Networking

AirMagnet Distributed centralizes WLAN security

To detect rogue access points, busy IT personnel have had to roam WLAN buildings with handheld devices. AirMagnet found a better way by centralizing the process with AirMagnet Distributed, which handles WLAN security and management from one location.


It’s clear from a recent article in InfoWorld that wireless local area networks (WLANs) are gaining validation from an increasing number of enterprises. As deployments grow, concerns about security, reliability, and management issues are taking center stage for CIOs and their staffs. Needless to say, wherever enterprise concerns are created, vendors are sure to follow. However, analysts now say that the WLAN security, reliability, and management vendor segment is growing crowded. Some of the contenders have products that confront only the above issues, while others offer solutions as part of their end-to-end WLAN offerings.

One company that offers stand-alone products is AirMagnet. Its newest product, AirMagnet Distributed 1.0, won the best wireless product award at the recent N+I Show in Atlanta. The idea behind AirMagnet Distributed is that large, multilocation enterprises face increasing manpower and complexity issues as they try to handle their WLANs on a site-by-site basis. AirMagnet Distributed allows much of the process to be automated and remote.

From handheld to stationary
The initial version of the AirMagnet technology is a handheld device that IT personnel carry through a WLAN environment. The device detects unauthorized (rogue) access points and devices trying to illicitly gain access to the WLAN. AirMagnet president and CEO Dean Au says the earlier version of AirMagnet has been bought by more than 1,000 enterprises worldwide, including Swiss Telecom and NTT. The feedback was that the product was helpful, but it is inefficient to march through corridors carrying the device whenever IT personnel want to check the status of their network. Au says, "Basically, they do not have enough people to cover all the buildings 24 x 7. They said that they wanted tools to be distributed and located strategically in buildings."

AirMagnet Distributed is a response to that feedback. The remote unit houses the AirMagnet Distributed AirWISE analysis engine. This is essentially the same device as in the original AirMagnet unit. It assesses what is happening at the local area and if an event occurs that is outside customer-set parameters, the information is sent to the control unit. Management and reliability information, which can change drastically as users are added and deleted from the network and other conditions change, can also be collected and transmitted. “We immediately know what the network looks like,” Au says. “We can detect how packets come into the network, track their movements within the network, and track where the packets go when they leave.”

"The fact that all of the processing is done in the local unit means little capacity is needed between the remote location and the main controller," Au says. Information can be transmitted in a number of ways, including over a secure Internet connection. In addition to security, the system measures parameters related to system operations and reliability. In total, more than 60 parameters are measured. An optional element, AirMagnet Reporter, creates as many as 40 different reports, including security threats, rogue AP logs, network outage and performance degradation, bandwidth utilization trends, packet error and retransmission trends, RF channel signal strength, and multiband signal-to-noise ratios.

The question now is how well AirMagnet will move from handheld to stationary status, says Abner Germanow, an analyst for IDC. “The challenge is to go from being essentially a piece of client software to having a console that aggregates information from a number of different data sources. The building of a network management product has different design constraints than building a piece of client software,” he says. “The jury is still out on how well that works.”

The product is tapping into real demand, says Aaron Vance, an industry analyst for Synergy Research Group and one author of a study on AirMagnet Distributed. “I think CIOs and IT managers are starting to define a concern—to some extent a problem—that the security questions are not being answered. IT staffs and network administrators are having a real hard time managing wireless networks. They don’t know a lot about RF. IT people need a solution that will give them some visibility into their wireless networks and help them manage them on a day to day basis.”

Busy vendors
It is a crowded field, however. Some of the other products offering similar wireless security and management features are from Aruba Wireless Networks, Legra Systems, Wavelink, and Chantry Networks Inc. "Bigger players—with more recognizable names—include Extreme Networks, Nortel Networks, Symbol Technologies, and Proxim Inc.", Germanow says. The smaller companies focus their entire attention on security and management, while the larger ones offer them as part of broader WLAN-product families. “Aside from competing strictly with wireless standalones, there are also switch vendors that are trying to include a lot of the same functionality as AirMagnet,” Vance says. Analysts suggest that AirMagnet may integrate its specialized products with some of the full service offerings. The number of aspirants suggests that it is a functionality that is in demand. “It’s gone from a non-existent space to a crowded space in six months,” Germanow says.

Editor's Picks

Free Newsletters, In your Inbox