WLAN Probe Monitor 100

The Madge WLAN Probe Monitor 100 is a desktop network appliance that receives, stores and reports wireless event information from automatically discovered WLAN Probes installed in your airspace.

A wireless-enabled SMB will have many access points and wireless users. Unauthorized access points can be installed at any wired Ethernet port. In addition, a business with a no-wireless policy needs to monitor and control this policy too.

The WLAN Probe Monitor 100 is used in conjunction with Madge WLAN Probes, which are strategically and discretely placed around your company’s premises. The WLAN Probes scan for 802.11a/b/g and Bluetooth communication activity and intelligently identify authorized and unauthorized wireless activity. The WLAN Probe Monitor 100 can manage up to 4 Probe 2's.

Version 4.2 software enhancements, including

• Encryption. The server now has the ability to encrypt the data sent between the Probes and its server on a per Probe basis
• Automatic CounterMeasures can be configured to defend access points from malicious attack without intervention from the administrator
• Adaptive CounterMeasures. The probes will learn the best type of CounterMeasures to launch against an attacker
• Management Reports. A comprehensive range of configurable management reports on the security, performance and administration information held in the Probe Monitor Server
• Signal strength (RSSI) is reported for access points and devices
• SNMP v2/v3 support
• Email. Alerts, Events can now be sent via email as well as SNMP
• User management. Create new users to permit different levels of access to the system
• The Probe Monitor now reports over 130 different events
  

Key Benefits

• CounterMeasures disrupt unauthorized conversations Setting and helping to enforce WLAN policies
• Monitoring authorized and rogue access points
• Detecting intrusions and attempted attacks
• Identifying unapproved networks and connections
• Locating incorrect configurations that can lead to new threats
• Understanding and managing wireless network performance

Key Features

Madge WLAN Probes

WLAN Probes are small sensors connected to the enterprise’s wired IP network infrastructure and act as real-time radio-monitoring devices, scanning all channels used by 802.11a/b/g and Bluetooth equipment of all types.
The detected messages are processed on the WLAN Probe, appropriate events generated and reported via the WLAN Probe Monitor Server.

WLAN Probe Monitor Server

The WLAN Probe Monitor is desktop appliance, running software which receives automatic event data from WLAN Probes that have been installed in the enterprise.
WLAN Probes are fully managed by the WLAN Probe Monitor Server including automatic firmware upgrades if required.
Event information from WLAN Probes is analyzed, interpreted, consolidated, and stored on the WLAN Probe Monitor Server. The data is analysed and detects any system-wide trends, anomalies, coordinated security threats or mobility events.
The server has the ability to encrypt the data sent between the Probes and its server on a per Probe basis.

WLAN Probe Monitor Console

The WLAN Probe Monitor Console is a Microsoft Windows-based application which provides the user interface to the WLAN Probe Monitor Server via the enterprise’s IP network infrastructure.
The WLAN Probe Monitor Console uses the familiar look and feel of multi-pane Microsoft applications such as Explorer, Outlook, etc., consisting of Menus, Tree Pane, Display Pane, Toolbar, System Tray and various graphing utilities - it’s a simple interface that requires minimal training. The WLAN Probe Monitor 100 supports a single WLAN Probe Monitor Console.
The IT or Security manager can review historical information, such as the rate of Alert generation or number of wireless conversations over time, for the whole network, or individual devices or APs, as graphs.
The WLAN Probe Monitor Console is a window into the information held on the WLAN Probe Monitor Server. It stores no system or event related information. The user can acknowledge Alerts, and can clear events that are no longer of interest, and event lists can be exported.

CounterMeasures

CounterMeasures makes the Madge WLAN Intrusion Protection System a truly 3rd generation one. It goes beyond detection and gives Proactive Protection of your airspace. It utilizes wireless transmissions to disrupt unauthorized conversations between client devices that have been identified as rogues (e.g. intruders or snoopers) and the trusted wireless network. To effect CounterMeasures the Probe Monitor 100 instructs a Probe 2 to periodically transmit messages that cause the rogue device to be disconnected from the wireless network, effectively blocking access.
CounterMeasures can be configured to work in Adaptive mode: after each attempt to disrupt traffic from the unauthorized source the Probes continue to monitor how effective the CounterMeasure was and will adjust the level of response to minimise load on the wireless network.

Wireless activities reported

The IT or security manager can see at a glance everything of interest that’s happening in the wireless network through the WLAN Probe Monitor Console GUI – devices, events, and conversations in various networks.The WLAN Probe monitors all wireless data packets within its range and intelligently analyses them. The user chooses whether the WLAN Probe will create an event, based on information in the packet. The packet is discarded and not sent through the wired network. The user also determines which devices are authorized and which are not. Wireless devices also have "conversations” with each other. There are multiple types of conversation:

• Infrastructure conversations are between a WLAN Access Point and WLAN Clients.
• Ad hoc (peer-to-peer) conversations are between two WLAN Clients.
• Wireless Bridge conversations are between two WLAN Wireless Bridges.>

The conversations can be between legitimate users (wireless clients), legitimate devices (Access Points), unauthorized users, unauthorized devices, and neighboring networks that may be in range but are not part of your enterprise network.
The WLAN Probes provide event information on all of these conversations and the WLAN Probe Monitor Server analyzes and correlates the data, and informs the user on suspicious wireless activities.
The WLAN Probe Monitor Console also enables users to define the total wireless environment as the “Entire Network”, and then divide this into the user’s environment, other known wireless environments (e.g. adjacent buildings within detection range), and unknown environments.
These are defined as:

• My Networks -Any wireless equipment that belongs to the user’s organization, and is authorized.
• Other Networks - Any wireless equipment that belongs to an organization different to that of the user, but which may be in range of the user’s WLAN Probes.
• Unknown - Any wireless equipment that is not known to belong to the user’s organization, or another known organization which may be in range of the user’s WLAN Probes

Product Data Sheet

Click on the link below to download the WLAN Probe Monitor product data sheet.

 Datasheet