SOURCE: AirTight Networks

February 05, 2007 08:00 ET

AirTight® Enhances Industry Leading WIPS, Announces SpectraGuard® Enterprise 5.2

Extends Lead in Threat Detection, Prevention, and Reporting Capabilities, and Offers FIPS Compliance

MOUNTAIN VIEW, CA -- (MARKET WIRE) -- February 5, 2007 -- AirTight Networks™, the leading provider of wireless intrusion prevention solutions, today extended its lead over the rest of WIPS industry by announcing SpectraGuard Enterprise 5.2, the new standard for WIPS functionality. Release 5.2 enhances SpectraGuard's patented wireless threat detection and classification, improves its already more robust threat prevention, augments its highly rated reporting capabilities, and includes FIPS compliance.

The key elements of an effective wireless intrusion prevention system (WIPS) are:

--  detecting and correctly classifying wireless threats - to catch all
    threats, while minimizing false alarms
--  preventing (multiple, simultaneous) wireless threats - while
    continuing to scan for new ones
--  accurately locating wireless threats on a floor map - so they can be
--  providing a comprehensive reporting capability for compliance and
    audit purposes
SpectraGuard Enterprise 5.2 offers new and improved functionality in 3 of these 4 categories, in addition to adopting a FIPS compliant encryption algorithm.

In the detection and classification area, Release 5.2 enhances SpectraGuard by:

--  offering the industry's best, most granular sensor configuration
    capabilities - allowing the enterprise to define and group sensors into
    multiple categories - either geographically and/or functionally. For each
    of these categories the user specifies which (or all) of 62 different
    802.11 channels to monitor - to detect devices and threats across this
    wireless spectrum. This will allow an enterprise to set different wireless
    security policies for its data centers in the UK and its retail stores in
    the US or Asia (as an example).
--  Improving our detection of pre-standard 802.11n APs. Release 5.2 has
    adapted its algorithms to detect so-called "super-APs" and "turbo-APs"
    built on Atheros chipsets, as well as "draft-802.11n APs" from multiple
    vendors, in addition to the "pre-standard 802.11n APs" that we already
In the prevention arena, Release 5.2 offers new capabilities in several areas:
--  specific vendor AP/client prevention techniques - AirTight has
    discovered that several vendors, most importantly Intel Centrino, do not
    strictly adhere to the 802.11 standard, which presents specific challenges
    when blocking or preventing connectivity from these devices to other
    specific devices. SpectraGuard Enterprise 5.2 recognizes these variations
    and blocks the connections in spite of the vendor's implementations.
--  pre-11n/draft-11n/etc. APs - providing new threat categories that can
    trigger preventive actions.
--  hotspot/metro wifi connectivity prevention - a more and more prevalent
    problem as enterprises are attempting to keep their employees off of public
    hotspots or metro wifi services while they're in the office - to ensure
    they're not visiting inappropriate sites or sending company confidential
    information out over a neighboring wireless network.
--  a new category of attack - the "multi-pot" attack - where hacker(s)
    setup multiple APs (sometimes called honeypots) to lure unsuspecting WLAN
    users to attach to them. Other WIPS solutions may be able to stop a single
    connection to a single honeypot, but will fail when presented with multiple
    connections and multiple honeypot APs.
"With the rapid growth of muni WiFi and hotspot WLAN offerings, the biggest overlooked wireless security threat are internal users who bypass corporate security by surfing the Internet through nearby unprotected WLANs, exposing enterprise networks to spyware, trojans, bridging, and other back-door attacks," said Lisa Phifer, vice president, Core Competence. "Most WLAN switches don't monitor or prevent this high-risk client behavior, but a good wireless intrusion prevention systems (WIPS) like SpectraGuard does."

In the reporting area, Release 5.2 also bolsters the AirTight API, first introduced in SpectraGuard Enterprise 4.0 in December, 2005. The AirTight API has been enhanced to offer an ArcSight integration link, a configuration option to output syslog data in ArcSight's Common Event Format (CEF), enabling enterprises to use ArcSight's Enterprise Security Management (ESM) product to track and correlate wireless security events with their other security monitors.

In addition, for our federal customers, AirTight has replaced the 128 bit AES encryption algorithms used in SpectraGuard to encrypt and secure communications between our sensors and our server, with a FIPS compliant encryption algorithm. While the degree and type of encryption have not changed, the new algorithm has been FIPS certified.

"SpectraGuard Enterprise 5.2 is a significant release as it extends our leadership capabilities in the WIPS industry along 3 important dimensions," said Dennis Tsu, vice president of marketing at AirTight Networks. "With all the recent noise about standards-compliance between WLAN switch vendors, we can definitively say that a number of vendors are NOT truly 802.11 standards compliant, even though they may be WiFi Alliance certified. AirTight has invested engineering and QA resources to measure these deviations and adapted our WIPS products both to be able to detect and then also prevent unsafe or insecure connections based on these vendor specific variations."

AirTight Networks' SpectraGuard family of wireless security solutions has established its industry leadership position by delivering the key elements of an effective wireless intrusion prevention system (WIPS) as defined above. SpectraGuard Enterprise was recognized by Gartner, the Tower Group, Information Security Magazine, the Tolly Group, and others as leading the WIPS industry in 2006.

About AirTight Networks

Founded in 2002, AirTight Networks is the leader in wireless intrusion prevention solutions (WIPS). AirTight's award-winning SpectraGuard family of WIPS products and services delivers around-the-clock wireless policy enforcement and automatic intrusion prevention against wireless security threats while monitoring wireless LAN performance to ensure maximum network uptime and capacity. The AirTight SpectraGuard solution family has achieved industry leadership based on patented technology that eliminates false alarms, blocks wireless threats immediately and automatically, and locates wireless devices and events with pinpoint precision. AirTight Networks is a privately held company based in Mountain View, CA. For more information, visit the company's Web site at

AirTight Networks, and the AirTight Networks logo are trademarks; and AirTight and SpectraGuard are registered trademark of AirTight Networks, Inc. All other trademarks are the property of their respective owners.

Contact Information

  • Media Contact:
    AirTight Networks
    Donna Candelori
    Candelori Communications
    (408) 774-3414
    Email Contact