 |
||||
|
|
|
||
|
Contents 
Introduction
AirDefense v AirMagnet
AirDefense v AirMagnet 2
AirDefense v AirMagnet 3
Comparison table
Bluesocket WG-1100
SonicWall Pro 5060
Specifications
Editor's choice
About RMIT |
|
||
|
|
||||
|
|
||||
| Product | AirMagnet Enterprise | AirDefense |
| Vendor | AirMagnet (dist. Redbridge Solutions) | AirDefense (dist. Pacific Data) |
| Telephone | 0011 1 408 400 0200, (Redbridge 02 9959 9620) |
61 3 9820 0322 |
| Web site | www.airmagnet.com (www.redbridge.com.au) |
www.airdefense.net |
| RRP | AU$11,595 (With Dell SC430 server hardware AU$14,357) |
AU$39,007 |
| Warranty and support | First year support (including free upgrades) included with the package. Support available Monday through Friday, from 6am to 6pm Pacific Time via telephone, e-mail and Web. Warranty turn around time is one day. | Maintenance includes 5 x 12 technical support via phone, fax, e-mail, and Web. Four-hour guaranteed response time. Access to AirDefense channel partner service maintenance agreement. |
| Hardware requirements | Enterprise Server - Intel Pentium-4 Processor 2.4GHz, 512MB RAM, 4GB HD. Enterprise Console - Intel Pentium-4 Processor 1.2GHz, 256MB RAM, 20GB HD | Supplied as an appliance |
| OS supported | Windows 2000 server, Windows 2003 server, Windows XP Professional | (Hardened Linux Kernel) |
| Fail over capability | Backup server option, sensors will automatically switch over to the secondary server. When the server is unavailable, users can connect directly to the sensors. | Yes, with redundant server |
| Management console | Windows 32 application | Web Java |
| Preloaded policies | Enterprise best practice, enterprise rogue detection, financial (GLBA), healthcare (HIPAA), hotspot, tradeshow, warehouse/manufacturing, retail, government/military | SOX, GLBA, HIPAA, United States Dept. of Defense |
| Number of specific threat classes supported | Denial-of-Service attacks against APs and STAs, and infrastructure. Security penetration attacks, zero-day attacks, configuration vulnerabilities. | 200+ alarm signatures |
| AI feature for detecting potential threats | Analysis of abnormalities with wireless devices or the wireless network. | Correlation of events and anomalous behaviour detection engines |
| Notification methods | Syslog, SNMPv2/v3, E-mail, Paging, SMS, Messenger, Audio, Print | E-mail (SMS and pager concantenation option), SNMP, Syslog |
| Notification escalation supported | Can alert specific individuals of issues uniquely related to them and allow multiple thresholds tied to unique notifications or responses. | A very granular levels of notification for each individual |
| Automated response to threats | Automated wired side or wireless blocking can be tied to any of the 135+ security and performance policy violations. | Intrusion protection via policy-based termination (AirTermination) |
| Wireless triangulation | Integrated triangulation feature. Includes floorplan loading capability | Includes floorplan importation from CAD, Visio, or JPEG/BMP or other file formats. |
| Wired trace ability | Integrated wired side tracing feature. Results include specific switch and port information to which the rogue device is connected to. | As part of integration with Cisco WLSE |
| Sensor type/model | AirMagnet AM-5010-11AG Sensor, Cisco 1100 series, 1200 series, BR 1310 AP's (with limited fucntionality). | AirDefense M400 Sensor - 802.11a/b/g passive monitoring. |
| Sensor capabilities | SmartEdge architecture does packet analysis and stateful monitoring in the SmartEdge sensors, and then does correlation / reporting / alerting / notification in a centralised server. This reduces bandwidth over WAN links. | Sensors locally compress, encrypt data and submit to centralised server for immeadiate correlation and event management. |
| Can standard AP's be used to collect data | Allows the use of Cisco APs and Xirrus APs to collect data. | AP's can collect data in airopeek or pcap format to be then used with Ethereal/TCPDump for further analysis. |
| Wireless blocking capability | Allows for manual and automatic (based on policy violation) wireless blocking capability of APs, STAs and ad-hoc nodes. | Real-time threat mitigation using AirTermination |
| Scalability | AirMagnet Enterprise supports 1500+ sensors per server and with monitoring of unlimited number of APs. | Fully scalable. Each appliance supports up to a certain number of sensors. The 1150 (lowest spec) can handle up to 250 AirDefense sensors while the 2270 can handle 600+ |
