Hi team, My customer inquired whether airdefense was able to support "Black box prenetration test". Do anybody have gone through this question? Thanks!! zhiguo
PCI standard "black box prenetration testing"// Expert user has replied. |
PCI standard "black box prenetration testing"// Expert user has replied.Hi team, My customer inquired whether airdefense was able to support "Black box prenetration test". Do anybody have gone through this question? Thanks!! zhiguo |
Subscribe to email updates
Monthly updates from our Zebra development team, straight to your inbox.
4 Replies
Hi guys, No WVA is not a blackbox penetration testing tool. It's a wireless network vulnerability scanner meant to detect network vulnerabilities. The AirDefense Wireless Vulnerability Assessment module addresses PCI DSS v1.2 requirement 1.2.3, essentially ensuring that your cardholder data network/systems are properly segmented from the wireless networks. This requirement is two-fold. First there is the requirement detailing how the network should be configured, and then there is the "validation" that it's configured correctly. WVA validates that the wireless is properly segmented from the cardholder data, thus validating that firewalls, wireless switch firewalls/ACLs, and other layers of defense are properly segmenting the two networks. Therefore it's not meant to directly address the PCI penetration testing requirements. But aside from PCI, WVA does have many correlations to enterprise wireless networks. Specifically, think about how retail stores are tested for PCI. A "sampling" is used quarterly or annually to perform wireless war walking and penetration testing. But if you're Walmart and you have 5000+ stores, do you really feel all 5000 stores are configured correctly because 5 tested ok? Probably not, it's a false sense of security, and since humans configure the networks, there's a high-probability that something is not configured correctly at one or more stores. What this tool provides is the ability to test ALL STORES. AirDefense can be used to not only validate (based on a customer-defined policy) that all APs are configured correctly, but also that wireless network is properly segmented from the wired network (and cardholder data). I can honestly say, EVERY single customer who has used WVA, has found an exposed system or network that they did not realize was exposed to the wireless network. This can also apply to companies with a corporate WLAN and a separate Guest WLAN. We found a customer who determined that although they had implemented two discretely separate networks for this (hardware and everything), that someone had run a hub between the two networks thus creating a bridge. WVA found the problem immediately. Any war driver in the parking lot could have gotten on the Guest network and then could have ridden that network over to the Corporate network. Just a few applications for this WVA module within AirDefense. Hope that helps. Best Regards, - Mike Raggo/Product Manager/AirDefense
Hi both, Thanks for you reply, it seems that we only support debit card security protection(PCI DSS V1.2) zhiguo
Hi both, sorry for error input in before reply. Pls ignore it. Thanks again for your help zhiguo
Black box penetration testing is typically a scenario in which the tester attempts to penetrate a network without any prior knowledge of the installed systems. Air Defense Enterprise/ADSP has the ability to perform wireless vulnerability assessments, however this requires that air defense be configured with SSID/Security information to perform this testing, thus I would not classify this as black box penetration testing from the wireless client perspective (IMO, Marketing may disagree :-)).
For more details on PCI penetration testing, I suggest reviewing the attached PDF. For more details on the WVA module, check out the datasheet and presentations located here: http://www.airdefense.net/products/servicesplatform/securitycompliance/…;.