AirTight Networks' SpectraGuard Enterprise is an 802.11a/b/g wireless Intrusion Prevention System (IPS) that uses a combination of wired and wireless monitoring and selective transmissions to ensure that only authorized clients and Access Points (APs) connect to your wired network wirelessly. Though SpectraGuard gives network administrators tight control over standards-based wireless networks, proprietary technologies such as pre-802.11n (pre-n) multiple-input/multiple-output (MIMO) wireless APs can evade its detection and blocking techniques.
SpectraGuard Enterprise consists of a 1U rack-mountable hardened Linux appliance and SpectraSensor probes that you disperse throughout your facility to monitor wireless frequencies and report back to the server via your wired network. The server compares wired and wireless data to determine whether each AP detected by the SpectraSensors is connected to your wired network and meets your security policy, which can specify allowed AP brands, SSIDs, protocols (802.11a/b/g), and wireless encryption technology.
I tested rogue AP location detection and blocking of both an 802.11g AP and an AP that uses RangeMax, NETGEAR's proprietary MIMO wireless technology. SpectraGuard worked well against the 802.11g AP but failed to even detect the RangeMax AP unless it was operating in 802.11g mode. AirTight says that SpectraGuard 4.0, due about the time this review is published, will have limited MIMO/pre-n detection capability. For an expanded review of SpectraGuard, go to InstantDoc ID 47878.
| Contact: AirTight Networks |
Price: $11,585 for SpectraGuard Starter Kit with one SpectraGuard Enterprise Model SA-200 Appliance, four SpectraGuard SS-200 SpectraSensors, and 1 year of maintenance
Pros: Easily locates rogue APs; doesn't interfere with neighboring wireless APs
Cons: Doesn't defend against MIMO/pre-n APs; location maps require separate purchase
Rating: 3.5 out of 5
Recommendation: Helps ensure only authorized use of wireless networks, but functionality is limited for pre-n MIMO APs.