Wireless communications, such as IEEE 802.11 (WiFi), IEEE 802.16 (WiMax), and IEEE 802.15.1 (Bluetooth), have proliferated due to the availability of wireless spectrum and wireless communications components. Traditional wired networks use cables to transfer information. Cables are a controlled medium, protected by the buildings that enclose them. External traffic that enters a wired network is policed by a firewall and established wired intrusion-protection technologies. To gain access to a wired network, an intruder or hacker must bypass the physical security of the building or breach the firewall.
Wireless networks, on the other hand, use the airspace to transfer information. The airspace is an uncontrolled and shared medium—it lacks the equivalent physical control of its wired counterpart. Once a user connects a wireless access point (AP) into the network, its signals can travel through the walls, ceilings, and windows of the building, exposing the traditionally secure physical and link layers. This renders the entire network accessible from another floor of the building, from an adjoining building, from the parking lot, or from across the street. Radio signals from a single wireless AP can travel up to thousands of feet outside of the building. Additionally, wireless devices share the airspace. Any wireless device in the network can sniff all the traffic of all other wireless devices within the same the basic service set.
As wireless networks proliferate and costs decrease for wireless components, networks are becoming more insecure due to the inherent security weaknesses of wireless networks. Enterprises have deployed wireless intrusion prevention systems (WIPS) to proactively monitor and prevent attacks on the wireless networks. Some enterprises have begun to adopt “no wireless” policies forbidding the use of wireless networks on-site. Without a means to enforce such policies, network operators cannot determine compliance to the policy.
Further, regulatory compliance (e.g., HIPAA, GLBA, PCI, DoD Directive) requires network security audits and reports to demonstrate effective internal control over protection of confidential data. For example, the Department of Defense (DoD) issued a new DoD policy on Jun. 2, 2006 as a supplement to DoD Directive 8100.2 which requires wireless intrusion detection systems (WIDS) for all DoD wired and wireless LANs. WIDS and WIPS both describe systems capable of continuous monitoring (i.e. 24×7) and detection of authorized and unauthorized devices on wireless networks. WIPS systems also include prevention mechanisms to proactively prevent unauthorized devices from accessing wireless networks. Also, the DoD policy requires location sensing capabilities With regards to this directive, a wired DoD network without wireless capability would benefit from proactively locking down wireless access rather than simply detect unauthorized devices.
Systems and methods are needed to effectively and proactively lock down wireless communications such as IEEE 802.11 (WiFi), IEEE 802.16 (WiMax), and 802.15.1 (Bluetooth) while not affecting neighboring areas.