Management and Reporting
AirMagnet provides its enterprise customers with the most accurate and useful tools for meeting industry regulation standards that relate to wireless networking. AirMagnet's Enterprise and WiFi Analyzer products are equipped with built-in policy-management and reporting tools for:
Basel II Accord
Basel II promotes greater consistency in the way banks and banking regulators approach risk management. It is designed to establish minimum levels of capital for internationally active banks and incorporates an explicit capital charge for operational risk, which includes the security risks in operating a wireless network.
AirMagnet technology and the Basel II Compliance Report support institutionally active banks' compliance with Basel II by identifying and mitigating the operational risks inherent in operating and maintaining wireless networks and devices
Department of Defense (DoD) Directive 8100.2
DoD Directive No. 8100.2 mandates security measures for the use of commercial wireless devices, services, and technologies in the DoD Global Information Grid.
AirMagnet technology and DoD 8100.2 Compliance Report helps DoD components meet the requirements of Directive 8100.2 by detecting rogue devices and denial of service attacks; monitoring wireless transmissions and devices for security penetration, user authentication, encryption schemes, and radio frequency interference; identifying device configuration, deployment, and control issues; and identifying wireless vulnerabilities and alerting appropriate personnel.
European Union Capital Requirements Directive (EU-CRD)
The EU-CRD, popularly known as CAD3 (Capital Adequacy Directive), implements the Basel II Accord in member countries and introduces new capital requirements for internationally active banks, credit institutions, and investment firms. Following Basel II, the EU CRD mandates the use of operational risk, including the risks in operating a wireless network, in calculating minimal levels of capital.
AirMagnet technology and the EU-CRD Compliance Report support banks, credit institutions, and investment firms to comply with the EU CRD by identifying and mitigating the operational risks inherent in operating and maintaining wireless networks and devices.
International Standard ISO/IEC 27001:2005 (ISO 27001)
The ISO 27001 is a model to build an Information Management Security System (ISMS) as part and parcel for an organization's system that manages networks and systems. It is premised on identifying business risks and aims to establish a policy that includes objectives, processes, and procedures to manage the risks and thereby improve information security.
There are over 130 security objectives and controls in the ISO 27001. AirMagnet technology can satisfy ISO 27001 for wireless networks and devices by helping an organization plan security objectives and controls with the ISO 27001 Compliance Report. AirMagnet technology then monitors and checks the controls in real time and reports violations to the appropriate personnel. AirMagnet also supplies suggested approaches to mitigate identified risks and improve an ISMS.
Payment Card Industry Data Security Standard (PCI DSS)
When customers offer their payment card at a point of sale, over the Internet, on the telephone, or through the U.S. mail, they want assurance that their account information is safe. The PCI DSS offers a single approach for merchants who use payment cards for merchandise to safeguard sensitive data for all payment card brands, including Visa and MasterCard.
AirMagnet technology and the PCI DSS Compliance Report help address some of the basic requirements of the PCI DSS for wireless networks and devices. Among other things, AirMagnet insures that only authorized wireless devices access the network and makes sure that no vendor-supplied defaults linger on active devices. In addition, AirMagnet includes an intrusion detection system and regularly tests devices for known vulnerabilities. When systems are breached or vulnerabilities are identified, AirMagnet sends configurable alerts to administrations
Enterprise or WiFi Analyzer users can choose from a set of built-in policies for any one of these regulatory standards. Once policies are set, the system will automatically monitor the wireless LAN and generate alarms when it detects any events or devices that are out of compliance. Reports can then be generated to provide a step-by-step pass/fail assessment of every standard of the regulation, including a definition of the standard and a list of events or issues that caused non-compliance, if applicable. High-level dashboard views, such as pie charts, break down compliance into various categories to highlight vulnerabilities that require special attention. Using this end-to-end, policy-driven method to manage the wireless LAN is the only way to fully meet strict regulatory standards and the best way to maintain strict security.
Did you know? AirMagnet Enterprise can feed alarms to your Security Information Manager (SIM) or Manager of Managers (MOM) system, such as ArcSight, Netcool, HP Openview, Guarded Net, etc. This enables policy-driven data to reach central managers, who often oversee compliance-related issues.
