AIRSHIELD collects and tracks IEEE 802.11 Clients and Access Points within an observable air space. This tracking provides a deeper understanding of the behaviors end users and devices take throughout the day to answer questions such as:
- Are your end users staying connected to your Access Points?
- Are your end users connecting to neighboring less-secure networks?
- Have unknown or unauthorized devices connected to your trusted networks?
- Have known and trusted devices connected to untrusted or unknown networks?
- How active are your neighboring Access Points and Wi-Fi Direct devices?
Within the Console, a Client's AP connection history will show its successful connection history to any observed 802.11 Access Point (BSSID). Connections are only identified when one of the following is observed:
- A fully accepted 802.11 Association and Authentication process has been observed
- Data frames have been observed between the Client and AP
On the Client Detail page a history of AP Connections is observed:
In the above image the Client 18:A6:F7:17:A2:02 has been observed primarily connecting to the Choose Another Castle network throughout its observed lifetime. Our Cloud Console maintains this connection history for all observed clients allowing full forensic view 24 hours, 7 days a week.
Connection History Table
At the bottom of the Client Detail page, a History of AP Connections is shown. By default the last few hours of connections are quickly visible. Up to one year of history data is available when given a date range in the query filter.
7-Day Visibility Heatmap
A 7-day heatmap is collected showing the number of "hits" a device has been seen by your AIRSHIELDs:
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article