Aruba RFprotect

Aruba's RFprotect system represents the best of breed overlay wireless intrusion detection and prevention (WIDP) system.

RFprotect Distributed is a powerful wireless security solution incorporates the industry's only Wireless Threat Protection Framework – including user-defined threat signatures – for complete threat detection, attack prevention, "no wireless" policy enforcement and compliance reporting inside the enterprise.

RFprotect Mobile is a wireless analysis tool that helps design, maintain, and secure wireless networks. Running on a laptop and designed for walk-around use, RFprotect Mobile can be used for locating suspect devices, conducting security audits, site surveys and troubleshooting – whether a wireless LAN (WLAN) has been deployed or not.

Enquire about this product

RFprotect Distributed

RFprotect Distributed is an infrastructure-based two-tier WIPS consisting of a network of sensors, built from Aruba's line of access points, and a centralized server running RFprotect Distributed software. This powerful wireless security solution incorporates the industry's only Wireless Threat Protection Framework for complete threat detection, attack prevention, "no wireless" policy enforcement and compliance reporting inside the enterprise. RFprotect Distributed secures your wireless network against intrusions that are perpetrated intentionally and from vulnerabilities caused unintentionally through misconfigured network equipment. The solution can be deployed standalone, with no wireless LAN present, or as an overlay to monitor any vendor's wireless LAN equipment.

Key Features:

• Complete Threat Monitoring: Provides complete and continuous 24x7 monitoring of wireless activity across all channels and leverages dual-radio security sensors for detection and prevention.
• User-defined Experts: Ability to create new experts—sets of conditions allowing the detection of new attacks and security events. Provides zero-day protection against new attacks on wireless infrastructure. Leverages the open security research community for reviewing and creating new experts.
• Policy-based Threat Prioritization: Enforces corporate policy and enables ease-of-use through fully automated policy-based threat prioritization
• Fully Automated Threat Mitigation: Ensures the highest level of automated threat mitigation by containing attacks while still scanning for new threats
• Automated Compliance Reporting: Ensures compliance with wireless security policies and regulations through automated reporting
• Ease of Use and Low TCO: Reduces deployment costs for a rapid ROI and low total cost of ownership

Read more about RFprotect Distributed

RFprotect Mobile

For occasional WIPS monitoring or on-demand scanning, RFprotect Mobile delivers all the power of an infrastructure WIPS in a portable form factor. RFprotect Mobile is a powerful, portable suite for vulnerability assessments, incident response, and site survey package. It is the industry's most complete wireless analysis tool to help design, maintain, and secure wireless networks. Running on a Windows-based laptop and designed for walk-around use, RFprotect Mobile can be used for locating suspect devices, conducting security audits, site surveys ,and troubleshooting—whether a wireless LAN (WLAN) has been deployed or not. The RFprotect Mobile system also helps organizations enforce both "no wireless" policies and WLAN security best practices, as well as ensure compliance with regulations and corporate security policies.

Key Features:

• Security Vulnerability Assessments: Enables IT personnel to scan and analyze suspect devices and connections to resolve security issues
• Accelerated Incident Response: Accelerates threat response and mitigation
• Security and Coverage Auditing: Ensures accurate site surveys and detailed troubleshooting to eliminate guesswork in WLAN design and operation
• Comprehensive Analysis and Reporting: Provides analysis across all 802.11 a/b/g and Bluetooth channels
• Integration with RFprotect Distributed: Fully integrated with RFprotect Distributed

Read more about RFprotect Mobile

Compliance Standards

Requirement 1: Install and maintain a firewall configuration to protect cardholder data 

Requirement 2 Do not use vendor-supplied defaults for system passwords and other security parameters

(See 2.1.1)  For wireless environments connected to the cardholder data environment or transmitting cardholder data, change wireless vendor defaults, including but not limited to default wireless encryption keys, passwords, and SNMP community strings. Ensure wireless device security settings are enabled for strong encryption technology for authentication and transmission.

Requirement 4 Encrypt transmission of cardholder data across open, public networks 

4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder data environment, use industry best practices (e.g., IEEE 802.11i) to implement strong encryption for authentication and transmission.

• For new wireless implementations, it is prohibited to implement WEP after March 31, 2009.
• For current wireless implementations, it is prohibited to use WEP after June 30, 2010.

Requirement 9 Restrict physical access to cardholder data

9.1.3 Restrict physical access to wireless access points, gateways, and handheld devices.

Requirement 11 Regularly test security systems and processes

11.1 Test for the presence of wireless access points by using a wireless analyzer at least quarterly or deploying a wireless IDS/IPS to identify all wireless devices in use

GCSX No 9 Intrusion Detection 

GCSX No 11 Wireless Networks