Dell PowerConnect W-Series FIPS Dell PowerConnect W-600 Controller Series Secu - Page 30

Man-in-the-Middle Protection, Policy Definition and Enforcement

Get Dell PowerConnect W-Series FIPS PDF manuals and user guides View all Dell PowerConnect W-Series FIPS manuals
Add to My Manuals
Save this manual to your list of manuals

Page 30 highlights

Man-in-the-Middle Protection One of the common attacks possible in wireless networks is the "man-in-the-middle" attack. During a manin-the-middle attack, a hacker masquerades as a legitimate AP. Then, acting as a relay point, this man-in-themiddle fools users and other APs into sending data through the unauthorized device. An attacker can then modify or corrupt data or conduct password-cracking routines. Aruba access points monitor the air to detect other wireless stations masquerading as valid APs. When such masquerading is detected, appropriate defense mechanisms are put into place. Aruba mobility controllers also track unique "signatures" for each wireless client in the network. If a new station is introduced claiming to be a particular client, but without the proper signature, a station impersonation attack is detected. Policy Definition and Enforcement Aruba WIP provides a number of policies that can be configured to take automatic action when a policy is violated. Examples of wireless policies include weak WEP implementation detection, AP misconfiguration protection, ad-hoc network detection and protection, unauthorized NIC type detection, wireless bridge detection and more. Using Wireless to Protect your Wired Network Even if wireless LANs are not sanctioned at this time, no security conscious company can afford to do nothing. Aruba's WIP will keep wireless traffic from working its way into the wired network through rogue APs unknowingly attached to a network port. With Aruba's mobility system equipped with WIP, the enterprise network is protected against wireless security holes. And when the enterprise is ready to deploy wireless LANs, the Aruba system can be easily reconfigured to provide a scalable and secure wireless LAN infrastructure. Using Wireless to Protect your Existing Wireless Network Aruba's mobility system with WIP delivers the detection and protection necessary to keep your existing wireless network safe from undesirable wireless access. ArubaOS WIP complements and enhances any existing WLAN deployment, including Cisco deployments, by providing advanced RF security and control features not found in first-generation wireless products. 28 | FIPS 140-2 Level 2 Features Aruba 620, 650 and Dell W-620, W-650 | FIPS 140-2 Level 2 Release Supplement

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
28
|
FIPS 140-2 Level 2 Features
Aruba 620, 650 and Dell W-620, W-650
|
FIPS 140-2 Level 2 Release Supplement
Man-in-the-Middle Protection
One of the common attacks possible in wireless networks is the “man-in-the-middle” attack. During a man-
in-the-middle attack, a hacker masquerades as a legitimate AP. Then, acting as a relay point, this man-in-the-
middle fools users and other APs into sending data through the unauthorized device. An attacker can then
modify or corrupt data or conduct password-cracking routines.
Aruba access points monitor the air to detect other wireless stations masquerading as valid APs. When such
masquerading is detected, appropriate defense mechanisms are put into place. Aruba mobility controllers
also track unique “signatures” for each wireless client in the network. If a new station is introduced
claiming to be a particular client, but without the proper signature, a station impersonation attack is
detected.
Policy Definition and Enforcement
Aruba WIP provides a number of policies that can be configured to take automatic action when a policy is
violated. Examples of wireless policies include weak WEP implementation detection, AP misconfiguration
protection, ad-hoc network detection and protection, unauthorized NIC type detection, wireless bridge
detection and more.
Using Wireless to Protect your Wired Network
Even if wireless LANs are not sanctioned at this time, no security conscious company can afford to do
nothing. Aruba’s WIP will keep wireless traffic from working its way into the wired network through rogue
APs unknowingly attached to a network port. With Aruba’s mobility system equipped with WIP, the
enterprise network is protected against wireless security holes. And when the enterprise is ready to deploy
wireless LANs, the Aruba system can be easily reconfigured to provide a scalable and secure wireless LAN
infrastructure.
Using Wireless to Protect your Existing Wireless Network
Aruba’s mobility system with WIP delivers the detection and protection necessary to keep your existing
wireless network safe from undesirable wireless access. ArubaOS WIP complements and enhances any
existing WLAN deployment, including Cisco deployments, by providing advanced RF security and control
features not found in first-generation wireless products.