In order to improve wireless auditing with more precise tests that target, and give the right approach to Wi-Fi security, Tarlogic has developed the OWISAM security technology.
OWISAM stands for “Open Wireless Security Assessment Methodology”. Thanks to the use of Creative Commons licenses, everybody can make use of, modify, and improve this technology over time.
The OWISAM security methodology defines a total of 64 technical controls that are grouped into 10 categories, each one specifying a set of tests that are required to run to ensure a successful wireless infrastructure security audit. 2013 OWISAM Controls:
Coverage analysis and rogue APs
Wi-Fi network performance and coverage analysis is one of Tarlogic’s main service areas thanks to our extensive experienced gained as a resulting of the development of our proprietary wireless network monitoring Acrylic Wi-Fi solutions.
The increasing amount of personal devices that go online withing the corporate environment -Bring your own device- has a significant impact on the quality and performance of VoIP and data communications.
Tarlogic has unique tools to automatically create complete Wi-Fi device inventories within a company, analyze AP coverage, measure interference in the readioelectric mean -RF Analysis-, detect the location of a transmitting Wi-Fi device, monitor security using the OWISAM methodology, analyze AP deployment and positioning, and verify channel selection to optimize the wireless network.
The results obtained from a site survey can be used to detect the presence of unauthorized access points (Rogue AP) and their location, greatly reducing the risks of information theft through Wi-Fi networks, and supporting your AP monitoring security procedures.
Check our Wi-Fi performance and coverage security products or contact us to help you with your specific wireless infrastructure needs.
Main security risks
Apart from the security analysis oriented to verify the technical controls, it is possible to perform a wireless audit considering only the 10 main wireless infrastructure security risks.
OWISAM Top 10 define the main wireless network security risks:
- OWISAM-TR-001: Open Wi-Fi communications network.
- OWISAM-TR-002: WEP encryption in communication networks.
- OWISAM-TR-003: Unsecured device key generation algorithm (passwords and WPS)
- OWISAM-TR-004: Dictionary-based WEP/WPA/WPA2 key.
- OWISAM-TR-005: Unsecured authentication mechanisms (LEAP,PEAP-MD5,…)
- OWISAM-TR-006: Device supporting enabled Wi-Fi protected setup PIN (WPS).
- OWISAM-TR-007: Unauthorized Red Wi-Fi.
- OWISAM-TR-008: Unsecured hotspot.
- OWISAM-TR-009: Client trying to connect to an unsecured network.
- OWISAM-TR-010: Coverage range too extensive.
The use of open methodologies for wireless audits and the use of leading software products in Wi-Fi security analysis allow getting the best possible protection or your wireless infrastructure.
Contact Tarlogic to request a quote for a wireless audit and to define the set of Wi-Fi security tests that are required to evaluate your corporate wireless infrastructure.