An EKG for the wireless LAN
Test Drive | AirMagnet gives a clear view of your network ' and what doesn't belong there
- By Kent Dyer, Earl Greer
- Jun 30, 2007
AirMagnet Laptop Analyzer Pro is a software tool capable of protecting wireless local-area networks from rogue access points and unauthorized equipment. Within your organization, different groups of information technology workers may also find it indispensable for planning and operating wireless networks.
We used the Pro version, which adds several features to the Standard version. But because only the Pro has all of the compliance reporting, it's the only version most government organizations should consider.Right to work
We installed AirMagnet on a single Microsoft Windows XP laptop PC. There is a long list of supported wireless cards, and fortunately our Intel Pro/Wireless 2200BG was on it.
We had obtained permission to perform a real-world test of AirMagnet, so we immediately began scanning an existing network that had two wireless access points installed. Our goal was to analyze the current infrastructure and plan for a future organization-wide wireless network implementation.
AirMagnet did an excellent job detecting all wireless access points and stations within range. We could easily select the units that were approved for use within the organization and ascertain ad-hoc devices, access points and workstations whose signals were bleeding into our airspace.
The first thing we noticed when we started AirMagnet was the amazing amount of information it began collecting immediately. We quickly saw the devices on the WLAN, broken down by connected access points. We saw which stations were associated with each AP, as well as unconnected devices.
AirMagnet lets you see at a glance the signal level by channel. You also see which service set identifiers are getting the most use, which protocols are in use and which devices are running encrypted.
The channel window offers the ability to look at the specifics of a particular channel. AirMagnet can also be configured to scan non-U.S. channels and the 4.9 GHz U.S. Public Safety Band if you have the appropriate wireless card installed. At a glance, we could see the use, throughput and signal strength, all broken down by speed categories.
One of the most important needs for an administrator planning a WLAN is the ability to see what interference on particular channels looks like. That's a new feature in Version 7.0, and it has a window all to itself. We could see not only the devices listed, but also the interference level on each channel.
The Infrastructure window offers a holistic view of the access points, showing the signal-to-noise ratio of the channel ' along with a breakdown of each device attached to each access point. We could clearly see the speed and count of the frames passing between any two devices. This is handy to monitor WLAN activity. A person observing us said it looked like an EKG for the wireless LAN.
AirWISE is an artificial intelligence feature giving an expert's view of what is going on with the WLAN. While performing a scan of a network, we saw that under the AirWISE performance violation section, there was an alert concerning RF Management. It showed that Channel 6 was overloaded with seven access points running on this single channel. The network's administrator was delighted to finally understand why he had issues with lag and poor performance on his wireless network.
After checking the AirWISE window, we found a traffic analysis window, which presented clear graphs and information on all devices that AirMagnet had detected.
For return on investment, the most powerful feature of AirMagnet Laptop Analyzer Pro is the report module. Using the module, you can easily generate reports on technical details ' but to managers and decision-makers, the compliance reports will be most fascinating. AirMagnet Laptop Analyzer Pro includes report templates that cover a number of major compliance areas, including Defense Department Directive 8100.2, the Health Insurance Portability and Accountability Act, the Federal Information Security Management Act and others.
We quickly generated these reports and easily filtered devices that didn't connect to our networks. The reports are tailored for technical and nontechnical ones, and they can be adjusted to meet your needs.
We handed a complete FISMA report to the chief information security officer, who had responsibility for the WLAN in the environment we tested. He was so impressed, he wanted us to scan all of his citywide locations.
With these tools, one can see just where in the process that a connection is failing. There is also a collection of handy utility tools, including a Find feature, which allows AirMagnet to locate a specific device. Looking to the entire world like prospectors carrying a Geiger counter to locate radioactive minerals, we roamed the halls finding access points.
The price of AirMagnet Laptop Analyzer Pro is a bit higher than its closest competitors. But we choose AirMagnet because of its superior features and especially its compliance reports. Products that produce comparable compliance reports for wired networks are substantially more expensive.Greer is a network security consultant. Dyer is a security specialist at a large state agency. They can be reached at [email protected]