SECUI – Next Generation Wireless Intrusion Prevention System Solution
BLUEMAX WIPS is a next-generation wireless intrusion prevention system
that can prevent security threats of Wi-Fi 6E (802.11ax). It can block connections of individual unauthorized/illegal APs and wireless devices which use PMF (802.11w). Also, BLUEMAX WIPS has implemented intelligence indepth analysis engine so that it could detect, block and analyze wireless security threats which offers fast and intelligent response from wireless intrusion prevention
to wireless security accident forensics.
Prevention SystemBLUEMAX WIPS
Product Description
Intelligent Wireless Threat Response System BLUEMAX WIPS
Next-Gen WirelessSecurity System Response
- It’s possible to individually block unauthorized/illegal AP which uses Wi-Fi 6, and unauthorized devices.
- Multilayer wireless LAN security environment can be established by enhancement of wireless LAN security through WPA3 ™ (PMF) security setting.
* Multi-layer security system– Enhancement of wireless security system -> Using PMF
– Response against wireless threats(Blockage of PMF) -> BLUEMAX WIPS
Rapid Blocking andStable Operation
Real-Time Security Threat Response
- Minimization of time for optimized scan algorithm for all Wi-Fi channels
- Simultaneous blockage with detection(Within 1 second)
Continue to Respond to Security Threats
Continuous response against security threats by operation of independent sensor mode in case of error occurrence of all sensor controllers
Uninterrupted Operation and Management
Non-stop operation and management through automatic Fail-over in case of error occurrence of high-Availability (Active-Standby) master equipmenmt
Intelligent WirelessSecurity Threat Analysis
Key Elements of Wireless LAN Security Accidents In-depth Analysis & Accident Response
- Detail information and history of detected sensor
- Detail information and history of detected device
- Detail information and history of AP which is connected of attempted to connect
- Behavior detection, threat level, location of threat, and location tracking
- Event results and policy
Convenient Operation
Provision of optimized monitoring for security operation, control, and management, as well as statistics and analysis
Features
Next-gen security technology intelligently analyzes, detects, and blocks wireless security threats.
Wi-Fi 6E Full Support
It can detect and block Wi-Fi standards (802.11 a/b/g/n/ac/ax), as well as individually block unauthorized/illegal AP using PMF (802.11w) and unauthorized devices.
Quick Detecting and Blocking
With the optimized scanning algorithm, wireless security threats are quickly detected and blocked (performance that blocks within 1 second after detection).
In-Depth Analysis and Accident Response
The five-step in-depth analysis function, which are Sensor-ClientAP-Behavior-Action, as well as forensic information makes it possible to response against accidents efficiently.
Key Functions
Sensor-Terminal-AP-Active-action-action five-step deep analysis engine available Intelligent response from wireless intrusion prevention to wireless security incident forensics.
| Wireless Threat Detection & Blocking | Wireless LAN Management | Statistics and Reports |
| Detail policy set-up according to various wireless threat categories, and quick detection and blocking throughout all channels of Wi-Fi is available. | Supports automatic classification of detected devices through advanced rule setting, and provides access status, detailed information, and location information of APs and devices. | Statistics of sensors, APs and devices according to classification criteria, and daily/weekly/monthly custom reports are provided. |
| Intelligent In-Depth Analysis & Accident Response | Wireless LAN Security Control | Various Configuration Environments Support |
| Incident response and forensics provided by indepth analysis based on 5 elements: Sensor-ClientAP-Behavior-Action, location estimation, and location tracking. | Wi-Fi connection status (AP↔Device), realtime events, in-depth analysis are provided for wireless security control monitoring. | Supports various wired and wireless networks, and continuous wireless security threat response through independent mode, and automatic fail-over functions. |
Expected Effects
Wireless Security Compliance
It is possible to build a wireless intrusion prevention system to comply with important laws and regulations, such as illegal use of wireless LAN, unauthorized access and use of wireless LAN, and prohibition of installation of wireless communication networks at major facilities.
Construction of Next-Gen Wireless LAN System
Wireless security can be enhanced to wireless LAN multilayer security system through BLUEMAX WIPS that can strengthen the wireless LAN security by setting WPA3 (using PMF) and block the intrusion of unauthorized devices (PMF individual blocking technology).
Enhanced Efficiency in Security Ops & Ctrl
Minimizes burden in operation through functions such as simple policy setting and automatic classification of detected devices. Moreover, in-depth analysis function and provision of forensic information enables to analyze accidents quickly so that security control can be performed efficiently
Configuration Diagram
BLUEMAX Network Security Architecture
N-Site Configuration
WIPS Controller Head Office/DC build
Branch Sensor Integrated Remote Management over VPN
HA Configuration
Active-standby Support
Automatic fail-over support in case of failure
3rd Party Solutin Linkage
Integrated Login Server / Authentication Server / Policy Management Solution Wireless Lan Controller /
Linkage with MDM or etc.
Supported Protocols : LDAP, RADIUS, TACACS, SNMP, Syslog, OpenAPI(RestAPI)
Software Specification
| Wireless Standard | WLAN Management |
|---|---|
| Wi-Fi 6E (IEEE 802.11 a/b/g/n/ac/ax) support | Auto classification by threat level (authorized/unauthorized/violation/illegal/external/visitor) |
| 802.11w(PMF) blocking (connections of individual APs/Devices) | AP/Device group policies, validity settings, and access permission |
| Dual-band(2.4GHz, 5GHz) Detection/Blocking | SSID multilingual support, hidden SSID detection |
| Wireless Threat Detection and Blocking | WLAN connections and detail information |
| Unauthorized, illegal or violation AP detection and blocking | Wireless device location estimation and location tracking |
| Unauthorized device detection and blocking | Wireless security analysus based on device-AP-sensor information |
| SSID replication and MAC spoofing detection and blocking | Supports forensic through event history management based on time series |
| Mobile/portable hotspot detection and blocking | System |
| Wi-Fi Direct/WDS/WPS/WEP Crack detection and blocking | High availability(HA) support and automatic fail-over supported for controllers |
| Malformed wireless packet detection | Sensor independent mode supported when communication failure |
| Wireless DoS attack and RF interference detection | Encryption supported for communication between sensors and controllers |
| Event notification through pop-up, syslog, and e-mail | HTML5 based GUI, TLS v1.3 supported |
Hardware Specification
| BLUEMAX WIPS (Sensor) | 602 | 622 | 624 | 624(OD) |
|---|---|---|---|---|
| RF, Antenna | 2.4/5GHz, 2 x 2 | 2.4/5GHz/6GHz, 2 x 2 | 2.4/5GHz/6GHz, 4 x 4 | 2.4/5GHz/6GHz, 4 x 4 |
| Interface | 2x 1GbE, 1x 5GbE | 1x 1GbE, 1x 2.5GbE | 2x 1GbE, 1x 5GbE | 2x 1GbE, 1x 5GbE |
| Power | PoE (802.3af), Adapter | PoE (802.3at), Adapter | PoE+ (802.3at/bt), Adapter | PoE+ (802.3at/bt), Adapter |
| Dimension (HxWxD) | 175x175x45 | 175x175x45 | 235x235x45 | 275x275x102 |
| Weight (g) | 470 | 730 | 1,230 | 3,200 |
| Temperature (Operation) | 0~50ºC | 0~50ºC | 0~50ºC | -40~60ºC, IP Code(Ingress Protection Marking) : IP67 |
| BLUEMAX WIPS (Controller) | 1000 | 2100 | 3100 | 5100 | |||
|---|---|---|---|---|---|---|---|
| CPU | 2 Core | 4 Core | 6 Core | 8 Core | |||
| Memory | 8GB | 16GB | 16GB | 16GB X 2 | |||
| Storage | System | SSD 250GB | HDD 1TB | HDD 1TB | HDD 2TB | ||
| Log | SSD 250GB | SSD 500GB | SSD 500GB x 2(RAID) | SSD 500GB x 2(RAID) | |||
| Interface | 4x 1GbE | 2x 1GbE | 2x 1GbE | 2x 1GbE | |||
| Power Supply | DC Adapter | Redundant | Redundant | Redundant | |||
| Dimension (HxWxD) | Desktop (43x254x226) | 1U (43x437x507) | 1U (43x437x507) | 1U (43x437x507) | |||
| Number of Sensors (max) | 50 | 200 | 400 | 1,000 |
Currently, Tech Horizon is the official distributor of SECUI in the Vietnamese market.
We are pleased to offer your organization comprehensive consultation and installation services, featuring competitive investment costs, a diverse range of solutions, and dedicated technical support.
Please feel free to contact us for further assistance.
————————————————————————-
TECH HORIZON CORP
Head Office: No. 22, Street No. 9, Trung Son Residential Area, Binh Hung, Binh Chanh District, Ho Chi Minh City
Hanoi Office: 4th Floor, Sport Hotel, Hacinco Student Village, Thanh Xuan District, Hanoi
Website: https://techhorizonvn.com
Email: info@techhorizonvn.com
Phone: 028 5431 6046 or 024 6286 2118
Fanpage: Tech Horizon Vietnam