RFProtect safeguards the network infrastructure against wireless security threats as well as provides a critical layer of visibility into sources of radio frequency interference and their effect on wireless LAN performance. RFProtect provides integrated wireless security and spectrum analysis system for enterprise WLANs and eliminates the need for a separate network of RF sensors and security appliances.
The ArubaOS RFProtect module includes spectrum analysis capabilities used in conjunction with Aruba's Adaptive Radio Management technology. RFProtect Spectrum Analyzer identifies and classifies interference sources, then provides administrator analysis of the interference via graphical charts, including FFT and spectrogram graphs. Aruba's Adaptive Radio Management employs infrastructure-based controls to optimize Wi-Fi client behavior and automatically ensures that APs stay clear of Wi-Fi and non-Wi-Fi interference.
Wireless intrusion protection
Wireless networks make attractive targets for denial-of-service and man-in-the-middle attacks. Aruba Mobility Controllers with RFProtect maintain signatures to identify and block wireless attacks so service is not disrupted. Based on location signatures and client classification, Aruba access points will drop illegal requests and generate alerts to notify administrators of an attack. Aruba APs monitor the air to detect other wireless stations masquerading as valid APs. RFProtect tracks unique signatures for each wireless client in the network. If a newly-introduced station claims to be a particular client but lacks a proper signature, a station impersonation or man-in-the-middle attack is declared. When a man-in-the-middle or invalid/masquerading AP is detected, defense mechanisms are put in place to contain the unauthorized device and prevent the corruption or loss of confidential data.
Classifying and disabling rogue access points
Classification is the first step in securing the corporate environment from unauthorized wireless access. Adequate measures to quickly shut down intrusions are critical to protect sensitive information and network resources. APs and stations must be accurately classified to determine whether they are valid, rogue or neighboring APs, and an automated response must be implemented to prevent possible intrusion attempts. With RFProtect, Aruba 802.11n APs support TotalWatch, which provides an advanced set of features to detect unauthorized wireless devices and a set of customizable rules are utilized to highlight devices that truly pose a threat to the network.
Policy definition and enforcement
RFProtect enables the configuration and dynamic enforcement of network policies. Examples of wireless policies include valid station protection, AP misconfiguration protection, ad-hoc network detection and protection, unauthorized network interface card detection, and wireless bridge detection. RFProtect includes a policy-configuration wizard, simplifying the creation of an organization's wireless security policies.