of wireless access, low cost, and plug-and-play nature of the technology have been the major drivers for WiFi's popularity among home Internet users. Lately we are also seeing an increasing adoption of WiFi in the enterprise. More and more businesses are rolling out wireless LANs to cut costs and increase productivity. Today all laptops, PDAs, and smartphones have WiFi built in. WiFi hotspots, spanning coffee shops, hotels, airports, or even cities, are mushrooming to meet the growing demand of WiFi Internet access.

To enable organizations to leverage their investment in Cisco Wireless LAN infrastructure, AirTight Networks delivers powerful integration capabilities with its flagship product, SpectraGuard® Enterprise. This technical brief provides an overview of the integration between AirTight’s SpectraGuard Enterprise and Cisco’s Wireless LAN Controller (WLC) that operates with Lightweight Access Points (LWAPP APs)

The proliferation of WiFi presents new security challenges for enterprise networks both wired and WLANs. Introduction of WiFi in and around enterprise networks opens security backdoors, which fall outside the realm of protection offered by firewall and other conventional wired network security systems. Appropriate wireless security architecture is essential to plug these backdoors and to complement conventional wired network security.

Both excitement and unease rolled through the wireless security community in November 2008 when news broke that researchers had cracked TKIP at the security convention in Japan [1, 2]. TKIP, an essential encryption component of WPA, which was heralded for years as the replacement for the broken WEP encryption to guard our wireless networks had been poked and sprung a leak for the first time.

This paper describes a new hosted service architecture offered by AirTight Networks that enables effortless, automated wireless security audits from anywhere on the Internet, anytime. No more “walk arounds.” Plug-and-play wireless scanners onsite scan round-the-clock without human intervention, and securely communicate with a central server hosted on the Internet in a secure data center. The central server analyzes the data with an up-to-date wireless vulnerability database and assesses the wireless security posture or compliance of a network. Rich vulnerability assessment and compliance reports can be generated on demand with just a mouse click. Now finally, auditors can do a large number of wireless security audits accurately and cost-effectively in very little time.

802.11n is a big leap in the evolution of wireless LANs. With major advantages in throughput, range and reliability over legacy Wi-Fi protocols, 802.11n opens up new possibilities for running various applications over wireless. The same features that drive these advantages also present technical challenges in network planning, installation, security, and operation of these networks. The numerous ways in which 802.11n choices can impact legacy 802.11a/b/g networks cannot be ignored. Enterprises should carefully consider these aspects to maximize the business benefits from 802.11n.

This white paper revisits the wireless security space, debunks common myths and presents wireless vulnerability management (WVM) as a proactive strategy to wireless security.

This white paper introduces a novel way for enabling on-demand wireless security that is affordable, effortless and customizable. In this new architecture, wireless security is delivered over the Internet bringing a revolutionary change in how businesses manage their wireless threat exposure. Depending on their needs, businesses choose and pay only for the value they derive from this online wireless security service.

Understanding of wireless security is unfortunately marred by many myths. Some are even propagated as wireless LAN best practices. Myths about wireless security can be both dangerous and costly. Many organizations spend valuable resources in implementing these urban legends that give a false sense of security and leave private networks and sensitive data exposed. In this paper, we will revisit and debunk top ten wireless security myths.

While at first glance, Sarbanes-Oxley would seem to have very little to do with IT departments and network security, closer study reveals that it actually has major impact on IT departments and IT security in particular. Since IT underlies the very business of recording and reporting all financial activity, it follows that a lack of control over IT security would imply a lack of control over the organization's financial reports, in direct violation of Sarbanes-Oxley section 404. When a wireless LAN is part of the network infrastructure, it too must be subject to the strictest controls to ensure the credentials of those using it. This whitepaper addresses the implications of Wi-Fi technology on public corporations, and reveals the dangers of Wi-Fi threats to public financial data integrity, even if the corporation has a strict 'no Wi-Fi' policy. It also describes how the AirTight SpectraGuard Enterprise Wireless IPS can be implemented to protect against these threats and ensure compliance to SOX.