Meraki MR34 Cloud Managed AP MR34-HW Prospecto
Los códigos de productos
MR34-HW
Wireless Threats
Understanding the wireless airspace around you can help to take effective measures, both
preventive and reactive, to ensure that the wireless airspace is secure and interference-free
from other wireless networks. A number of different threats exist in the modern enterprise
environment, facilitated by easy access to cheap consumer-grade 802.11 equipment, along with
open-source hacking tools that can be used to simulate and spoof devices and generate traffic
floods. Leading enterprise WLAN providers such as Cisco provide built-in WIPS features to ensure
detection and remediation against these threats.
preventive and reactive, to ensure that the wireless airspace is secure and interference-free
from other wireless networks. A number of different threats exist in the modern enterprise
environment, facilitated by easy access to cheap consumer-grade 802.11 equipment, along with
open-source hacking tools that can be used to simulate and spoof devices and generate traffic
floods. Leading enterprise WLAN providers such as Cisco provide built-in WIPS features to ensure
detection and remediation against these threats.
Threat classifications
Visibility and classification of potential wireless threats is an important first step in securing the
wireless network and network infrastructure as a whole. Once classified, remediation can be
taken against confirmed threats and innocuous alerts can be dismissed. Cisco Meraki Air Marshal
automatically classifies threats into the following categories to provide the greatest visibility and
overall protection for your network.
taken against confirmed threats and innocuous alerts can be dismissed. Cisco Meraki Air Marshal
automatically classifies threats into the following categories to provide the greatest visibility and
overall protection for your network.
Rogue SSIDs
SSID and AP spoofs: the malicious impersonation of a legitimate AP by either spoofing the SSID
name or, even worse, the SSID name and the BSSID (the wireless MAC address, which makes it
name or, even worse, the SSID name and the BSSID (the wireless MAC address, which makes it
indistinguishable from the original AP).
Rogue SSID seen on LAN: SSIDs that are broadcast by rogue APs and seen on wired LAN; this
could suggest compromise of the wired network.
Other SSIDs
Interfering SSIDs: wireless networks that are broadcasting and could be causing RF interference,
as well as attracting accidental associations from clients who are supposed to be connecting to
your own network.
your own network.
Ad-Hoc SSIDs: modern smartphones and mobile devices are capable of associating to WiFi
networks and then re-broadcasting the SSID, essentially acting as a wireless bridge. Devices in
ad-hoc mode can connect to a client AP and create a gateway for wireless hackers.
ad-hoc mode can connect to a client AP and create a gateway for wireless hackers.
Malicious Broadcasts
Denial of Service (DoS) attacks are attempts to prevent clients from associating to the legitimate
AP by sending an excessive number of broadcast messages to clients. DoS attacks could be from
malicious clients, APs, or even another WIPS system in the area that considers the corporate
network a threat and is attempting to remediate.
network a threat and is attempting to remediate.
Packet Floods
Clients or APs that are sending an excessive number of packets to your AP. Packets are
monitored and classified based on multiple categories including beacon, authentication and
association frames. An excessive number of any category of packets seen within a short time
interval will be marked in Air Marshal as a packet flood.
association frames. An excessive number of any category of packets seen within a short time
interval will be marked in Air Marshal as a packet flood.
Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
5