Evil Twin

It’s your lunch break, so why not browse this season’s latest fashion. You think green brings out the colour in your eyes, but the hacker next door thinks blue is more your colour.

Using only a $99 pin testing tool, hackers can locate nearby access points, copy the Wi-Fi SSID name and MAC Address and start their Evil Twin access points. Tricking your laptop into thinking it’s on the original, secure network. The victim is now connected to the hacker’s Evil Twin access point, allowing traffic to flow through the attacker’s cell phone, so no logs or history of anything is ever going to be tracked. Victims are usually unaware of the Evil Twin attack, as the attackers allow the victims to access their intended destinations and the SSID appears legitimate. In a Trusted Wireless Environment, secure Wi-Fi settings will detect and neutralise the Evil Twin.

WatchGuard is the only vendor to automatically block this threat.

Misconfigured Access Point

You’re not an IT professional, but you’re the most tech-savvy person at work, so when corporate asks someone to deploy a new access point, you are elected for the task. Following the instructions to a T, you install the new AP and begin to broadcast an open SSID, leaking private data like a sieve. Not every business has their own IT professional and they’re often left to fend for themselves.

A Misconfigured AP is one that accidentally doesn’t have the right security settings, such as SSID encryption settings or the factory default settings are left, as is. In a Trusted Wireless Environment, SSIDs that violate the authorised WLAN policy, are detected and the Misconfigured AP is neutralised until IT reconfigures the AP.

WatchGuard is the only vendor to instantly detect and automatically prevent clients from connecting to Misconfigured APs.

Rogue Access Points

The faucet in your kitchen is dripping, so you head to your local big-box store to get the parts to make the repair. You picked out the supplies, wait in line, insert your card into the chip reader and send your credit card information to a nearby hacker. If someone gains access to a company’s private, secure network, plugging in the cheapest AP money can buy, they can hijack point of sales systems to reveal credit card numbers. This doesn’t exclude the attacker from access to things like security cameras, door lock controls and any other systems dependant on the network. If that big-box store would’ve used a Trusted Wireless Environment framework to deploy their Wi-Fi solution, it would have detected and neutralised the Rogue AP. In a Trusted Wireless Environment, the only APs on the network are the ones that were bought and deployed. Any other Wi-Fi device would be instantly shut down and disabled.

WatchGuard is the only vendor to support automatic detection and prevention of Rogue APs.

Rogue Client

You’re a health care professional, who is halfway through your shift. It’s time for a quick, pick-me-up at the third-floor café. Luckily, you were able to get the last muffin, but unfortunately, you also picked up some ransomware on your hospital-issued tablet. When you entered the café, your tablet connected to the guest Wi-Fi because you have connected to their Wi-Fi in the past. Coincidently, that day, someone had set up an Evil Twin access point, tricked your tablet and deployed the ransomware on your device. Their intention is to use your device to spread ransomware across the hospital, without the hassle of bypassing perimeter network security. The framework of a Trusted Wireless Environment is intelligent enough to know if a device fell victim to a Wi-Fi attack and then prevent the infection from spreading.

WatchGuard is the only vendor to support automatic detection and prevention of Rogue Clients.

Ad-Hoc Network

The meeting is starting, and your boss needs that file, 5 minutes ago. It would take too long to use the corporate-approved secure network file sharing, so you send directly, from laptop to laptop. You may be doing your boss a favour, but you just opened the door to potential legal repercussions. A peer-to-peer Wi-Fi connection between clients can circumvent network security and allows clients to evade firewalls and content security controls. In a Trusted Wireless Environment, your Wi-Fi would automatically detect and neutralise the Ad-Hoc file-sharing connection, which stops employees from sharing directly from device to device. Ensuring the use of approved, network file sharing methods.

WatchGuard is the only vendor to automatically detect and prevent endpoints from communicating over Ad-Hoc Wi-Fi connections.

Neighbour Access Point

Music helps you work more efficiently, but your companies firewall restricts your access to streaming music. That’s an easy fix, you use your phone as a mobile hotspot and like that, you’re jamming through all that work, while providing hackers with a clear path past your company’s perimeter security. Connecting to a Neighbour AP, like a public or mobile hotspot, or city Wi-Fi while at work can bypass a company’s perimeter security and is the easiest way around a company’s firewall. In a Trusted Wireless Environment, each authorised client only connects to authorised APs that are within range.

WatchGuard is the only vendor to automatically block client connections to Neighbour APs.