Features and Benefits:
 Windows 7™ Virtual WiFi Control (NEW)
Manage endpoints centrally
Control endpoint connections
Prevent wireless bridging, AdHocs, etc.
Disable connections to unknown SSIDs
Enforce location-based policy
Require VPNs or other security
Control use of USB WiFi and storage devices
|
Over 500 million wireless laptops are currently in use - each susceptible to wireless attacks. With over 100 million more shipping each year, it is critical for network administrators to have the right tools to enforce endpoint security, whether or not they have a wireless network.
Wireless Policy Manager (WPM) offers proven, world-class protection without added resources, so organizations can efficiently manage security for all wireless-enabled endpoints and gain confidence that corporate assets and business operations are protected — all while controlling costs.
Wireless Policy Manager: Overview Layout screen
Key Benefits and Features:
- Windows 7™ Virtual WiFi Control (NEW)
- Manage endpoints from central Administrator's console
- Control how, when, where or if wireless connections are established
- Prevent wireless bridging, ad-hoc connections, and more
- Ensure that users only operate approved hardware
|
- Set minimum security requirements for wireless connections
- Disable connections to potentially dangerous SSIDs
- Customize policies based on location
- Require use of VPNs or other security measures
- Control USB devices, including USB wireless, cellular and storage devices
|
Wireless Policy Manager: The Policy Setup Dialog
Wireless Policy Manager: The USB Device Control Dialog
Create Policies and Maintain Industry Compliance
Wireless Policy Manager allows administrators to create security policies for laptops and mobile devices and maintain compliance with industry regulations.
Using the intuitive Wireless Policy Manager interface, network administrators can define wireless connectivity policies to control how, when, where and if users can connect to wireless networks. Policies can be documented as required to comply with industry mandates such as Health Insurance Portability and Accountability Act (HIPAA)", Sarbanes-Oxley Act (SOX), and Payment Card Industry (PCI) using the convenient reporting tools.
WPM lets you define wireless security policies including:
- Virtual WiFi Control
Windows 7™ Virtual WiFi converts a single physical 802.11 Wi-Fi network interface card into multiple Virtual WiFi devices. The problem with this is that accidental, unauthorized, or insecure use of this feature can increase the likelihood of data leakage, network penetration, and malware propagation. AirPatrol WPM addresses Virtual Wi-Fi security risks by enabling IT Administrators to enforce group-based Virtual WiFi policies.
- AirSafe
Automatic, out-of-the-box protection against multi-homing. AirSafe protects against wireless endpoint vulnerabilities by making wireless and wired connections mutually exclusive AND by allowing only one wireless interface at a time. When AirSafe is enabled, WPM disables WiFi, Virtual WiFi, and Cellular Broadband connections on group endpoints whenever a wired network connection is present. AirSafe completely mitigates the risk of bridging an untrusted wireless network with a trusted corporate wired LAN. This protection applies to cellular broadband connections as well - if there is no wired network connection and a cellular broadband connection is initiated, WPM automatically disables WiFi and Virtual WiFi interfaces for the duration of the cellular broadband session.
- 802.11 Infrastructure Authentication
WEC allows the system administrator to define minimum levels of security that must be used when connecting to wireless networks.
- 802.11 AdHoc Authentication
WEC allows the system administrator to set minimum levels of security used, or completely disable the use of AdHoc wireless networks.
- Virtual Private Network (VPN)
The ability to force the use of a VPN within a specified amount of time. If a VPN connection is not made within the specified interval, wireless network connectivity is terminated protecting the laptop from a potentially unsecure wireless network.
- Connection Exceptions
Allows the administrator to create either a list of permitted or disallowed wireless networks. The network SSID must be present (white list) or not be present (blacklist) in order to allow wireless network connections.
- Endpoint Firewall
The ability to enforce the use of a host-based endpoint firewall prior to allowing wireless network connections.
- Location Aware
The ability to predefine a list of trusted, preferred wireless networks that will be made exclusively available for connection when their presence is detected by WEC. This ensures connectivity control whenever corporate laptops are within range of corporate wireless access network while preventing accidental or intentional wireless connections to uncontrolled (rogue) access points residing off premise.
- USB Device Control
Provides the capability to control what types of USB devices can connect to the WEC enable laptop. For example, the user may be allowed to connect a USB capable mouse while USB mass storage devices are disallowed.
Streamline Administration of Endpoint Security
Through seamless integration with AirPatrol’s Wireless EndPoint Client, administrators can efficiently enforce wireless connectivity best practices to provide comprehensive endpoint protection for business communications, critical information, and IT infrastructure.
Enforce Endpoint Best Practices
Wireless Policy Manager (WPM) puts the wireless administrator back in the drivers seat when it comes to endpoint security. With an easy to use, intuitive user interface and rapid deployment, WPM provides a framework that delivers best of breed wireless security practices to corporate assets. WPM seamlessly protects business communications, critical information, and IT infrastructure and controls how, when, and if a user can connect to the corporate wireless network.
Configuration Options Include:
- Require the use of Check Point™ or other popular VPN clients
- Prevent connections to potentially insecure access points (such as hotspot, wireless, linksys, default etc.)
- Enforce minimum levels of security (WEP, WPA PSK or WPA)
Wireless Policy Manager can also enforce the presence a Check Point Integrity firewall or other end-point firewall before a connection to a wireless network can be made. In addition to these restrictions, administrators can choose to only allow manual connection to certain wireless networks (such as trusted hotspot providers) or completely disable connections to potentially dangerous SSIDs. Administrators can configure which of the control settings can be changed at the client level – or hide the client software altogether – so that all aspects of how and whether a user connects wirelessly is dictated by sanctioned corporate policies.
|
