Wireless nets continue to gain in popularity because of their many advantages for versatile application. Yet radio waves don’t magically stop at property lines! Unauthorized parties can conceivably gain access to a WLAN without being physically present and then go on to hack into various end devices. The technical inadequacies of the user authentication process are almost a welcome mat in this regard.

To promptly recognize and ward off attackers, more and more WLAN sensors are now being installed in radio network segments. Ideally, these sensors are integrated at the points of access. Continually monitoring network traffic, they report anomalies or attacks to the network management, which then sends an automatically-generated message to the administrator for initiating the necessary further steps. Moreover, all the attacker’s attempts at communication can be blocked by the automatic disabling of the relevant WLAN segment.

This functionality can be easily realized with theGuard! NetworkManager.

theGuard! NetworkManager provides an alternative solution for WLAN networks already in place. Its practical application is as remarkably simple as it is effective, plus requires no additional hardware:

 

• The WLAN access points report addresses of stations attempting to log into theGuard! NetworkManager by syslog (or trap).
• Thus pinpointing the site of a possible attack.
• The event message additionally contains the address of the station. This address is automatically compared to the addresses already known to the NetworkManager database.
• If the address is known and authorized, no action will be taken.
• But if it is unknown and thus not authorized, an alarm will issue!

The function described above can be illustrated in exactly the same manner in connection with firewalls. For reasons of security, these are often not manageable by SNMP but they can still generate messages (syslogs). theGuard! NetworkManager can quickly and effectively evaluate them, automatically initiating alarm responses in the event of attack.