Solution
Achieve network airspace control and protection and prevent unauthorized access to the corporate network by using AirEye Dome:
-
Prevent any unauthorized wireless access to a dual-connected device
-
Receive visibility into devices that are broadcasting Wi-Fi Direct, Mobile Hotspot and AWDL, pinpointing all devices connected via those technologies
-
Receive visibility into devices that are using File Sharing, AirDrop, Feem and Media Streaming, pinpointing all their peer devices
-
Identify wireless networks with insecure configurations
-
Pinpoint WPS-enabled networks
-
Detect wireless hotspots operated by authorized and unauthorized users
-
Protect against FragAttacks
-
Prevent wireless-spreading malware attacks such as Emotet
Prevent devices with dual connectivity to connect to unauthorized and unmonitored wireless networks
Unauthorized access to corporate network
Problem
Nearly all computing devices today, including laptops, mobile phones and even printers, have dual connectivity. On one hand a wired cable connected to the corporate network, and on the other, a wireless connection open to the world. For example, Wi-Fi Direct, a peer to peer connection protocol that allows two devices to directly interact, is commonly found and by default enabled on printers. AWDL, Apple’s proprietary peer to peer protocol, continuously broadcasts its open connection.
These devices are coined as Wireless Receptors™, that at any moment - either purposefully or unintentionally - can connect to unmonitored or unauthorized wireless networks.
Attackers leverage the Wireless Receptor™ wireless capability to take control of the device, bypassing firewalls and any connectivity logs. The now-compromised device is used as a bridge into the corporate network. From this moment, the attack becomes invisible to existing NAC solutions as the attacker operates from a legitimate device.
Today’s common mitigation practices include periodically and manually testing that the wireless capabilities are turned off, while more specific controls are not even provided - leading to security policy and regulatory violations.
