Recent Posts

Posts by Topic

see all

Why Wireless Handheld Audits Do Not Equal Security

by AirTightTeam on Apr 15, 2009


Wireless security audits play a crucial role in the wireless vulnerability assessment of IT infrastructure and provide guidance on how organizations can meet regulatory wireless compliance requirements. Assessment of wireless vulnerabilities is challenging because of the dynamic nature of wireless environments. Auditors have to worry about not only the wireless devices in a network environment that is being audited, but also external wireless devices in the vicinity that can impact the susceptibility of the network in question to vulnerabilities and attacks. Wireless laptops, handhelds, and smartphones carried by business travelers can also get infected with vulnerabilities on the road; even organizations that may not have officially deployed a wireless LAN need to be aware of these threats.

Unfortunately, wireless security auditors have been underserved by the available auditing tools and methods. Traditionally wireless security audits have been conducted as an onsite activity. The auditor must walk around with a handheld device sniffing over-the-air wireless data. This cumbersome technique with limited wireless vulnerability assessment capabilities makes wireless security audits ineffective and inefficient, and makes auditors less productive.

AirTight Networks’ unique service that allows for wireless security audits as a hosted service removes the burden from the auditors and empowers them to deliver premium service to their customers and perform more audits efficiently.

Web-based Wireless Security Audits as a Service

Web-based wireless security auditing — a radical departure from the conventional onsite approach — leverages the Software as a Service (SaaS) model to offer wireless security audits online, on-demand. Auditors use plug-and-play wireless scanners to monitor the airspace. The scanners automatically connect to a centralized server over a secure connection. The server is powered with an up-to-date vulnerability database and is housed in a secure (SAS 70) datacenter. Auditors access the wireless security auditing portal through a Web browser; no special software is needed.

SpectraGuard Online Architecture

SpectraGuard® Online

AirTight Networks’ SpectraGuard Online is the world’s first and only service that offers wireless security audits as a monthly subscription-based service. Its benefits for the audit community are powerful:

1. Effortless, effective wireless security audits anywhere, anytime.

SpectraGuard Online eliminates “walk arounds” with a handheld device. With the auditing service easily accessible via any Web browser, auditors can conduct a wireless security audit for any customer, anywhere in the world, at any time — they do not even have to leave the comfort of their own offices. Direct or VPN access to customer’s corporate network is not needed. Auditors do not have to own and maintain any hardware or software tools.

With AirTight Networks’ pre-configured, plug-and-play wireless scanners continuously scanning the airspace, auditors can generate on-demand wireless vulnerability assessment and compliance reports, and recycle the wireless scanners among multiple sites of a customer or among multiple customers. If needed, multiple audits can be handled simultaneously via a single wireless security portal.

The bottom line: auditors can increase their profitability by increasing efficiency — doing more audits in less time and serving customers worldwide without traveling.

2. Confidence of a complete wireless vulnerability assessment

The inadequacy of handheld scanning for vulnerability assessment leaves audited networks exposed to many common wireless threats and unaware of new vulnerabilities. Free scanning tools such as NetStumbler and Kismet primarily serve the purpose of capturing over-the-air packets, and report only very basic information such as SSID, encryption, and MAC addresses. Further, handheld scanners are not able to distinguish which wireless devices are connected to the wired corporate LAN. This combined with the lack of security policies renders these tools close to useless for alerting against common threats such as rogue APs, client misassociation, and honeypots, to name a few. In addition, most live wireless attacks go undetected during handheld scans. Auditors giving a clean bill of health to such networks run the risk of liability if a wireless security breach or leakage of classified information occurs.

With an up-to-date centralized vulnerability database and AirTight’s patented wireless vulnerability management technology, SpectraGuard Online can automatically detect all known wireless vulnerabilities and attacks. These include client-side vulnerabilities (e.g., clients infected by viral SSIDs or probing for vulnerable SSIDs) that occur when business travelers use their laptops and phones for wireless access on the road.

3. Automated management of wireless security policies

Security policies form the basis of any security audit. With little or no support for defining and managing wireless security policies built into most handheld scanning tools, auditors face a daunting task of manually classifying wireless devices, analyzing captured data, and assessing vulnerabilities.

With SpectraGuard Online users can easily define and manage wireless security policies. AirTight Networks’ patented autoclassification technology allows quick, accurate classification of access points and clients as authorized and unauthorized including information about their connectivity, e.g., to wired corporate LAN, ad-hoc networks.

4. Professional, pre-defined wireless security audit reports

Auditors often complain that communicating to each network administrator which vulnerabilities are critical and need to be fixed is challenging. SpectraGuard Online eliminates this problem by offering pre-defined reports that classify detected wireless vulnerabilities into severity levels. This helps prioritize which vulnerabilities need to be fixed first. Advice for fixing the vulnerability (manually or automatically) is given. Reports can be generated for a moment in time or a period; reports over different time periods can be used to audit the trends in the wireless security posture of a network.

Depending on the goal, an auditor can generate a wireless vulnerability assessment report or a regulatory compliance report (e.g., PCI, GLBA, SOX). In a compliance report, each vulnerability is mapped to a specific requirement from the respective compliance legislation.

5. Accurate, instant location tracking

Most handheld scanning tools force auditors to locate wireless devices based on a trial-and-error method. The auditor has to walk around the facility and monitor the change in signal strength; the idea is to walk in a direction where signal strength increases eventually leading the auditor to the device of interest. This method can take several minutes to several hours before the device can be located, if at all. Some tools support GPS which is useless for indoor location tracking.

With multiple scanners monitoring the airspace, SpectraGuard Online can instantly and accurately locate wireless devices in the vicinity. This is critical for quickly finding vulnerable or malicious devices.

6. Future-proof system

Scanning tools—free and commercial—do not guarantee an up-to-date security audit against new or emerging vulnerabilities and exploits, and newer technologies (e.g., 802.11n). Auditors have to wait for the next software patch or version upgrade.

The SpectraGuard Online centralized wireless vulnerability database is continually updated, allowing auditors to offer the world’s first and only zero-day wireless threat auditing capability to their customers.

7. Integrate audit reports from multiple distributed sites

Customers with multiple WLAN deployments—some at worldwide locations—often demand integrated wireless security audit reports for their company. With handheld scanning, this has to be handled by auditors manually as a separate task.

With AirTight Networks’ patented location-based policy management technology, SpectraGuard Online can naturally integrate wireless security audits at multiple sites worldwide and organize the results into a single audit report, without any effort for the auditor.

8. Customizable wireless security audits to suit your customer’s needs

Naturally depending on the type of business, organizations are exposed to different types of wireless vulnerabilities and have different requirements both internal and regulatory for managing wireless security. Unlike the one-size-fits-all handheld scanning, SpectraGuard Online allows auditors to customize wireless security audits to meet the specific needs of their customers.

A short video demo of SpectraGuard Online is available on AirTight’s Website.

Walk Around Scanning vs. SpectraGuard Online: Cost Comparison

Let us look at a simple example to quantify the cost savings of SpectraGuard Online as a wireless security audit technology over handheld scanning. A company has 10 sites across 10 US cities. Each site is up to 20,000 sq. ft.

Walk Around scanning

SpectraGuard Online







Scanning Frequency



Yearly cost



Handheld scanning cost includes consultant’s time and traveling expenses which average $2500 per day. SpectraGuard Online cost includes shipping cost for wireless scanners. With a conservative estimate the cost for handheld scanning is more than 12 times that of SpectraGuard Online-based wireless vulnerability assessment! Additionally, SpectraGuard Online provides a more attractive service—comprehensive assessment of all known wireless vulnerabilities, more frequency of scans, and rich assessment and compliance reports.


With geographical and time boundaries on wireless security audits removed, auditors can expand their services to worldwide locations and simultaneously serve more customers without breaking a sweat. SpectraGuard Online is a breakthrough solution that offers wireless security audits as a hosted service. It facilitates cost-effective, unattended, non-intrusive, and accurate assessment of wireless vulnerabilities. Wireless security auditors are relieved of the drudgery and become more efficient and productive, while delivering premium service to their customers.

Topics: Wireless scanning