WiMetrics Tools Site Parent News Partners Contact Us About Us


    WiSentry Frequently Asked Questions

 

   

Q: How does WiSentry differ from other 'rogue' access point detection products?
A: WiSentry is a distributed software system that provides 24x7 protection.  Today the most common method for detecting 'rogue' access points is by walking around with a portable WLAN 'sniffer' device – which provides a ‘snapshot’ of traffic, but not 24x7 ‘video surveillance’.  Other offerings include placing proprietary radio sensor hardware throughout an area.  This is time-consuming, often cost-prohibitive and not always effective.  WiSentry guards against such security threats by continuously scanning for unregistered access point hardware connected to the wired LAN, and notifying IT operations if one is found.  Wireless detection methods see ‘all traffic on the airwaves’, whether it is pertinent to your LAN or not.  This information must be sifted to ID traffic that affects your LAN.  WiSentry detects wireless traffic from the ‘wired LAN’, thus providing information specifically relative to your LAN without confusing other traffic.
 
Q: Do I have to install client code on my wireless devices?
A: No, one of the benefits of WiSentry is that client code is not required on the wireless devices.  This feature significantly reduces operational and management costs.
 
Q: Does WiSentry require proprietary hardware?
A: No, WiSentry is a software product and the components can run on any standard PC.  

Q: How does WiSentry detect AP’s?
A: WiSentry has a central control server with distributed detection agents.  The detection agents are small (350k) services that run on PC’s that are already installed on the wired network.  These agents passively monitor network traffic for ‘fingerprints’ of wireless devices and report back to the central control server to trigger rules-based alerts.

Q: Does WiSentry require any special authentication or encryption?
A: No, WiSentry detects devices and does not interfere with or require any specific authentication or encryption.  You are free to leverage existing or future policies.

Q: Does a VPN for our wireless network protect us from intrusions?
A: Not entirely. Providing strong authentication and encryption for your KNOWN devices is excellent practice.  However it does not protect you from unknown rogue AP’s allowing unsecured access.  A single rogue AP can undermine and bypass security entirely.

Q: What about systems that can turn AP’s as well as PC’s with wireless cards into sensors?
A: This is an excellent use of infrastructure for multiple purposes.  Most often when these devices are ‘flipped’ into sensor mode, they can no longer function as network devices that route data given that their process is now dedicated to sensor functions.  Business hours are the best time to monitor for unauthorized traffic, unfortunately this is also the time that the network infrastructure is required by its users.  Further, ‘sensor mode’ does not provide 24x7 detection.  Again, it provides only ‘snapshot’ surveillance vs. continual protection.  Lastly, for complete protection your entire corporate footprint should be monitored (given that essentially every network jack is a potential point for a rogue AP to plug into).  Unless the AP’s and PC’s with wireless cards within your business provide 100% coverage/overlay of your buildings, there will be ‘blind spots’ in the detection mode.  It only takes on rogue AP to open your corporation to threat.
 
Q: What if my corporation has put policies in place forbidding wireless devices?
A: Policies are a good practice, however they do not provide adequate protection.  Much like laws, policies require policing.  Often the very policies against wireless are what lead to rogue devices.  WiSentry detects these rogue devices without requiring any wireless hardware be in place.

Q: What wireless access points does WiSentry detect?
A: WiSentry detects virtually any wireless access point.
 
Q: What operating systems does WiSentry support?
A: Currently WiSentry Control Server supports Microsoft Windows operating systems - Windows 2000, XP and 2003.
 
Q: Will network performance be affected by installing WiSentry?
A:  WiSentry passively monitors network traffic, so its operation has a minimal effect on network performance.  Further, WiSentry has been architected to perform its monitoring elegantly, so as to minimize if not entirely avoid any nuisance IDS alarms.
 
Q: Can an intruder detect that I have WiSentry installed?
A: Not likely, WiSentry performs its operations in passive mode, passing normal network traffic.  An intruder will have trouble verifying that there is a monitoring and detection system installed.
 
Q: How many Wireless Access Point Detection Agents can one WiSentry Control Server support?
A: A single WiSentry Control Server can support up to 150 agents. One agent is required for each network segment (routed boundary) that is to be monitored. 

Q: Can I run the WiSentry components as a native Windows 2000 service?
A: Yes, both the Control Server and Agents run as a Windows 2000 service.
 
Q: How do I contact sales?
A: You can email customer support at or you may contact us directly at 877 No Rogue.
 
Q: How do I contact customer support?
A: You can email customer support at or you may contact us directly at 877 No Rogue.

 

                                                                     

© 2003-2006 WiMetrics Corporation - All Rights Reserved