International Standard for Information Security (ISO 27001)

Designated Official:
Time Period: 14:34:17 Monday, January 29, 2007
Introduction to ISO 27001*1

What is ISO 27001?

ISO 27001 is an International Standard for information security that requires organizations to implement security controls to accomplish certain objectives. The
standard should be used as a model to build an Information Security Management System (ISMS).

What is an ISMS?

An ISMS is part of an organization's system that manages networks and systems. It aims to “establish, implement, operate, monitor, review, maintain, and improve
information security” commensurate with the perceived security risks to the business of the organization.

Who and what is affected by ISO 27001

As a model for information security, ISO 27001 is a generic standard designed for all sizes and types of organizations including governmental, non-governmental,
and non-profit organizations. It requires the managing body of an organization to plan, implement, maintain, and improve an ISMS. *2

The ISMS model ensures the selection of adequate security controls based on organizational objectives to protect all information assets, including both wireline
and wireless assets.

When is ISO 27001 effective?

ISO 27001 was published and came into effect on October 15, 2005.

1. The ISO 27001 standard is cited as ISO/IEC 27001:2005 International Standard. The ISO (International Organization for Standardization) and the IEC
(International Electrotechnical Commission) are international bodies whose members participate in developing international standards through techical
committees. The ISO/IEC 27001 was prepared by the Joint Technical Committee ISO/IEC
JTC 1, Information technology, Subcommittee SC27, IT Security techniques. For more information see http://www.17799central.com/iso-27001.htm.

2. In the United Kingdom, ISO 27001 is a direct replacement for BS7799-2:2002. It is also the preferred operative business process management system even

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

How does an organization comply with ISO 27001?

An organization's ISMS is driven by its business needs and objectives, security requirements, and processes in light of its size and organizational structure.

To comply with ISO 27001, organizations must plan, establish, maintain, and improve an ISMS policy that includes objectives, processes, and procedures to
manage risk and improve information security.

Planning, implementing, and operating an ISMS uses the controls, processes, and procedures in ISO 27001, along with the implementation guidelines referenced
in ISO/IEC 17799:2005 ( Information technology - Security techniques - Code of practice for information security management) (Hereinafter ISO 17799).*3

Does an organization also have to comply with ISO 17799?

No. ISO 17799 provides guidelines to implement the security controls required by ISO 27001. Organizations will comply with and be certified with ISO 27001.

What exactly does an organzation have to do to comply with ISO 27001?*4

Implement plans, processes, and controls to attain certain objectives in information security that relate to an ISMS (Information Security Management System),
management responsibility and review of the ISMS, internal ISMS audits, and ISMS improvements.

The specific security controls to implement per ISO 27001 are found in Annex A of the International Standard. They are organized around clauses and can be
directly referenced to ISO 17799 for implementation guidelines. The clauses are organized around the following numbered topics that correspond to the standard:

5. Security Policy
6. Organizing Information Security
7. Asset Management
8. Human Resources Security
9. Physical and Environmental Security
10. Communications and Operations Management
11. Access Control
12. Information Systems Acquisition, Development and Maintenance
13. Information Security Incident Management
14. Business Continuity Management
15. Compliance

3. The ISO/IEC 17799 was also prepared by the Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security
techniques.
4. This report is not a contract and does not guarantee an organization's compliance with the ISO 27001 Standard. The organization is responsible for its correct
application. Also note that compliance with the International Standard does not provide immunity from legal obligations.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

How can AirMagnet help an organization comply with ISO 27001?

AirMagnet helps an organization implement security controls for wireless networks and devices to help comply with the requirements of ISO 27001, an
international industry standard for security.

Using AirMagnet products, organizations can establish, maintain, and improve information security and obtain valuable reports to review whether specific wireless
assets are within the organizaion's security requirements as identified by the ISO 27001 standard.

AirMagnet will locate and identify wireless devices on an organization's network and provide device-level alarms to document and design an information security
system. It performs stateful analysis of wireless communications to identify more than 135 classes of threats in real time and analyzes the effectiveness of
implemented controls on all wireless devices. AirMagnet determines whether or not the wireless network and specific wireless devices are in compliance with the
requirements set by the organization per the ISO 27001 standard.

AirMagnet system-level and device-specific Compliance Reports for ISO 27001 will verify and record an organization's efforts to comply with ISO 27001 as well
as other industry, legal, and regulatory requirements such as the PCI (Payment Card Industry) standard, GLBA (Gramm-Leach-Bliley Act), HIPAA (Health
Information Portability and Accounting Act), and Sarbanes Oxley Act of 2002.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

AirMagnet Disclaimer
ISO 27001 Policy Compliance Reports™

AirMagnet Enterprise ISO 27001 Policy Compliance Reports™ provide a security framework to comply with ISO 27001 and enable an organization to plan,
establish, maintain, and improve an Information Security Management System (ISMS). An ISMS includes objectives, processes, and procedures to manage risk
and improve information security.

The Policy Compliance Reports focus on wireless network security in an ISMS and aim to guide network administrators in documenting their wireless security
policies and responding to wireless security threats and incidents in compliance with ISO 27001 and its implementation guidelines found in ISO/IEC 17799:2005
Information technology - Security techniques - Code of practice for information security management.

AirMagnet operation is limited to wireless networks and devices operating in the unregulated radio frequencies (2.4 - 5 GHz). It operates and reports on networks
and devices that use wireless technologies. It does not apply to wire-line networks and devices not operating in the wireless spectrum.

AirMagnet Policy Compliance Reports provide information about the law and are designed to help users satisfy government regulations. This information,
however, is not legal advice. AirMagnet has gone to great lengths to ensure the information contained in the Policy Compliance Reports is accurate and useful.
AirMagnet, Inc. recommends you consult legal counsel if you want legal advice on whether our information and software is interpreted and implemented to fully
comply with industry regulations.

The information contained in the Policy Compliance Reports are furnished under and subject to the terms of the Software License Agreement (“License”). The
Policy Compliance Reports do not create a binding business, legal, or professional services relationship between you and Airmagnet, Inc. Because business

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

1/ System Level Compliance Report
AirMagnet ISO 27001 Compliance Reports
This report summarizes your network’s overall compliance with the ISO27001 on a per-policy basis.

ISO 27001 Directive Compliance

Section 4.1. AirMagnet Compliance Reports and device-level alarms help establish and
General requirements: The organization shall establish, implement, operate, maintain a documented information security system for wireless networks and
monitor, review, maintain and improve a documented ISMS within the devices.
context of the organization's overall business activities and the risks it faces.

Section 4.2.1a)
AirMagnet can define the scope of the organization's wireless devices and
Define the scope and boundaries of the ISMS in terms of the characteristics
networks and provide asset and technology information.
of the business, the organization, its location, assets and technology, and
including details of and justification for any exclusions from the scope.

Section 4.2.1b)2) AirMagnet includes Compliance Reports that verify and record an
that takes into account business and legal or regulatory requirements, and organization's efforts to meet legal requirements for wireless networks and
contractual security obligations. devices. Compliance Reports include GLBA, HIPAA, and Sarbanes Oxley

Section 4.2.1b)4) AirMagnet provides asset and technology information on wireless devices to
establishes criteria against which risk will be evaluated. add to the criteria against which an organization's risk will be evaluated.

Section 4.2.1d)1) AirMagnet discovers wireless devices and their capabilities to determine
Identify the assets within the scope of the ISMS, and the owners of these wireless assets within the scope of the ISMS.
assets.

Section 4.2.1d)2) AirMagnet perform stateful analysis of all wireless devices and transmissions
Identify the threats to those assets. to identify more than 135 classes of threats in real time.

Section 4.2.1d)3) AirMagnet System Level and Device-specific Compliance Reports identify
Identify the vulnerabilities that might be exploited by the threats. controls currently implemented, and not implemented, on wireless assets.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 4.2.1f)1) AirMagnet's device-specific alarms determine the existence of appropriate

Identify and evaluate options for the treatment of risks by applying the controls for wireless assets in the ISMS.
appropriate controls.

Section 4.2.1f)3) AirMagnet identify and evaluate security controls on wireless devices and
Identify and evaluate options for the treatment of risks by avoiding risks. provides options to mitigate security concerns.

Section 4.2.1g) AirMagnet monitors and reports on security controls applied to wireless
Select control objectives and controls for the treatment of risks. devices to assess whether control objectives are satisfied using System Level
and Device-specific Compliance Reports.

Section 4.2.2c) AirMagnet Compliance Reports confirm or deny the implementation of

Implement the controls selected in 4.2.1g) to meet control objectives. security controls on wireless assets and assess whether the organization is in
conformance with this international standard.

Section 4.2.2d) Device-level Compliance Reports indicate the effectiveness of selected

Define how to measure the effectiveness of the selected controls or groups of controls for wireless assets.
controls and specify how these measurements are to be used to assess control
effectiveness to produce comparable and reproducible results.

Section 4.2.2f) AirMagnet creates and enforces security policies for wireless LANs and
Manage operation of the ISMS. devices focused on specific business needs and regulatory requirements to
help manage the ISMS.

Section 4.2.2g) AirMagnet creates and enforces security policies tied to specific business
Manage resources for the ISMS. needs and regulatory requirements to manage the wireless components of the
ISMS.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 4.2.3a)3) AirMagnet System Level and Device-level Compliance Reports enable
Allow management to determine whether the security activities delegated to management to determine whether wireless information technology is
people or implemented by information technology are performing as expected. performing as expected.

Section 4.2.3b) AirMagnet Compliance Reports and notifications will enable organizations to
Undertake regular reviews of the effectiveness of the ISMS (including meeting undertake regular reviews of wireless networks and devices to determine the
ISMS policy and objectives, and review of security controls) taking into effectiveness of the wireless components in the ISMS.
account results of security audits, incidents, results from effectiveness
measurements, suggestions and feedback from all interested parties.

Section 4.2.3c) AirMagnet Compliance Reports measure the effectiveness of controls on

Measure the effectiveness of controls to verify that security requirements have wireless devices to determine conformance to this International Standard.
been met.

Section 4.2.3d)4) AirMagnet's security monitoring tools and Compliance Reports provide
Monitor and review the ISMS to identify threats to the ISMS. information on identified and perceived threats to wireless assets to help
organizations review risk assessments.

Section 4.2.3d)5) AirMagnet's security monitoring tools and Compliance Reports for wireless
Monitor and review the ISMS to determine the effectiveness of the networks and devices identify changes to implemented controls and their
implemented controls. effectiveness to add to an organization's review of risk assessment.

Section 4.2.3d)6) AirMagnet Compliance Reports incorporate legal requirements to help

Review risk assessments at planned intervals, taking into account changes to organizations review and update risk assessments.
external events, contractual obligations, and social climate.

Section 4.2.3e) AirMagnet Device-level Compliance Reports satisfy an organization's internal

Conduct internal ISMS audits at planned intervals. audit for the purposes of this international standard.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance
Section 4.2.3h) AirMagnet records diagnostic, performance, and security events occurring on
Record actions and events that could have an impact on the effectiveness or wirless assets in the ISMS, as well as any automated actions based on those
performance of the ISMS. events.

Section 4.2.4b) AirMagnet can take automated actions based on events occurring on wireless
Take appropriate corrective and preventive actions per Sections 8.2 and 8.3, assets using a Best Practice Policy Profile developed on the best practices of
below and apply the lessons learnt from the security experiences of this organizations implementing wireless devices.
organization and other organizations.

Section 4.2.4d) AirMagnet Compliance Reports can determine whether improvements

Ensure that the improvements achieve their intended objectives. achieved their objectives on wireless devices in the ISMS.

Section 4.3.1b) AirMagnet Compliance Reports help identify, locate, and determine the
ISMS documentation shall be comprehensive and include the entire scope of capabilities of wireless assets to help document the scope of the ISMS.
the ISMS.

Section 4.3.1c) AirMagnet Compliance Reports document controls on wireless assets to

The ISMS documentation shall include procedures and controls to support include in ISMS documentation.
the ISMS.

Section 4.3.3 AirMagnet records of events on wireless networks and devices is maintained
Records shall be established and maintained to provide evidence of in a centralized, secure database with password controlled access and
conformity to requirements and the effective operation of the ISMS. They assigned rights.
shall be protected and controlled. The ISMS shall take account of any
relevant legal or regulatory requirements and contractual obligations.
Records shall remain legible, readily identifiable and retrievable. The
controls needed for the identification, storage, protection, retrieval, retention
time and disposition of records shall be doucmented and implemented.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 5.1e) Airmagnet can help management establish, implement, operate, monitor,
Management is responsible for providing sufficient resources to establish, review, maintain, and improve wireless technology in the ISMS.
implement, operate, montor, review, maintain, and improve the ISMS.

Section 5.1g) Management can ensure internal audits of wireless assets in the ISMS using
Management shall ensure that internal ISMS audits are conducted. AirMagnet Device-level Compliance Reports.

Section 5.2.1a) AirMagnet can help establish, implement, operate, monitor, review, maintain,
Management is responsible to establish, implement, operate, monitor, review, and improve on the security of wireless assets in the ISMS.
maintain, and improve an ISMS.

Section 5.2.1c) AirMagnet Policy Profiles can help identify and address legal and regulatory
The organization shall determine and provide the resources needed to identify requirements.
and address legal and regulatory requirements and contractual security
obligations.

Section 5.2.1d) AirMagnet Device-level Compliance Reports can monitor wireless assets and
The organization shall determine and provide the resources needed to ensure the correct application of implemented controls on wireless
maintain adequate security by correct application of all implemented controls technology.

Section 5.2.1f) AirMagnet security monitoring and reporting of wireless assets helps improve
Management is responsible, where required, to improve the effectiveness of the effectiveness of the ISMS and identify threats and vulnerabilities to
the ISMS. wireless technology.

Section 6a) AirMagnet Device-level Compliance Reports run at regular intervals provide
The organization shall conduct internal ISMS audits at planned intervals to an internal audit of wireless assets to determine whether control objectives
determine whether the control objectives, controls, processes and procedures and specific controls conform to this International Standard as well as some
of its ISMS conform to the requirements of this international standard and legal requirements.
relevant legislation or regulations.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 6b) AirMagnet Device-level Compliance Reports run at regular intervals to

The organization shall contuct internal ISMS audits at planned intervals to provide an internal audit of wireless assets to determine whether control
determine whether the control objectives, controls, processes, and procedures objectives and specific controls conform to identified security requirements.
of its ISMS conform to the identified information security requirements.

Section 6c) AirMagnet Device-level Compliance Reports run at regular intervals to

The organization shall conduct internal ISMS audits at planned intervals to provide an internal audit of wireless assets to determine whether control
determine whether the control objectives, controls, processes and procedures objectives and specific controls are adequately maintained.
of its ISMS are effectively implemented and maintained.

Section 6d) AirMagnet Device-level Compliance Reports run at regular intervals to

The organization shall conduct internal ISMS audits at planned intervals to provide an internal audit of wireless assets to determine whether control
determine whether the control objectives, controls, processes and procedures objectives and specific controls perform as expected.
of its ISMS perform as expected.

Section 7.2a) AirMagnet System Level and Device-level Compliance Reports can be
Management must review the results of ISMS audits and reviews. included in ISMS audits and reviews.

Section 7.2c) AirMagnet diagnostic, performance, and security monitoring tools are
The input to a management review shall include techniques, products or products that can be used in the ISMS to improve performance and
procedures, which could be used in the organization to improve the ISMS effectiveness.
performance and effectiveness.

Section 7.2d) Management can be notified of AirMagnet's automated actions to locate

The input to a management review shall include the status of preventive and threats, trace devices, and stop wireless threats at the source. Automated
corrective actions. actions are also logged in a secure, central database that can be retrieved and
reported for management's review.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 7.2e) AirMagnet Device-level Compliance reports identify vulnerabilites and

The input to a management review shall include vulnerabilities or threats not threats to wireless assets on an ongoing basis.
adequately addressed in the previous risk assessment.

Section 7.2f) The absense of an alarm due to the implementation of an effective security
The input to a management review shall include results from effective control on a wireless device would be sufficient input to determine the
measurements. effectiveness of the control.

Section 7.2h) AirMagnet alarm notifications and Compliance Reports document changes to
The input to a management review shall include any changes that could affect wireless assets that could affect the ISMS.
the ISMS.

Section 7.2i) AirMagnet makes specific recommendation for identified security threats and
The input to a management review shall include recommendations for vulnerabilities that can be added to management's recommendations to
improvement. improve the ISMS for wireless technology.

Section 8.3a) AirMagnet diagnostic, performance, and security monitoring tools identify
Improve the ISMS by identifying potential nonconformities and their causes. nonconformities in wireless devices in the ISMS. Organizations can use
AirMagnet for advice on nonconformities and configure it for automated
action where applicable.

Section 8.3b) AirMagnet diagnostic, performance, and security monitoring tools identify
Improve the ISMS by evaluating the need for action to prevent occurrence of nonconfromities in wireless devices in the ISMS. Organizations can use
nonconformities. AirMagnet for advice on nonconformities and configure it for automated
action where applicable.

Section 8.3c) AirMagnet diagnostic, performance, and security monitoring tools identify
Determine the need for preventive action and take such action where nonconformities in wireless devices in the ISMS. Organizations can use
necessary. AirMagnet for advice on nonconformities and configure it for automated
action where applicable.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section 8.3d) AirMagnet diagnostic, performance, and security monitoring tools identify
Improve the ISMS by recording results of actions taken. nonconformities in wireless devices in the ISMS. Organziations can use
AirMagnet for advice on nonconformities and configure it for automated
action where applicable. Automated actions are logged in a secure, central

Section 8.3e) AirMagnet diagnostic, performance, and security monitoring tools identify
Improve the ISMS by reviewing the preventive action taken on a regular basis. nonconformities in wireless devices in the ISMS. Organizations can use
AirMagnet for advice on nonconformities and configure it for automated
action where applicable. Organizations run Device-level Compliance Reports

Section A.10.10.1 AirMagnet Enterprise maintains logs of user and devices in a central, secure
Audit logs recording user activities, exceptions, and information security data store.
events shall be produced and kept for an agreed period to assist in future
investigations and access control monitoring.

Section A.10.10.3 AirMagnet Enterprise maintains logs of user and devices in a central, secure
Logging facilities and log information shall be protected against tampering data store.
and unauthorized access.

Section A.10.10.4 AirMagnet Enterprise maintains logs of user and devices in a central, secure
System administrator and system operator activities shall be logged. data store.

Section A.10.10.5 AirMagnet Enterprise logs all faults to a centralized, secure server.
Faults shall be logged, analyzed, and appropriate action taken.

Section A.11.2.2 The allocation and use of privileges shall be restricted and controlled.
Ensure the correct and secure operation of information processing facilities by
restricting, controlling, and allocating the use of privilges.

Section A.13.1.1 AirMagnet Compliance Reports and configurable notifications report on

Ensure information security events and weaknesses associated with security events in timely manner.
information systems are communicated in a manner allowing timely corrective
action to be taken.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive Compliance

Section A.13.2.1 AirMagnet's secure, centralized log file collects the anatomy of a security
Where a follow-up action against a person or organization after an incident for future prosecution or litigation.
information security incident involves legal action (either civil or criminal),
evidence shall be collected, retained, and presented to conform to the rules for

Section A.14.1.2 AirMagnet Compliance Reports and notifications inform the organization of
Counteract interruptions to business activities and protect critical business security incidents and provide the impact of the event on information
processes from the effects of major failures or natural disasters and ensure security.
their timely resumptioin by
identifying events that cause disruption along with the probability and impact
of such interruptions and their consequences for information security.

Section A.15.1.1 AirMagnet Compliance Reports help an organization satisfy legal

Avoide breaches of any law, statutory, regulatory, or contractual obligations. requirements can be used to help an organization meet statutory and
regulatory obligations.

Section A.15.3.2 AirMagnet Enterprise secures audit information on wireless devices in the
Maximize the effectiveness of and minimize interference to and from the ISMS and uses a centralized database with authentication and distributed
information systems audit process by protecting the systems' audit tools from rights access. Changes to the database are logged and archived for a separate,
possible misuse or compromise. independent audit of the AirMagnet system.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

2/ Policy Level Compliance Report
This report summarizes your network’s compliance on a per-policy basis, showing you the total number of devices that are in compliance or violation of each and
every policy in the ISO 27001 Policy.

ISO 27001
10.9.1 1.8%
A.9.2.4 10.9.2 4.1%
10.9.1 4.2.2.h) 9.5%
4.2.3a)1) 4.1%
A.15.2.2 10.9.2 4.2.3a)2) 9.4%
4.2.2.h) 4.2.3a)4) 9.5%
A.10.1.2 7.0%
A.10.3.1 4.1%
A.15.1.6 A.10.6.1
A.10.8.1
9.4%
1.8%
A.15.2.1 4.2.3a)1) A.10.8.3 1.8%
A.10.8.4 1.8%
A.10.8.5 1.8%

A.15.1.4 4.2.3a)2) A.11.1.1 0.0%

A.11.2.1 0.0%
A.11.4.1 0.0%
A.12.3.2 A.11.4.2 0.0%
A.11.4.3 0.0%
A.12.3.1 A.11.4.6 0.0%
4.2.3a)4) A.11.7.1 1.8%
A.12.2.3 A.12.2.2 0.8%
A.12.2.3 2.1%
A.12.2.2 A.12.3.1 1.8%
A.11.7.1 A.10.1.2
A.12.3.2 1.8%
A.12.5.1 0.0%
A.10.8.5 A.12.5.3 0.0%
A.15.1.4 1.5%

A.10.8.4 A.10.6.1 A.10.3.1 A.15.1.6 1.5%

A.15.2.1 9.5%
A.15.2.2 9.5%
A.10.8.3 A.10.8.1 A.9.2.4 4.1%
Total: 100.0%

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001

180
160
140
120
# of Devices

100
80
60
40
20
0

A. 2.4

A. 1.2

A. 3.1

A. 6.1

A. 8.1

A. 8.3

A. 8.4

10 5
10 1
A. .2

A. 1.1

A. 2.1

A. 4.1

A. 4.2

A. 4.3

A. 4.6

A. 7.1

A. 2.2

A. 2.3

A. 3.1

A. 3.2

A. 5.1

A. 5.3

A. 1.4

A. 1.6

A. 2.1

.2
2. )

2. )

2. )

A. 4)
4. 2.h

4. )1
4. a)2

.
.8

.2
.9
.9
)
3a

3a

9.

.
10

10

10

10

10

10

10

11

11

11

11

11

11

11

12

12

12

12

12

12

15

15

15

15
2.

3
4.

Violating Device Compliance Device

# Compliance
# Violating
Violation
Compliance

Devices

Devices
ISO 27001

Policy
%

4.2.2.h)Implement procedures and other controls capable of enabling 81 59 105 64.02%

prompt detection of security events and response to security incidents.
4.2.3a)1) Promptly detect errors in the results of processing. 35 32 132 80.49%

4.2.3a)2) Promptly identify attempted and successful security breaches and 80 59 105 64.02%
incidents.
4.2.3a)4) Help detect security events and thereby prevent security incidents 81 59 105 64.02%
by the use of indicators.
A.9.2.4 Prevent loss, damage, theft or compromise of assets and 35 32 132 80.49%
interruption to the organization's activities
A.10.1.2 Ensure the correct and secure operation of information 60 56 108 65.85%
processing facilities.
A.10.3.1 Minimize the risk of systems failures. 35 32 132 80.49%
Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 A.10.6.1 Ensure the protection of information in networks and the 80 59 105 64.02%
protection of the supporting infrastructure.
A.10.8.1 To maintain the security of information and software exchanged 15 15 149 90.85%
within an organization and with any external entity.
A.10.8.3 Maintain the security of information and software exchanged 15 15 149 90.85%
within an organization and with any external entity.
A.10.8.4 Maintain the security of information and software exchanged 15 15 149 90.85%
within an organization and with any external entity.
A.10.8.5 Maintain the security of information and software exchanged 15 15 149 90.85%
within an organization and with any external entity.
10.9.1 Ensure the security of electronic commerce services, and their 15 15 149 90.85%
secure use.
10.9.2 Ensure the security of electronic commerce services, and their 35 32 132 80.49%
secure use.
A.11.1.1 Control access to information. 0 0 164 100.00%

A.11.2.1 Ensure the correct and secure operation of information 0 0 164 100.00%
processing facilities.
A.11.4.1 Prevent unauthorized access to networked services. 0 0 164 100.00%

A.11.4.2 Prevent unauthorized access to networked services. 0 0 164 100.00%

A.11.4.3 Prevent unauthorized access to networked services. 0 0 164 100.00%

A.11.4.6 Prevent unauthorized access to networked services. 0 0 164 100.00%

A.11.7.1 Ensure information security when using mobile computing and 15 15 149 90.85%
teleworking facilities.
A.12.2.2 Prevent errors, loss, unauthorized modification or misuse of 7 6 158 96.34%
information in applications.
A.12.2.3 Prevent errors, loss, unauthorized modification or misuse of 18 16 148 90.24%
information in applications
A.12.3.1 Protect the confidentiality, authenticity or integrity of 15 15 149 90.85%
information by cryptographic means.
A.12.3.2 Protect the confidentiality, authenticity or integrity of 15 15 149 90.85%
information by cryptographic means.
A.12.5.1 Maintain the security of application system software and 0 0 164 100.00%
information
A.12.5.3 Maintain the security of application system software and 0 0 164 100.00%
information

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 A.15.1.4 Avoid breaches of any law, statutory, regulatory or contractual 13 13 151 92.07%
obligations, and of any security requirements.
A.15.1.6 Avoid breaches of any law, statutory, regulatory or contractual 13 13 151 92.07%
obligations, and of any security requirements.
A.15.2.1 Ensure compliance of systems with organizational security 81 59 105 64.02%
policies and standards.
A.15.2.2 Ensure compliance of systems with organizational security 81 59 105 64.02%
policies and standards.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 ISO 27001 Directive

# Compliance

Compliance
# Violating
Devices

Devices

Status
AirMagnet Alarms

4.2.2.h)Implement procedures and other controls capable of enabling prompt detection of security events and
response to security incidents.
Crackable WEP IV key used 2 162 98.78%
AP broadcasting SSID 32 132 80.49%
Exposed Wireless Station detected 24 140 85.37%
DoS: Unauthenticated association 1 163 99.39%
Device unprotected by TKIP 12 152 92.68%
AP operating in bridged mode detected 4 160 97.56%
Potential Pre-802.11n device detected 1 163 99.39%
Client with encryption disabled 1 163 99.39%
Device Probing for APs 4 160 97.56%

4.2.3a)1) Promptly detect errors in the results of processing.

Excessive low speed transmission 4 160 97.56%

Ad-hoc node using AP's SSID 1 163 99.39%
Higher speed not supported 1 163 99.39%
Unassociated station detected 16 148 90.24%
Excessive frame retries 3 161 98.17%
Excessive missed AP beacons 10 154 93.90%

4.2.3a)2) Promptly identify attempted and successful security breaches and incidents.

Exposed Wireless Station detected 24 140 85.37%

DoS: Unauthenticated association 1 163 99.39%
Client with encryption disabled 1 163 99.39%

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 Crackable WEP IV key used 2 162 98.78%
Device unprotected by TKIP 12 152 92.68%
AP operating in bridged mode detected 4 160 97.56%
AP broadcasting SSID 32 132 80.49%
Device Probing for APs 4 160 97.56%

4.2.3a)4) Help detect security events and thereby prevent security incidents by the use of indicators.

Crackable WEP IV key used 2 162 98.78%

Device unprotected by TKIP 12 152 92.68%
Client with encryption disabled 1 163 99.39%
AP broadcasting SSID 32 132 80.49%
Exposed Wireless Station detected 24 140 85.37%
AP operating in bridged mode detected 4 160 97.56%
Potential Pre-802.11n device detected 1 163 99.39%
DoS: Unauthenticated association 1 163 99.39%
Device Probing for APs 4 160 97.56%

A.9.2.4 Prevent loss, damage, theft or compromise of assets and interruption to the organization's activities

Higher speed not supported 1 163 99.39%

Unassociated station detected 16 148 90.24%
Excessive low speed transmission 4 160 97.56%
Ad-hoc node using AP's SSID 1 163 99.39%
Excessive frame retries 3 161 98.17%
Excessive missed AP beacons 10 154 93.90%

A.10.1.2 Ensure the correct and secure operation of information processing facilities.

Exposed Wireless Station detected 24 140 85.37%

AP operating in bridged mode detected 4 160 97.56%
AP broadcasting SSID 32 132 80.49%

A.10.3.1 Minimize the risk of systems failures.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 Excessive frame retries 3 161 98.17%
Excessive low speed transmission 4 160 97.56%
Excessive missed AP beacons 10 154 93.90%
Unassociated station detected 16 148 90.24%
Higher speed not supported 1 163 99.39%
Ad-hoc node using AP's SSID 1 163 99.39%

A.10.6.1 Ensure the protection of information in networks and the protection of the supporting infrastructure.

Client with encryption disabled 1 163 99.39%

Device Probing for APs 4 160 97.56%
Crackable WEP IV key used 2 162 98.78%
AP broadcasting SSID 32 132 80.49%
Exposed Wireless Station detected 24 140 85.37%
DoS: Unauthenticated association 1 163 99.39%
Device unprotected by TKIP 12 152 92.68%
AP operating in bridged mode detected 4 160 97.56%

A.10.8.1 To maintain the security of information and software exchanged within an organization and with any
external entity.
Crackable WEP IV key used 2 162 98.78%
Device unprotected by TKIP 12 152 92.68%
Client with encryption disabled 1 163 99.39%

A.10.8.3 Maintain the security of information and software exchanged within an organization and with any
external entity.
Client with encryption disabled 1 163 99.39%
Crackable WEP IV key used 2 162 98.78%
Device unprotected by TKIP 12 152 92.68%

A.10.8.4 Maintain the security of information and software exchanged within an organization and with any
external entity.
Client with encryption disabled 1 163 99.39%
Crackable WEP IV key used 2 162 98.78%

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 Device unprotected by TKIP 12 152 92.68%

A.10.8.5 Maintain the security of information and software exchanged within an organization and with any
external entity.
Client with encryption disabled 1 163 99.39%
Crackable WEP IV key used 2 162 98.78%
Device unprotected by TKIP 12 152 92.68%

10.9.1 Ensure the security of electronic commerce services, and their secure use.

Device unprotected by TKIP 12 152 92.68%

Client with encryption disabled 1 163 99.39%
Crackable WEP IV key used 2 162 98.78%

10.9.2 Ensure the security of electronic commerce services, and their secure use.

Excessive frame retries 3 161 98.17%

Higher speed not supported 1 163 99.39%
Unassociated station detected 16 148 90.24%
Ad-hoc node using AP's SSID 1 163 99.39%
Excessive missed AP beacons 10 154 93.90%
Excessive low speed transmission 4 160 97.56%

A.11.7.1 Ensure information security when using mobile computing and teleworking facilities.

Client with encryption disabled 1 163 99.39%

Crackable WEP IV key used 2 162 98.78%
Device unprotected by TKIP 12 152 92.68%

A.12.2.2 Prevent errors, loss, unauthorized modification or misuse of information in applications.

Excessive low speed transmission 4 160 97.56%

Excessive frame retries 3 161 98.17%

A.12.2.3 Prevent errors, loss, unauthorized modification or misuse of information in applications

Excessive missed AP beacons 10 154 93.90%

Excessive low speed transmission 4 160 97.56%

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 Excessive frame retries 3 161 98.17%
Higher speed not supported 1 163 99.39%

A.12.3.1 Protect the confidentiality, authenticity or integrity of information by cryptographic means.

Device unprotected by TKIP 12 152 92.68%

Client with encryption disabled 1 163 99.39%
Crackable WEP IV key used 2 162 98.78%

A.12.3.2 Protect the confidentiality, authenticity or integrity of information by cryptographic means.

Crackable WEP IV key used 2 162 98.78%

Device unprotected by TKIP 12 152 92.68%
Client with encryption disabled 1 163 99.39%

A.15.1.4 Avoid breaches of any law, statutory, regulatory or contractual obligations, and of any security
requirements.
Client with encryption disabled 1 163 99.39%
Device unprotected by TKIP 12 152 92.68%

A.15.1.6 Avoid breaches of any law, statutory, regulatory or contractual obligations, and of any security
requirements.
Client with encryption disabled 1 163 99.39%
Device unprotected by TKIP 12 152 92.68%

A.15.2.1 Ensure compliance of systems with organizational security policies and standards.

Device unprotected by TKIP 12 152 92.68%

Client with encryption disabled 1 163 99.39%
Device Probing for APs 4 160 97.56%
Exposed Wireless Station detected 24 140 85.37%
AP broadcasting SSID 32 132 80.49%
Potential Pre-802.11n device detected 1 163 99.39%
AP operating in bridged mode detected 4 160 97.56%
Crackable WEP IV key used 2 162 98.78%
DoS: Unauthenticated association 1 163 99.39%

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 A.15.2.2 Ensure compliance of systems with organizational security policies and standards.

AP operating in bridged mode detected 4 160 97.56%

Potential Pre-802.11n device detected 1 163 99.39%
Client with encryption disabled 1 163 99.39%
Device Probing for APs 4 160 97.56%
Crackable WEP IV key used 2 162 98.78%
AP broadcasting SSID 32 132 80.49%
Exposed Wireless Station detected 24 140 85.37%
DoS: Unauthenticated association 1 163 99.39%
Device unprotected by TKIP 12 152 92.68%

Notes:
1) By default, your network fails to comply with the ISO 27001 Directive if one of the devices violates any of its policy sections.
2) Link: http://www.17799central.com/iso-27001.htm

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 3/ Device-Specific Compliance Report
This report contains detailed information about devices in compliance or violation of the ISO 27001 Directive. It checks the devices against each and every
provision in the Directive to show what policy sections are violated or upheld to. It lists all wireless devices deployed on your WLAN. The devices can be sort by
MAC address, media type, SSID, or vendor.

Device Information ISO 27001 Policy Sections

Compliance
MAC Address-Media

4.2.3a)1)
4.2.3a)2)
4.2.3a)4)

A.10.1.2
A.10.3.1
A.10.6.1
A.10.8.1
A.10.8.3
A.10.8.4
A.10.8.5

A.11.1.1
A.11.2.1
A.11.4.1
A.11.4.2
A.11.4.3
A.11.4.6
A.11.7.1
A.12.2.2
A.12.2.3
A.12.3.1
A.12.3.2
A.12.5.1
A.12.5.3
A.15.1.4
A.15.1.6
A.15.2.1
A.15.2.2

%
CHANNEL

A.9.2.4
4.2.2.h

10.9.1
10.9.2
VENDOR
SSID
00:90:4B:BD:FC:3A-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
GemTek
QA_linksys2

00:16:B6:F9:2E:CC-b
Channel: ?
P F P P F P F P P P P P P F P P P P P P P P P P P P P P P P P 86.67%

QA_linksys2

00:40:96:AF:8C:79-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
Cisco
dlinkG

98:06:9D:D5:FF:31-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sensor Coverage Survey

00:90:7A:05:2F:CF-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
SpectraLink
AirMagnetGuest

00:90:7A:05:12:AC-b
Channel: 5
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
SpectraLink
qa_wireless_11a_only@tv
_cubicle

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:02:6F:20:2D:E7-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
qa_wireless_11a_only@tv
_cubicle
60:1D:4D:7A:96:B2-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

compg

72:ED:3F:67:E4:B3-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Buffalo

00:12:17:B5:AA:45-b
Channel: 10
F F F F F F F F F F F F F F P P P P P P F F F F F P P F F F F 23.33%
Cisco
QA_linksys2

00:02:6F:22:36:6E-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
NGbg

00:02:6F:22:7E:E9-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:02:6F:20:32:3D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:14:F1:AF:1B:97-b
Channel: 7
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1130-15

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:20:A6:52:8F:65-b
Channel: 8
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Proxim
tv-Wireless Network B

00:0B:86:84:B5:30-b
Channel: 8
F F F F F F F F P P P P P F P P P P P P P P F P P P P P P F F 60.00%
Aruba
aruba-engr-11g

00:11:5C:4D:E8:41-b
Channel: 4
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
AirMagnetGuest

00:0E:35:C0:35:7D-g
Channel: 4
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

Air2

00:0D:ED:AB:7C:23-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
Netgear

00:40:96:A1:4A:F8-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
BuffaloQA

00:16:6F:9C:00:A0-b
Channel: 10
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

QA_linksys2

28:B7:C6:A0:0B:B7-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

QA_linksys2

00:13:02:1F:F0:1D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:0C:F1:3E:E6:58-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%

NGbg

00:14:A5:49:D3:3B-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
Sensor Coverage Survey

00:14:A5:54:87:1A-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
qa_wireless_11a_only@tv
_cubicle
00:90:7A:05:2E:45-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
SpectraLink
compa

00:02:6F:22:3B:D3-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
compa

32:64:0D:38:5B:8F-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

00:0C:41:A8:7A:C2-b
Channel: 9
F F F F F F F F F F F F F F P P P P P P F P F F F P P F F F F 26.67%

ENG-linksys_rtf

00:14:F1:AF:1B:96-b
Channel: 7
F F F F F F F F P P P P P F P P P P P P P P F P P P P P P F F 60.00%
Cisco
QA-1130-14

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:12:17:DB:88:81-b
Channel: 11
F F F F F F F F P P P P P F P P P P P P P F F P P P P P P F F 56.67%
Cisco
QA_linksys1

00:11:5C:4D:E8:40-b
Channel: 4
F P F F P F P F F F F F F P P P P P P P F P P F F P P F F F F 43.33%
Cisco
Air2

00:0B:85:79:03:C0-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-1130-15

00:15:2B:AC:CB:CF-b
Channel: 7
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
AM_vofi

00:90:96:C6:C2:CE-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Askey
Air3

00:0B:85:66:24:90-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
<No current ssid>

00:0B:85:26:7F:80-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
<No current ssid>

00:12:F0:1A:6C:5D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

<No current ssid>

00:90:7A:05:2E:AA-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
SpectraLink
NETGEAR

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:02:6F:22:7E:E7-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
compg

04:83:6D:6C:AE:AA-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

00:14:F1:AF:1B:95-b
Channel: 7
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1130-13

00:20:A6:53:8E:73-b
Channel: 8
F F F F F F F F F F F F F F P P P P P P F P F F F P P F F F F 26.67%
Proxim
BuffaloQA

00:90:96:CB:2F:8B-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Askey
Sensor Coverage Survey

00:13:02:1B:3A:AC-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

<No current ssid>

00:0D:0B:4F:5E:00-b
Channel: 6
F F F F F F F F F F F F F F P P P P P P F F F F F P P F F F F 23.33%

BuffaloWing

00:14:F1:AF:1B:94-b
Channel: 7
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1130-12

00:0F:34:A7:78:10-b
Channel: 2
P F P P F P F P P P P P P F P P P P P P P F F P P P P P P P P 80.00%
Cisco
QAVOFI

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:0B:85:01:33:A0-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-1130-13

00:12:F0:9E:5D:01-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sensor Coverage Survey

00:90:4B:BD:FC:46-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:0E:35:0D:DA:73-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

QAVOFI

00:0C:F1:42:84:29-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

QAVOFI

00:0C:F1:4C:27:6E-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

B8:8D:56:46:54:8B-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

00:14:F1:AF:1B:93-b
Channel: 7
F F F F F F F F P P P P P F P P P P P P P P F P P P P P P F F 60.00%
Cisco
QA-1130-11

00:0B:46:91:EA:72-b
Channel: 1
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
BuffaloQA

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:0E:35:C0:5D:AE-g
Channel: 2
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

QAVOFI

00:90:4B:BD:FC:34-b
Channel: 8
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
HopOnWireless

00:90:4B:BD:FD:12-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
HopOnWireless

68:B3:1E:94:E5:5B-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

HopOnWireless

00:90:7A:05:2F:74-b
Channel: 5
F F F F F P F F F F F F F F P P P P P P F F F F F P P P P F F 33.33%
SpectraLink
QAVOFI

00:16:6F:6D:57:FA-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Air2

00:13:02:1B:39:88-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

aruba-engr-11a

00:14:A5:01:94:D0-b
Channel: 8
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
tv-Wireless Network B

02:24:12:1D:E4:3D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

tv-Wireless Network B

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:02:6F:20:6C:90-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:14:F1:AF:1B:92-b
Channel: 7
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1130-10

00:0B:85:01:33:AF-b
Channel: 10
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-1130-11

00:03:7F:BE:E0:35-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Atheros
compg

00:40:96:A4:0E:EC-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
compg

00:0E:35:7F:4E:29-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sensor Coverage Survey

00:02:6F:20:32:6A-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:0B:7D:27:9C:EB-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Air2

00:40:96:59:A9:39-b
Channel: 6
F P F F P F P F F F F F F P P P P P P P F P P F F P P F F F F 43.33%
Cisco
QA-350-2

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:14:F1:AF:1B:91-b
Channel: 7
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
Sensor Coverage Survey

00:11:F5:43:B1:B9-b
Channel: 1
F F F F F F F F P P P P P F P P P P P P P P F P P P P P P F F 60.00%

Sensor Coverage Survey

96:20:7C:98:19:E6-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

NGbg

00:90:4B:BD:FD:21-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:90:4B:BD:FC:43-b
Channel: 10
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
Sensor Coverage Survey

00:59:29:6D:54:0D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

MetroFi-Free

00:02:6F:21:27:23-b
Channel: 10
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:90:7A:04:F0:C4-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
SpectraLink
Sensor Coverage Survey

00:14:F1:09:12:D8-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
Sensor Coverage Survey

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:14:F1:AF:1B:90-b
Channel: 7
F P F F P P P F F F F F F P P P P P P P F P P F F P P F F F F 46.67%
Cisco
AM_vofi

00:13:80:43:11:55-b
Channel: 11
F F F F F F F F F F F F F F P P P P P P F P F F F P P F F F F 26.67%
Cisco
QA-1200-7

00:0B:85:52:FF:F0-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-350-2

00:0B:85:54:D8:30-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA_linksys2

6E:BB:13:70:43:A0-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

QA_linksys2

00:12:F0:95:67:4B-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

AirMagnetGuest

00:04:23:A2:81:E8-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Intel
AirMagnetGuest

00:90:4B:BD:FD:0F-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
compg

42:DE:6D:E4:F7:D0-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Buffalo

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:13:80:43:11:54-b
Channel: 11
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1200-32

00:14:A5:54:85:67-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
compg

00:02:6F:20:2D:88-b
Channel: 8
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
tv-Wireless Network B

00:02:6F:21:2A:43-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
qa_wireless_11a_only@tv
_cubicle
6E:B0:18:D5:8B:09-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sensor Coverage Survey

00:13:5F:F9:7F:00-b
Channel: 10
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%

compg

00:13:80:43:11:53-b
Channel: 11
F F F F F F F F F F F F F F P P P P P P F P F F F P P F F F F 26.67%
Cisco
QA-1200-31

00:13:80:43:12:20-b
Channel: 11
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1200-36

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:13:80:43:15:20-b
Channel: 2
F F F F F F F F P P P P P F P P P P P P P P F P P P P P P F F 60.00%
Cisco
QA_QATest4

00:90:4B:72:B8:6D-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
GemTek
P-780_g6

00:16:6F:6C:72:B4-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Monitored

00:16:6F:54:3C:95-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sabre

00:14:A5:01:95:87-b
Channel: 8
F F F F F F F F F F F F F F P P P P P P F P P F F P P F F F F 30.00%
GemTek
tv-Wireless Network B

00:0C:F1:42:8B:BC-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sabre

00:90:4B:CC:75:7E-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
GemTek
NGbg

00:16:CF:9F:E8:EC-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

compa

D6:C2:55:CC:AA:FD-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

compa

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:13:80:43:11:52-b
Channel: 11
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1200-30

00:14:A8:53:4C:60-b
Channel: 7
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%

tech-1200

00:02:6F:3A:3F:B1-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
Senao
PRISM-SSID

00:02:6F:20:18:85-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Senao
Sensor Coverage Survey

00:02:6F:22:37:52-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:02:6F:20:8A:BF-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
NGbg

00:0E:35:89:B5:C3-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

<No current ssid>

00:13:CE:CF:4A:D7-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

NETGEAR

00:02:8A:A8:9A:15-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Ambit
QA-1200-26

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:13:80:43:11:51-b
Channel: 11
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1200-26

00:12:F0:29:83:8A-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

HopOnWireless

00:90:7A:05:07:F3-b
Channel: 5
F F F F F P F F F F F F F F P P P P P P F F F F F P P P P F F 33.33%
SpectraLink
QAVOFI

00:02:6F:20:8C:E0-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:14:A5:54:77:FC-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:40:96:AF:31:BC-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
<No current ssid>

00:40:96:A1:49:BA-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
<No current ssid>

00:13:80:43:11:50-b
Channel: 11
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QA-1200-25

00:09:5B:D6:5C:F8-b
Channel: 2
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Netgear
NGbg

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:0B:85:54:EA:60-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-1200-26

00:02:6F:21:C4:7C-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Senao
BuffaloQA

00:02:6F:22:00:5E-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Senao
BuffaloQA

00:09:7C:14:A7:0D-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
Cisco
ANY

00:02:6F:20:2E:0D-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

00:14:A5:01:95:84-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:14:A5:01:95:EA-b
Channel: 2
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:14:A5:01:95:B7-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
tv-Wireless Network B

00:CD:59:78:3C:00-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

HopOnWireless

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:40:96:AB:51:F4-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
Cisco
Air2

00:0B:46:91:E2:48-b
Channel: ?
P F P P F P F P P P P P P F P P P P P P P P P P P P P P P P P 86.67%
Cisco
QA-1200-32

00:40:96:A8:2E:28-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
QAVOFI

00:90:4B:BD:FC:D6-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
NGbg

00:40:96:59:B9:44-b
Channel: 6
F P F F P F P F F F F F F P P P P P P P F P P F F P P F F F F 43.33%
Cisco
QA-350-2

00:02:8A:A3:09:20-b
Channel: 9
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Ambit
QA-1200-25

00:20:A6:4C:A6:A3-b
Channel: ?
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Proxim
AM_vofi

00:15:F9:41:C4:46-b
Channel: 7
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Cisco
AM_vofi

00:02:6F:20:32:2F-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
Sensor Coverage Survey

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:02:6F:21:29:D7-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Senao
compg

00:13:CE:C8:54:ED-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Air2

00:90:4B:BD:FD:09-b
Channel: 10
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
GemTek
tv-Wireless Network B

00:13:02:89:9F:86-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

Sensor Coverage Survey

00:11:5C:4D:E9:11-b
Channel: 4
F P F F P F P F P P P P P P P P P P P P P P P P P P P P P F F 76.67%
Cisco
AirMagnetGuest

00:07:85:B3:8A:E3-b
Channel: 5
P F P P F P F P P P P P P F P P P P P P P P F P P P P P P P P 83.33%
Cisco
QAVOFI

00:0B:85:01:34:40-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-350-2

00:0B:85:23:7B:00-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-350-2

00:0B:85:08:12:D0-b
Channel: 11
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
QA-350-2

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 00:04:23:6C:CB:AC-b
Channel: 11
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%
Intel
whitman_wireless

00:0B:85:54:E9:90-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
EagerWireless

00:0B:85:04:3A:80-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%
Airespace
EagerWireless

00:13:02:77:23:ED-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

EagerWireless

00:13:02:31:12:22-b
Channel: ?
F F F F F F F F P P P P P F P P P P P P P P P P P P P P P F F 63.33%

GoogleWiFi

5C:7B:25:56:9C:A1-b
Channel: ?
P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P 100.00%

AM_vofi

00:0D:0B:1A:14:03-b
Channel: 10
F P F F P F P F F F F F F P P P P P P P F P P F F P P F F F F 43.33%

Buffalo

00:11:5C:4D:E9:10-b
Channel: 4
F P F F P F P F F F F F F P P P P P P P F P P F F P P F F F F 43.33%
Cisco
Air2

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM

 Notes:

1) P = Pass and F = Fail.

2) Channel specific policy violations will not be included in the Device-Specific Compliance Report.
3) AirMagnet has enabled alarms relevant to theISO 27001 Directive in its Policy Compliance Reports.Disabling any alarms tied to the Reports will
degrade their effectiveness and result in a wireless network that does not comply with the respective industry regulations.

Live Capture

P o we r e d by Ai r Ma g n e t Monday, January 29, 2007 2:34:17PM