To test the system, I defined a vendor-based policy for my environment indicating that all deployed APs were from Cisco. Guard generated alarms as soon as I powered up APs from 3Com and Proxim. I created another policy that restricted device roaming by defining a single client MAC (Media Access Control) address to connect to one AP. As expected, the system told me of a roaming breach when the client associated to another AP. The system also provided channel activity by each sensor--suspicious or unauthorized devices and ad hoc networks sparked alerts, as did stations that exceeded the association levels I had defined.
Moving my mouse over an item on the management interface generated a pop-up with useful context-sensitive information. For APs, I received the MAC address, IP address if available and the sensor monitoring the device. The console also let me right-click on certain items for quick access to other system functions, such as sensor manager, alarm manager, access point statistics, station summaries and associations.
Working for You
Guard's Alarm Manager tool preclassifies alarms by severity--critical, major and minor--but I changed the default alarm for APs with SSID (service set ID) broadcast enabled. Additionally, Guard listed all types of alarms from the previous 24 hours and let me drill down by date, time, category of alarm, device and individual sensor. This level of granularity stands out when tracking suspicious activity.
The sensor manager places all sensors in the default group initially, but I created locations and groups within the locations (such as building one, first floor). As with the alarm manager, positioning the cursor over individual sensors displayed a pop-up with context-sensitive summary information, including the sensor's MAC and IP addresses.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
