NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

SANS Critical Control 7: Wireless Device Control

Wireless networks have always been a “no man’s land” in terms of security and appropriate configuration. Some of the most notorious security breaches (ie TJX) happened because the security configuration of the enterprise wireless access points was loose. Furthermore, from the security architecture standpoint, if the wireless network is located logically within the internal enterprise network, a security breach of the wireless network could represent a disastrous incident with profound consequences for the enterprise going-concern.

Wireless networks have always been a “no man’s land” in terms of security and appropriate configuration. Some of the most notorious security breaches (ie TJX) happened because the security configuration of the enterprise wireless access points was loose. Furthermore, from the security architecture standpoint, if the wireless network is located logically within the internal enterprise network, a security breach of the wireless network could represent a disastrous incident with profound consequences for the enterprise going-concern.

On top of that, add another headache for the enterprise: Bring-Your-Own-Device – BYOD. Personal electronic devices are brought to work (iPad, Android tablets, etc.) and connected to the wireless internal network, so if one of these devices is compromised the path to the core of the enterprise goes right through its wireless network.

SANS Critical Control 7 speaks about wireless network logical architecture and configuration and focuses on the following key areas:

  • A wireless client with an unauthorized service set identifier configured on it.
  • A wireless client with improper encryption configured.
  • A wireless client with improper authentication configured.
  • A wireless access point with improper encryption configured.
  • A wireless access point with improper authentication configured.
  • A completely rogue wireless access point using an unauthorized configuration
  • Unified VRM SaaS solution has a dedicated module to address enterprise wireless network security. Wireless probes are placed in the enterprise and communicate with the Unified VRM cloud instance via VPN tunnels.

Unified VRM allows the enterprise to kick start its own wireless networks vulnerability management program, allowing to:

  • Performing a wireless network site survey, detecting neighboring access points, authorized access points and rogue access points, that are detecting over the wireless signal and present with a MAC address within the internal wired network.
  • Detect enterprise access points using weak encryption protocols, such as WEP.
  • Testing the strength of encryption keys for WEP, WPA and WPA2 protocols. The cracking attempts are perform using first a dictionary attack and then a brute forcing attack using the formidable computational power of the cloud.
  • Testing of wireless connected devices for latest security vulnerabilities.
  • Performing penetration testing over wireless networks allowing to escalate privileges over hosts are connected over wired internal enterprise networks.

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.