Improving the Security of Radio Frequency Emitting Devices on the Network

A reliable solution is needed to detect and locate RF-emitting devices to improve overall security while protecting individuals using those devices and the physical areas where those devices exist across the network.

man using mobile smart phone with global network connection and picture id1274394138

By Dolan Sullivan, Vice President of Federal at Aruba, a Hewlett Packard Enterprise company.

Federal and non-governmental IT teams have long been aware of the risk of radio frequency (RF) network blindness. Afterall, unauthorized communications in a secure zone can reveal personnel movements and create a conduit for data exfiltration, such as how a fitness tracker can inadvertently revealed the physical movements of military personnel. 

The need for RF situational awareness has intensified as the use of mobile and IoT devices have exploded across both governments and private organizations that support those governments. These challenges are compounded by the fact that most of the devices use many or multiple different radio frequency technologies, such as Wi-Fi, ZigBee, Bluetooth, and Bluetooth Low Energy (BLE). Most pressingly, high security Federal agencies have had to rely on the honor policy and reporting policy to limit the entry of RF-emitting devices without the ability to effectively track and manage them on the network.

A unified solution for mitigating RF-emitting device vulnerabilities

Federal-contractor organizations have needed a unified solution to detect and locate RF-emitting devices to improve the overall security posture while better protecting individuals using those devices and the physical areas where those devices exist across the network.

To create this unified solution, Aruba’s secure enterprise wireless LAN solution and Aruba ClearPass Policy Manager can be integrated with Bastille Networks, to address the huge security gap RF-emitting devices create. Federal IT agencies can now implement this integrated solution to establish an RF security policy based on real-time detection capabilities while establishing automated alerts and enforcement policies.

Automating the enforcement of RF geofences

Bastille uses passive software-defined radio sensor arrays to detect and locate cellular, Bluetooth, BLE, and Wi-Fi devices with precise locations in real-time. All RF-emitting devices, whether authorized or unauthorized within a campus or a forward deployed location, can be accurately located on a floorplan or area map.

picture1 Aruba

Caption: Maps within ClearPass can help IT teams track and automate the enforcement of pre-defined policies pertaining to RF-emitting devices on the network

With Bastille and ClearPass, IT can establish geofences that include or exclude areas where devices are or are not allowed. If an RF-emitting device, whether it’s a personal mobile phone, a fitness tracker, or sensors on data center infrastructure, is located where it should not be (or doing what it should not do) an alert is submitted through ClearPass, and automated enforcement can then be applied.

Automated actions are taken based on the given government agency’s specified policies. When a mobile device crosses a geofence boundary, Bastille communicates with ClearPass to enforce network access based on policies defined for that physical location.

Should a mobile device cross a geofence boundary, such as on the wrist of an unwitting federal contractor at a secure facility where no RF-emitting devices are permitted, Bastille will communicate with ClearPass. This time, ClearPass will disconnect all wired terminals and desktops from the network, preventing data exfiltration. Other actions can be taken, such as alerting the IT service desk to document the violation or even notifying a physical security team to track down the device, as warranted.

With the integration of Aruba and Bastille, Federal IT leaders have situational awareness of all RF-emitting devices in their respective facilities and other defined areas, but with the added ability to immediately mitigate risk if a threat appears. In short, federal agencies and contractors have a more effective method to reduce risks instead of simply relying on a policy of honor and good intentions.

Want to learn more about protecting the network from unauthorized RF-emitted devices? Watch the on-demand webinar “Get Rid of Shadow IT and RF Network Blindness: RF Geofence Policy Enforcement” with Bob Baxley, CTO at Bastille, and Khuong Tang, Senior Systems Engineer at Aruba.

For more on the Federal IT solutions from Aruba.


Copyright © 2021 IDG Communications, Inc.