SpectraGuard Enterprise - 27 Sep 2005

AirTight Networks' SpectraGuard Enterprise is an 802.11a/b/g wireless Intrusion Prevention System (IPS) that uses a combination of wired and wireless monitoring and selective transmissions to ensure that only authorized clients and Access Points (APs) connect to your wired network wirelessly. Though SpectraGuard gives network administrators tight control over standards-based wireless networks, proprietary technologies such as pre-802.11n (pre-n) multiple-input/multiple-output (MIMO) wireless APs can evade its detection and blocking techniques.

SpectraGuard Enterprise consists of a 1U rack-mountable hardened Linux appliance and SpectraSensor probes that you disperse throughout your facility to monitor wireless frequencies and report back to the server via your wired network. The server compares wired and wireless data to determine whether each AP detected by the SpectraSensors is connected to your wired network and meets your security policy, which can specify allowed AP brands, SSIDs, protocols (802.11a/b/g), and wireless encryption technology.

I tested rogue AP location detection and blocking of both an 802.11g AP and an AP that uses RangeMax, NETGEAR's proprietary MIMO wireless technology. SpectraGuard worked well against the 802.11g AP but failed to even detect the RangeMax AP unless it was operating in 802.11g mode. AirTight says that SpectraGuard 4.0, due about the time this review is published, will have limited MIMO/pre-n detection capability. For an expanded review of SpectraGuard, go to InstantDoc ID 47878.

—Adam Carheden