Monitoring wireless traffic

Distributed wireless monitoring solutions usually feature remote sensors that sit near 802.11 access points or

areas with a no-wireless policy and continually monitor the air and a server appliance or software to analyze wireless traffic. This enables network administrators to develop a profile of all wireless devices within radio range.

AirMagnet Inc.'s appliance, for example, can identify rogue devices by a radio band, Media Access Control address, service set identifier (SSID) and manufacturer. When a rogue device is detected, AirMagnet's appliances can block it directly, perform a trace from the wired network to locate it, and disable it with a handheld device or by reconfiguring the existing network infrastructure to turn it off.

Typically, the appliance or software analyzes the traffic collected by the sensors in real time to identify rogue wireless local-area networks, detect intruders and attacks, enforce network security policies and monitor the network's health. A signature-based engine, for example, compares traffic characteristics to those of known intrusion attempts or attacks. A separate engine may be used to monitor usage of specific access points or to ensure that agency policies are being followed.

Handheld analyzers use Microsoft Corp.'s Pocket PC operating system or a Linux-based operating system to receive wireless traffic from access points and clients. For example, Fluke Networks Inc.'s WaveRunner gathers information from wireless traffic as the user moves and displays information, including a list of wireless devices, access points, SSIDs and associated clients, and channel-activity traffic analysis.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.