AIRSHIELD has been designed to track 802.11 Clients and AccessPoints within an air space. This tracking provides a deeper understanding of the behaviors end users and devices take throughout the day to answer questions such as:
- Are your devices staying connected to your AccessPoints or do they connect to neighboring less-secure networks?
- Have unknown or unauthorized devices connected to trusted networks?
- Have known and trusted devices connected to untrusted or unknown networks?
Within the 802 Secure Console, a Client's AP connection history will show its successful connections to any observed 802.11 network. Because the process to identify and connect to 802.11 networks can be automatic or manually driven, we only identify true connections when one of the following is observed:
- A full 802.11 Association handshake has taken place
- Data frames have been observed between the Client and AP
The Client address 18:A6:F7:17:A2:02 has been observed primarily connecting to the Choose Another Castle network throughout its observed lifetime. 802 Secure's Cloud Console maintains this connection history for all observed clients allowing full forensic view 24 hours, 7 days a week.
Additionally a 7-day heatmap is collected showing the number of "Hits" a device has been seen by the monitoring AIRSHIELDs:
along with a searchable historical connection history.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article