WiFi Manager 5.6 - Free WiFi Manager Download at Downloadplex.com

WiFi Manager Publisher's description:

from AdventNet, Inc

WiFi Manager offers wireless device monitoring, one-click configuration, access point firmware management, wireless security management and a variety of reports that remove the complexity of wireless network management.

What is WiFi Manager?

WiFi Manager offers wireless device monitoring, one-click configuration, access point firmware management, wireless security management and a variety of reports that remove the complexity of wireless network management. WiFi Manager can detect almost all major wireless threats including rogue attacks, intrusions, sniffers, DoS attacks, and vulnerabilities. With WiFi Manager you'll have complete control over your wireless devices as well as your airspace, and more time to focus on core IT operations.
What problems does it solve?

WiFi Manager makes it easy to have a centralized control over your wireless network, even if it is spread across multi locations. Configure all your wireless devices with a single template. WiFi Manager can also detect any kind of wireless attack and alert about vulnerabilities in the network, empowering you to take the necessary action. Detect rogue access points or users in your wireless network and block them.
What features does it offer?

WiFi Manager detects and mitigates all kinds of wireless attacks and vulnerabilities. It provides a single configuration template for multiple vendor access point models, making it easy for administrators to manage heterogeneous WLANs. It supports 85 models of access points and wireless switches from vendors like Cisco, D-Link, 3Com, Proxim, Netgear, Ericsson etc.
What platforms/vendors/technologies does it support?

Platforms: Windows & Linux.
Vendors: Cisco, D-Link, 3Com, Proxim, Netgear, Ericsson, Symbol, Dell, Lancom, Wavion etc. For full list, go to http://ap.wifimanager.com
Technologies: Supports Fat and Thin (Wireless Switches) wireless access points.

Features :

WLAN Management

WLAN Management involves three primary functions:

* Discovering the WLAN devices
* Monitoring the WLAN devices
* Configuring the WLAN devices

WLAN Management Function 1: Discovering the WLAN devices

Any WLAN Management software would try to discover the WLAN devices, but the effectiveness varies with the approach taken. Few software depend purely on the wired side information resulting in partial discovery of the WLAN devices. The wired side information help in discovering high-end access points, which have proper SNMP support, but not those SOHO grade ones that often bring security problems. To overcome this problem, WiFi Manager employs multiple techniques such as ICMP, SNMP, Telnet, CLI, AP Scan, RF Scan, CDP etc., to discover devices in your WLAN. The dedicated RF sensors that come as additional hardware components with WiFi Manager perform the RF scan and discover every element that is transmitting on the air and ensures a 100% complete discovery of WLAN devices.

WLAN Management Function 2: Monitoring the WLAN devices

Monitoring can be several folds starting with the basic availability monitoring to fault monitoring, performance monitoring, and service monitoring. Standard WLAN management software would provide you with basic availability monitoring that tells you whenever a device goes down. Advanced WLAN management software such as WiFi Manager will provide you with detailed monitoring functions such as:

* Trap reception: When the WLAN device sends a trap, WiFi Manager will receive it and alert the operator
* Severity based color-coded alarms: WiFi Manager assigns severity to every network failure and generates color-coded alarms
* Email-based notification: WiFi Manager notifies operators through email when a fault occurs
* Threshold monitoring: WiFi Manager allows you to set threshold values for key parameters and alerts you when the actual values exceed the set threshold levels.
* Service monitoring: WiFi Manager monitors the services running in your Access Points such as the web service.
* Performance monitoring: WiFi Manager monitors the WLAN devices for various parameters such as Tx/Rx traffic and utilization, datarate, channel usage, errors etc.

In addition to monitoring the WLAN devices for various parameters, WiFi Manager also provides the flexibility of accessing that information in various formats. For ease of use the default format that WiFi Manager uses is PDF. You can configure WiFi Manager to send specific reports to your email id too. And for periodic assessment you can even configure WiFi Manager to send reports at a specified time periodically. Ex: Daily morning 10AM - Send Utilization report to - wlanmanagement@youraddress.com.

WLAN Management Function 3: Configuring the WLAN devices

Today, every access point in the market comes with in-built Web application that enables configuration from any Web browser. But as the WLAN grows in size the number of access points increases resulting in more UIs to look at. Hence the biggest value that a WLAN management software can give is BULK configuration of access points. Operators should be able to group accesspoints and apply configurations at one click. WiFi Manager addresses this problem in two ways. First it supports group based configuration. Second it supports template-based configuration. Operators can pick a template, fill in the relevant values, and then apply the template to select access points.

Configuring the devices for basic settings, radio settings, security settings, access control list settings etc., is just one aspect of configuration. The other is firmware upgrade. WLAN Management software should also enable you to upgrade the access point firmware with as much as ease as configuring the SSID or channel settings. WiFi Manager follows the same template based model for firmware upgrade too. You can import a firmware image into the system, select the access points to which the firmware has to be applied, and then click apply. As simple as that. You can also group access points and upgrade the firmware for the entire group at one click.

Access Point Configuration

WiFi Manager enables IT teams to configure thousands of access points at one click. Wireless LAN administrators can choose any of the configuration templates available in WiFi Manager; fill appropriate values and push configurations to select access points simultaneously. For ease of use WLAN administrators can group access points, based on vendor/model/firmware/channel etc., and push configurations to select group. WLAN administrators can also import configurations from an existing access point. WiFi Manager configuration management capabilities include:

* AP express (basic) configuration
* AP radio configuration
* AP ACL configuration
* AP security configuration
* AP services configuration

AP express configuration

Express configuration includes the minimum basic configurations that are required to make an AP live. Parameters that can be configured using the basic configuration template include:

* SSID – service set identifier for the access point
* Allow broadcast SSID – enable/disable AP to broadcast the SSID
* Allow auto channel select –enable/disable AP to auto select the channel
* Channel – specify the channel at which the AP operates (applicable only if allow autochannel select is NO)
* Name – name of the access point
* System Location – sysLocation value of the accesspoinOt
* System Contact – sysContact value of the access point
* Use DHCP – enable/disable DHCP mode in AP
* LAN IP –IP address of the AP (applicable only if Use DHCP is NO)
* Subnet Mask – mask value
* Gateway IP – IP address of the gateway
* DNS server IP – IP address of the DNS server

Radio configuration

Depending on whether the AP is 802.11a or b/g the radio configurations will vary. WiFi Manager provides separate radio configuration templates for each of the modes. Parameters that can be configured using the radio configuration template include:

* Enable radio
* Allow auto channel select
* Radio channel
* SSID
* Allow broadcast SSID
* Radio preamble
* Data rate
* Fragmentation Threshold Enable Disable
* Fragmentation Threshold Value
* RTS Threshold Enable Disable
* RTS Threshold Value
* Max RTS/CTS Retries
* Max Data Retries
* Beacon Period
* Data Beacon Rate
* Receive Antenna Left Right Diversity
* Transmit Antenna

Access control configuration

WLAN administrators can deny or allow network access to wireless clients by configuring the ACL settings in the access points. Using WiFi Manager, the following two types of configurations can be set in ACL.

* Block – prevents access to specified MAC addresses and allows others
* Pass through – allows only the specified MAC addresses and blocks others

Security configuration

WiFi Manager helps administrators to configure SSIDs for various security modes including:

* WEP – Encrypts data. You have to provide WEP keys
* 802.1x – Enables user authentication. You need atleast one RADIUS server
* WPA – 802.1x + TKIP + dynamic key distributionWPA PSK – Uses pre-shared key instead of RADIUS
* Mixed mode – Allows both WPA as well as non-WPA clients

Services configuration

Management services such as SNMP, HTTP, Telnet, and NTP running in access points can be configured using WiFi Manager. Parameters that can be configured include:

* SNMP: Enable/Disable, Read/Read-Write Community, Trap Destination/ Community, Enable Trap Notifications
* HTTP: Enable/Disable, HTTP Port
* Telnet: Enable/Disable, Telnet Port
* NTP: Enable/Disable, NTP Server Address

AP Firmware Maintenance

WiFi Manager enables IT teams to upgrade firmware of access points. Wireless LAN administrators can import the firmware image into WiFi Manager and apply it to select access points simultaneously. For ease of use WLAN administrators can group access points, based on vendor/model/firmware/channel etc., and apply firmware to select group. WLAN administrators can also schedule the upgrade to happen at a later time. WiFi Manager firmware management capabilities include:

* Firmware upgrade to single access point
* Firmware upgrade to multiple access points
* Scheduled firmware upgrade
* Firmware audit

Firmware upgrade to single access point/ multiple access points

WiFi Manager allows Wireless LAN operators to import the latest firmware image into the system. Once imported the firmware can be associated to any number of access points.

Scheduled firmware upgrade

Critical maintenance operations such as firmware upgrade are better done at off-office hours where there is less wireless traffic. WiFi Manager can schedule these upgrades for later execution and thus enables Wireless LAN operators to carry on maintenance operations even at their absence.

Firmware audit

Every firmware upgrade that is executed using WiFi Manager is logged in the system for later auditing. The status of the upgrade, whether it was success or a failure, is also logged in along with the list of access points to which the firmware was applied.

Rogue Access Point Detection

Rogue Access Point detection is a two step process starting with discovering the presence of an Access Point in the network and then proceeding to identify whether it is a rogue or not.
Step 1: Discovering the AP

Some of the very commonly used techniques for AP discovery are:

* RF scanning
* AP scanning
* Using wired side inputs

RF scanning: Most WLAN IDS vendors follow this technique. Re-purposed access points that do only packet capture and analysis (a.k.a RF sensors) will be plugged all over the wired network. These sensors will be quick to detect any wireless device operating in the area and can alert the WLAN administrator. But the draw back of these sensors is the possibility of dead zones, which are not covered by the sensors. If a rogue Access Point finds its place in any of these dead zones, it might go unnoticed till more sensors are added.

AP Scanning: Few Access Point vendors have this functionality of detecting neighboring Access Points. If you deploy such Access Points in your WLAN it will automatically discover APs operating in the nearby area and expose the data through its web interface as well as its MIBs. Though it is a very useful the ability of the AP to scan neighboring devices is limited to a very short range. Rogue APs operating outside this coverage area will go unnoticed. Moreover this works only for those who deploy APs with such functionality.

Wired Side Inputs: Most network management software use this technique to discover Access Points. These software use multiple protocols to detect devices connected in the LAN, including SNMP, Telnet, CDP (Cisco Discovery Protocol – specific to Cisco devices) etc. This approach is very reliable and proven as it can detect an AP anywhere in the LAN irrespective of its physical location. Moreover, wireless NMSs can not only discover the AP but also constantly monitor it for health and availability. The bandwidth utilization of the AP over a period of time can be obtained and plotted in a graphical format. For ease of troubleshooting the operator can set thresholds on various AP parameters to get notified prior to the occurrence of a fault. The limitation with this method is that any AP that doesn’t support SNMP/Telnet etc., will go unnoticed by the network management software.
AP Discovery Method WLAN IDS Systems WLAN NMS
RF Scan
AP Scan
Wired Inputs
Step 2: Identifying whether the discovered AP is a rogue access point or not

Once an AP is discovered, the next step is to identify whether it is a rogue access point or not. One way to do this is to use pre-configured authorized list of APs. Any newly detected AP that falls outside the authorized list would be tagged rogue. Some of the different ways in which IT managers can populate the authorized list are:

* Authorized MAC
* Authorized SSID
* Authorized Vendor
* Authorized Media Type
* Authorized Channel

Authorized MAC: IT administrators can import ACL settings to WiFi Manager or type in the MAC address of authorized Access Points in the network. This enables the rogue detection tool to alert WLAN administrators whenever AP with a different MAC is detected.

Authorized SSIDs: Enterprises would in most cases standardize on the authorized SSIDs that needs to be used. These SSIDs can be fed to the rogue detection tool so that it alerts WLAN administrators whenever an AP with a different SSID is detected.

Authorized Vendor: Many enterprises standardize their WLAN gear and prefer to add only those vendor devices as they grow. This enables the rogue detection tool to alert WLAN administrators whenever AP from a vendor other than the one standardized is detected.

Authorized Radio Media Type: Enterprises sometimes standardize on 802.11 a,b,g, or bg Access Points. This enables the rogue detection tool to alert WLAN administrators whenever AP with different radio media type is detected.

Authorized Channel: Sometimes enterprises may want their APs to operate on select channels. This enables the rogue detection tool to alert WLAN administrators whenever AP operating in a different channel is detected.

Rogue Access Point Blocking

Once a rogue AP is discovered the next immediate step is to block the AP from the network so that the authorized clients don’t associate with it. There are two ways of blocking the rogue APs.

1. Tit for Tat: Launch a Denial-of-service (DoS) attack on the rogue AP and make it deny wireless service to any new client.
2. Pull it out of the network, manually
3. Blocking the switch port to which the AP is connected.

Launching a DoS attack on the rogue

AP Most Wireless IDS vendors follow this practice. This is kind of using offense for defense. Once a rogue AP is detected the WLAN administrator can use the sensor to launch a DoS attack on it by sending numerous disassociation packets."
http://www.manageengine.com/products/wifi-manager/images/rogue-blocking-disassociation.jpg" Figure 1: Rogue blocking by sending disassociation packets

How disassociation attack works?

IEEE 802.11 defines a client state machine for tracking station authentication and association status. Wireless clients and APs implement such a state machine (refer illustration below) based on the IEEE standard. A successfully associated client station stays in State 3 in order to continue wireless communication. A client station in State 1 and State 2 cannot participate in the WLAN data communication process until it is authenticated and associated. IEEE 802.11 also defines two authentication services: Open System Authentication and Shared Key Authentication. Wireless clients go through one of the two-authentication process to associate with an AP.

Disassociation Flood Attack is a form of denial of service attacks that forces a client to the unassociated/authenticated state (State 2) by spoofing disassociation frames from the AP to a client. Typically, client stations would re-associate to regain service until the attacker sends another disassociation frame. An attacker would repeatedly spoof the disassociation frames to keep the client out of service."http://www.manageengine.com/products/wifi-manager/images/denial-disassociation-flood-broadcast.gif" Figure 2: Disassociation Attack Model Diagram

Pulling an AP off the LAN

This is manual work. The administrator can walk up to the rogue AP and pull it off the LAN. In many cases it would be an over enthusiastic employee who has installed the AP for wireless communication.
Blocking the switch port

Wireless network management software offers this functionality. Once the rogue AP is detected the software will look for the rogue AP’s MAC address in all the switches connected in the LAN. The port at which the MAC is connected can then be blocked for any LAN traffic. This would automatically prevent the clients connected to the AP from dropping the connection and get associated to the nearest AP. This is a very effective technique."http://www.manageengine.com/products/wifi-manager/images/switch-port-blocking.jpg" Figure 3: Switch Port Blocking using WiFi Manager

Rogue Client Blocking

Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.
Rogue Client Detection Technique 1: Look for abnormal behavior

Some of the behaviors (of the mobile client) that could potentially spell danger are:

1)Client sending frames with prolonged duration

When a client sends frames with prolonged duration, other clients in the network have to wait till the specified duration to use the RF medium. If the client continuously sends frames with such high duration, then it can prevent other clients from using RF medium and remain unassociated forever.

How duration attack works?

WLAN devices perform virtual carrier sensing prior to using the RF medium. Carrier sense minimizes the likelihood of two devices transmitting simultaneously. Wireless nodes reserve the right to use the radio channel for the duration specified in the frame. A general 802.11 frame format would look similar to what is shown below."http://www.manageengine.com/products/wifi-manager/images/80211-frame-format.jpg" Figure 6: General format of 802.11 packet

The duration value in the frame indicates the duration in milliseconds for which the channel is reserved. The Network Allocation Vector (NAV) stores this duration information and is traced for every node. The basic rule is that any node can transmit only if the NAV reaches zero or in other words no one has reserved the channel at that time. Attackers take advantage of the NAV. An attacker can send frames with huge duration values. This would force other nodes in the range to wait till the value reaches zero. If the attacker is successful in sending continuous packets with huge durations, then it prevents other nodes from operating for a long time and thereby denying service."http://www.manageengine.com/products/wifi-manager/images/duration-attack.jpg"Figure 7: Rogue client launching a duration attack on WLAN

2)Unassociated client sending packets

A client can decide not to connect to the Access Point but still send out wireless packets (mostly broadcasts, associations/authentication requests). Typically, this behavior can be attributed to malicious clients or attackers who want to gain knowledge on your wireless network. When normal authentication procedures deny access to such attackers, they choose to inject forged packets into the wireless network by staying unconnected.

3)Device probing for �?any’ SSID

Access points if not configured properly allow clients to connect with �?any’ SSID. This is a vulnerability, which the WLAN administrator should identify and stop beforehand. If a client tries to connect using �?any’ SSID it would most probably be a rogue client.
Rogue Client Detection Technique 2: Look for unauthorized clients

Rogue clients can also be detected by pre-configuring the authorized list of clients in the network. Some of the different ways in which IT managers can populate this authorized list are:

Authorized MAC: WLAN administrators can import the list of authorized clients’ MAC address into WiFi Manager. This enables WiFi Manager to trigger an alarm whenever it sees a client with a different MAC address.

Authorized SSIDs: WLAN administrators can import the list of authorized SSIDs into WiFi Manager. This enables WiFi Manager to alert the administrators whenever a client tries to associate with the WLAN using a different SSID.

Authorized vendor: If an enterprise standardizes on vendor for client adaptor, then WLAN administrators can configure WiFi Manger to trigger alarm if it sees adapters from a different vendor.

Rogue Client Blocking

Once a rogue client is detected, WLAN administrator should shut down the client from the network. Most common method of keeping rogue clients away is by configuring their MAC address in the Access Point’s Access Control List (ACL). ACL determines whether to deny or allow a client to connect to the Access Point. WLAN administrators can specify the rogue client’s MAC address in the ACL of all authorized Access Points to keep the rogue client off the network for ever.
"http://www.manageengine.com/products/wifi-manager/images/rogue-client-blocking.jpg" Figure : Blocking rogue client using WiFi Manager

Prevention is better than cure. This paradigm holds good for Wireless LAN to a great extent. Do you know that 60% of all successful rogue attacks succeed due to faulty configurations? It is that small choice of SSID or that improperly set security settings in your access point that punches a big hole in your corporate security shield.

WiFi Manager uses RF sensors to detect almost all known wireless LAN vulnerabilities prior to they become pathways for attacks. Following is the list of vulnerabilities that WiFi Manager can detect. Click on each attack to learn more.

* Default SSID in use "http://www.manageengine.com/products/wifi-manager/default-ssid-in-use.html"

* AP Broadcasting SSID "http://www.manageengine.com/products/wifi-manager/ap-broadcasting-ssid.html"

* AP with WEP disabled "http://www.manageengine.com/products/wifi-manager/wep-disabled.html"

* Weak WEP IV used "http://www.manageengine.com/products/wifi-manager/weak-wep-iv-used.html"

* Adhoc network operating "http://www.manageengine.com/products/wifi-manager/adhoc-network-in-operation.html"

* Authorized Client Connected to Rogue AP "http://www.manageengine.com/products/wifi-manager/authorized-client-connected-to-rogue-ap.html"

* AP using hotspot SSID "http://www.manageengine.com/products/wifi-manager/ap-using-hotspot-ssid.html"

* EAP disabled "http://www.manageengine.com/products/wifi-manager/eap-disabled.html"
You can free download WiFi Manager 5.6 now.

System Requirements:

No special requirements.

- Download WiFi Manager 5.6 free