Aruba's New Air Style
The firm, which has consistently pushed the security aspects of its product, has upgraded the intrusion detection aspects of its code. Aruba's AirOS version 2.0 can detect the characteristic signatures of MAC address spoofing and man-in-the-middle attacks while monitoring traffic on the network.
For those of you not learned in the black arts of wireless LAN security, spoofing attacks involve hackers using easily available tools to find out the MAC addresses of genuine users on the network and then assuming those users' identities. Intrusion detection systems (IDS) can catch these attacks by watching for the same MAC address being used more than once at the same time.
Man-in-the-middle attacks are a more sophisticated version of spoofing. The hacker inserts an access point between a user and the access point that they normally connect to. Then, the user unknowingly connects to the malicious AP, which then proceeds in tricking the actual access point into believing that it is the user [ed. note: sneaky]. (See Wireless IDS Is All the Rage.)
Aruba's RF management updates include interference and wireless coverage hole detection. Jon Green, director of technical marketing at Aruba says that the software can now detect and label sources of interference from other 802.11 devices and alert administrators if different signals on the 2.4GHz radio band -- used by 802.11b and 802.11g systems -- like Bluetooth radios or microwave ovens cause problems. "We can tell if the noise floor gets too high," says Green. (See N+I: Noise Report for more on interference problems.)
Finally, Aruba has simplified the graphical user interface that administrators use to control the entire system after customers told them it was rather complex.
"We're trying to make it so that the guy doesn't have to have a PhD in RF and a degree in computer science to operate it," acknowledges Green. "We've tried to make it easier."
AirOS 2.0 started shipping yesterday.
— Dan Jones, Senior Editor, Unstrung