Wireless LAN (WLAN) infrastructure attacks are one of the most critical and immediate threats to enterprise networks. To make matters worse, the consumerization of Wi-Fi is flooding enterprises with personal Wi-Fi enabled smartphones and tablets, which are inadvertently tearing down the network security perimeter; even organizations without an official WLAN are at risk. Arista WIPS provides enterprises with the most comprehensive and continuous protection against current and emerging wireless threats.
KEY FEATURES
Automatic device classification
Using Arista’s patented Marker Packet™ techniques, Arista WIPS automatically and quickly classifies wireless devices detected in the airspace as Authorized, Rogue and External. As a result it eliminates false alarms and saves security administrators the effort of defining complex rules to identify rogue wireless devices or manually inspecting devices. This contrasts the error-prone device classification integrated into most other WLAN solutions, which rely on slow and inconclusive CAM table lookups and MAC correlation, signatures, or passive wired network sniffing.
Comprehensive Wireless Threat Protection
Arista WIPS provides the most comprehensive protection from all types of wireless threats, including Rogue APs, Soft APs, Honeypots, Wi-Fi DoS, Ad-hoc networks, Client misassociations, and Mobile hotspots. Security administrators are not required to define complex signatures for threat detection, which is the case with other WIDS/WIPS solutions. Arista WIPS takes a fundamentally different approach by focusing on the primary threat vectors and vulnerabilities that form the building blocks for all known and emerging Wi-Fi hacking attacks and tools.
Automatic Threat Prevention
Most wireless IDS/IPS solutions do not encourage automatic over-the-air prevention for fear of disrupting own or neighbouring Wi-Fi networks. Because of Arista’s accuracy in distinguishing genuine wireless threats from neighbouring Wi-Fi devices, Arista customers effectively and confidently use its automatic prevention capability to block any misuse of Wi-Fi or violation of enterprise security policies.
Arista WIPS intelligently chooses from various patented over-the-air and on-wire prevention techniques depending on the type of wireless threat, and is capable of simultaneously blocking multiple threats across multiple channels in 2.4 GHz and 5 GHz frequency bands.
Secure BYOD Policy Enforcement
In today’s Bring Your Own Device (BYOD) culture, the omnipresence of smartphones and tablets poses an immediate threat to enterprise networks. Authorized users need only their enterprise login credentials to connect unapproved personal devices to WPA2/802.1x secured Wi-Fi networks and access sensitive enterprise assets. Data leakage on unapproved personal devices, malware and viruses, and “tethering” Soft APs and Mobile hotspots can compromise enterprise data security. Arista WIPS can automatically fingerprint all types of smartphones and tablets, and enforce a secure BYOD policy by blocking unapproved devices from getting onto the enterprise network.
Accurate Location Tracking
Arista WIPS can pinpoint the physical location of any detected Wi-Fi device or interference source. As a result security administrators can readily track down such devices and take action.
Both real-time locations (for devices currently active) and historic locations (for devices which may have participated in a security incident in the past) are available. Arista’s self-calibrating sensors and sophisticated stochastic models go beyond simplistic RF triangulation to enable accurate location tracking without the need for RF site surveys.
Location-based Policy Management
Arista WIPS simplifies the administration of geographically distributed locations through customizable policies defined on a region-by-region, site-by-site or even floor-by-floor basis. The hierarchical location-based management architecture allows network administrators to manage large number of sites from a single console.
Smart Forensics™
Arista’s Smart Forensics simplifies wireless forensics by filtering out useless data and presenting only relevant and accurate forensics information in an easy to understand and actionable format. Smart Forensics summarizes all relevant information without the need for cumbersome trace collection and packet-level analysis.
Simplified Regulatory Compliance
Arista simplifies compliance with regulatory wireless security requirements via automated wireless scanning, consolidated analysis of scan data from multiple locations and ready-to-use compliance reporting. Arista WIPS provides predefined reports that map wireless vulnerabilities to specific data security compliance standards such as DoD Directive 8100.2, PCI DSS, SOX, HIPAA, and GLBA. Network administrators have the option to schedule reports to be automatically generated and delivered to them by email.
Predictive Wireless Performance
Arista WIPS provides 24/7 spectrum analysis capability and alerts administrators of wireless LAN performance problems before they impact end users. It classifies performance issues into various categories such as configuration (e.g. incorrect channel allocation, sub-optimal 802.11n protocol settings), bandwidth (e.g. poor utilization, low average data rate, excessive overhead), and RF (e.g. non Wi-Fi interference, channel crowding).
Remote troubleshooting including remote “live packet capture” from a central console allows network administrators to resolve problems at remote sites quickly without sending IT staff to those locations.
Meets Any Security Need
Arista WIPS can be deployed in different configurations to meet any security need. It can be installed as an overlay security solution on top of your existing WLAN infrastructure or to enforce “No WiFi” policy in highly security sensitive environments where use of WiFi is prohibited. Arista WIPS is also built into Arista Cognitive WiFi™. It can be used in an integrated mode in Arista APs through background scanning.
Integration and Interoperability
With the broadest integration of any WIPS solution, Arista lowers deployment and operational costs by integrating with most major WLAN infrastructure and MDM solutions. This integration creates a seamless workflow and eliminates inefficiencies, making it easier to manage WLAN security and performance.
Arista also interoperates with standard enterprise management and reporting platforms including ArcSight, SNMP and Syslog interfaces provide the flexibility to integrate Arista’s wireless events with virtually any centralized event management tools.
Flexible Delivery Models
A variety of deployment and pricing options cater to enterprises of every industry and size. Arista WIPS, offered as a part of Arista’s cloud managed platform, can be hosted and managed from Arista’s public or private cloud. Enterprises can alternatively choose to host and manage Arista WIPS from a VMware server installed on-premise. Regardless of the deployment model, Arista WIPS sensors can be managed centrally, at any number of geographically distributed sites, from a single HTML5 console.