A question you often pose yourself when you settle down with a Latte and a Chocolate Muffin in a café or hotel that offers free WiFi. When you click on your Wireless icon to see what networks are available there will frequently be several ‘ Free Public ‘ networks on offer, especially in a busy built up area.
But does this question cross your mind when accessing your corporate network?
Due to the widespread use of WiFi and its applications including POS communications, corporate access, warehouse inventory, asset tracking, the wealth of information transmitted across the wireless medium is an ever growing requirement. Data transmitted over your wireless network increasingly contains sensitive personal and financial data. Unfortunately, the tremendous growth in wireless has been accompanied with an increasingly widespread ability to obtain open-source hacking tools that can compromise a wireless network through impersonation of client devices and access points.
These threats include:
- Rogue SSID’s – SSID and AP spoofs: the malicious impersonation of a legitimate AP by either spoofing the SSID name or, even worse, the SSID name and the BSSID (the wireless MAC address, which makes it indistinguishable from the original AP).
- Other SSIDs – Interfering SSIDs: wireless networks that are broadcasting and could be causing RF interference, as well as attracting accidental associations from clients who are supposed to be connecting to your own network.
- Ad-Hoc SSIDs – Modern smartphones and mobile devices are capable of associating to WiFi networks and then re-broadcasting the SSID, essentially acting as a wireless bridge. Devices in ad-hoc mode can connect to a client AP and create a gateway for wireless hackers.
- Malicious Broadcasts – Denial of Service (DoS) attacks are attempts to prevent clients from associating to the legitimate AP by sending an excessive number of broadcast messages to clients. DoS attacks could be from malicious clients, APs, or even another WIPS system in the area that considers the corporate network a threat and is attempting to remediate.
- Client Straying Threats Accidental associations – Client devices that belong to your infrastructure associating to a wireless network in your airspace that has not been sanctioned by your corporation. Straying clients could accidentally connect to Rogue SSIDs or spoofed SSIDs if proper action is not taken to protect the wireless airspace.
To successfully protect an enterprise network, a Wireless Intrusion Prevention System (WIPS) should provide powerful wireless intrusion scanning capabilities, enabling detection and classification of different types of wireless threats, including rogue access points and wireless hackers.
Air Marshal is Cisco Meraki’s wireless intrusion prevention (WIPS) solution. Integrated into every Cisco Meraki access point and centrally managed from the cloud.
Cisco Meraki’s Air Marshal allows network administrators to meet these requirements and design an airtight network architecture that provides an industry-leading WIPS platform in order to completely protect the airspace from wireless attacks.
So if you are planning a new wireless network, please contact to us to discuss Cisco Meraki’s innovative WIPS system and also claim a free AP. Please call 0345 3 822 866 or email: presales@smartltd.com.
At Smart Wireless, we always underwrite and guarantee our Wi-Fi network services.
