Meraki MR34 Cloud Managed AP MR34-HW Prospecto
Los códigos de productos
MR34-HW
Client Straying Threats
Accidental associations: client devices that belong to your infrastructure associating to a wireless
network in your airspace that has not been sanctioned by your corporation. Straying clients could
accidentally connect to Rogue SSIDs or spoofed SSIDs if proper action is not taken to protect the
wireless airspace.
accidentally connect to Rogue SSIDs or spoofed SSIDs if proper action is not taken to protect the
wireless airspace.
PCI Compliance
Understanding and remediating against wireless threats is also a requirement under the Payment
Card Industry Data Security Standard (PCI DSS), a standard required for retailers to follow when
processing credit card data over WLAN networks. Examples of WIPS requirements under PCI DSS
include:
include:
Section 9.1.3 Physical Security: Restrict physical access to known wireless devices.
Section 10.5.4 Wireless Logs: Archive wireless access centrally using a WIPS for 1 year.
Section 11.1 Quarterly Wireless Scan: Scan all sites with card dataholder environments (CDE)
whether or not they have known WLAN APs in the CDE. Sampling of sites is not allowed. A WIPS
is recommended for large organizations since it is not possible to manually scan or conduct a
walk-around wireless security audit of all sites on a quarterly basis
whether or not they have known WLAN APs in the CDE. Sampling of sites is not allowed. A WIPS
is recommended for large organizations since it is not possible to manually scan or conduct a
walk-around wireless security audit of all sites on a quarterly basis
Section 11.4 Monitor Alerts: Enable automatic WIPS alerts to instantly notify personnel of rogue
devices and unauthorized wireless connections into the CDE.
devices and unauthorized wireless connections into the CDE.
Section 12.9 Eliminate Threats: Prepare an incident response plan to monitor and respond to
alerts from the WIPS. Enable automatic containment mechanism on WIPS to block rogues and
unauthorized wireless connections.
unauthorized wireless connections.
Figure 3: Security threats in an enterprise environment
Cisco Systems, Inc. | 500 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
6
Site A
Client AP
Rogue AP
Client Laptop
‘Accidental association’
High-value asset associations
to wrong network
Client AP
Ad Hoc
Devices in ad-hoc mode can
connect to a client AP and
create a gateway for wireless
hackers
Wireless Hacker
Rogue AP
Rogue APs on
the wired LAN can
compromise your
entire wired and
wireless network
Site B