Published on August 10th, 2011 | by Alexis Argent0
Aruba Fields an Impenetrable Network Based on its Mobile Virtual Enterprise (MOVE) Architecture
Aruba Networks, Inc. which provided and maintained the wireless network for last week’s Black Hat USA 2011 conference in Las Vegas, Nev., today provided some interesting statistics around the network’s use. Black Hat is the world’s largest annual gathering of computer hackers, and has become one of the most important computer and networking security shows as a result.
The device-fingerprinting capabilities of the Aruba network enabled visibility into exactly who was using what on the network. Apple devices were most prevalent at 43.3 percent of all devices (28.4 percent alone for iOS iPad and iPhone, with another 14.9 percent running OS X). Linux users composed 35 percent of the total, while Windows users represented 21.8 percent.
Aruba broadcast three network SSIDs at Black Hat USA 2011: one WPA pre-shared key (PSK) for the conference generally, one PEAP network with user self-registration and one EAP-TLS network (for iOS devices) with Aruba’s Mobile Device Access Control (MDAC) solution.
Aruba’s MDAC solution secures, provisions and manages network access for Apple® iOS and other employee-owned mobile devices. By enforcing network access and quality of service policies for mobile devices, MDAC enables Wi-Fi networks and helpdesk processes to scale in support of bring-your-own-device initiatives.
While the majority of attendees used the Black Hat PSK network, Aruba was pleased to find almost 200 attendees utilizing the PEAP/EAP-TLS “secured” network. This secured network was provisioned using Aruba Amigopod, requiring attendees to accept certificates before being granted network access.
”This scheme seemed to work very well in a hostile environment like Black Hat with no pre-established trust in users or secure means to provision credentials,” said Aruba engineer Robbie Gill, Ph.D., who led the design and deployment of the Black Hat network. “We also managed to capture a huge amount of security events, the most interesting of which were IP spoofing, AP spoofing, Power save DoS attacks and Block ACK attacks. The Aruba controller was configured to block all spoofing attacks and no communication was permitted between users at any network layer in order to protect them from each other. “
The wireless network for the conference, designed and deployed by Aruba Networks, and based on the Aruba Mobile Virtual Enterprise (MOVE) architecture, included more than 30 Aruba AP-134 access points distributed over more than 200,000 square feet in the Caesar’s Palace Conference Center. The network was accessed by more than 2,400 attendees, with 853 as the maximum number of concurrent users. The network detected and contained more than 8,790 independent security events, including 670 rogues, 191 AP flood attacks, 489 instances of AP spoofing, 579 instances of IP spoofing, 1,659 “Hotspotter” attacks and 1,799 “Block ACK” attacks.
About Aruba Networks, Inc.
Aruba Networks is a leading provider of next-generation network access solutions for the mobile enterprise. The company’s Mobile Virtual Enterprise (MOVE) architecture unifies wired and wireless network infrastructures into one seamless access solution for corporate headquarters, mobile business professionals, remote workers and guests. This unified approach to access networks dramatically improves productivity and lowers capital and operational costs.
For more information, please visit out Aruba Products Page