Motorola AirDefense - Security and Compliance Solutions

ADVANCED FORENSICS MODULE

Use a Tool Designed for Wireless
Wireless events tend to be transient by nature making analysis of security and performance issues a difficult undertaking. Without granular historical records, trend analysis is virtually impossible. The Motorola AirDefense Advanced Forensics Module gives wireless administrators the ability to rewind and review detailed records of wireless activity in support of forensic investigation or network performance troubleshooting. The Module’s unique wireless analysis engine lets you get to historical wireless data for detailed troubleshooting – whenever you need it. Every minute, the system stores 325 data points for every identified wireless device, providing a complete record of WLAN performance and connectivity. This dynamic database of critical device communication and traffic statistics including channel activity, signal characteristics, device activity, and traffic flow, can be used to chart network usage trends, identify anomalies and support capacity planning.

Capture the Evidence you Need
With Advanced Forensics, administrators can focus on the activity of a suspect device over a period of months and even drill down to review minute-by- minute details of wireless activity. The high level of granular information available for analysis marks the differencebetween a forensics capability that allows an administrator to detect and resolve a pattern of attack occurring over an extended period versus responding to repeated attacks from the same source as separate and isolated incidents. Such a powerful forensic function enhances your business operation by supporting more efficient network management, assuring better compliance and improving overall security posture.

Simpliffy your Compliance
The Advanced Forensics module also maintains the highly accurate historical data required by many regulations such as HIPAA, GLBA, Sarbanes-Oxley (SOX), Payment Card Industry (PCI) data security standards such as VISA CISP and the Department of Defense. So your organization’s compliance – and proof of compliance – becomes automatic and routine.

Capabilities include:
• Historical association analysis: Easily identify imbalances, including APs that are intermittently over- or under-utilized.
• Historical traffic analysis: Quickly isolate and identify the issue driving anomalous behaviors, such as connectivity loss when a microwave oven is in operation.
• Historical channel analysis: Determine spare channel capacity to help optimize WLAN frequency planning.
• Historical location tracking: Determine the physical location of a device over time, identifying hot zones where the device typically operates, as well as roaming trajectories for mobile clients.

Advanced Infrastructure Forensics
With ADSP Release 8.1.1, the capabilities of the Advanced Forensic module have been extended to include data collection from infrastructure polls. With infrastructure forensics administrators have access to additional information which can be used to ensure the integrity of the wireless network. The forensics module gives administrators access to 115 statistics per poll, sufficient to provide a complete picture of the infrastructure environment yesterday, a week ago or even a month ago.

Powerful visualization tools allow data for a configurable time period to be presented in a way that allows administrators to understand usage patterns, network performance, and long term trends. The data collected in infrastructure forensics is in addition to data collected from sensor forensics but provides complementary information on CPU, memory, and RSSI from the Access Point perspective. Customers with AirDefense WLAN Management or LiveRF and Advanced Forensics licenses are automatically enabled with Advanced Infrastructure Forensics capability once their upgrade to ADSP 8.1.1 is complete.

FEATURES
• 325 data points every minute for every wireless device
• Detailed attack and sequence of events leading to a breach
• Historic location tracking of wireless devices
• Device connectivity and activity logs

BENEFITS
• Provides accurate record of wireless threats over time for forensic analysis and policy compliance
• Detailed wireless traffic data enables quick troubleshooting of wireless lan issues
• Allows trend analysis for network performance and capacity planning

Back to Security & Compliance Solutions