Reports ISO 27001

International Standard for Information Security (ISO 27001)
Designated Official:
14:34:17 Monday, January 29, 2007
Time Period:
Introduction to ISO 27001*1
What is ISO 27001?
ISO 27001 is an International Standard for information security that requires organizations to implement security controls to accomplish certain objectives. The
standard should be used as a model to build an Information Security Management System (ISMS).
What is an ISMS?
An ISMS is part of an organization's system that manages networks and systems. It aims to establish, implement, operate, monitor, review, maintain, and improve
information security commensurate with the perceived security risks to the business of the organization.
Who and what is affected by ISO 27001
As a model for information security, ISO 27001 is a generic standard designed for all sizes and types of organizations including governmental, non-governmental,
and non-profit organizations. It requires the managing body of an organization to plan, implement, maintain, and improve an ISMS. *2
The ISMS model ensures the selection of adequate security controls based on organizational objectives to protect all information assets, including both wireline
and wireless assets.
When is ISO 27001 effective?
ISO 27001 was published and came into effect on October 15, 2005.
1. The ISO 27001 standard is cited as ISO/IEC 27001:2005 International Standard. The ISO (International Organization for Standardization) and the IEC
(International Electrotechnical Commission) are international bodies whose members participate in developing international standards through techical
committees. The ISO/IEC 27001 was prepared by the Joint Technical Committee ISO/IEC
JTC 1, Information technology, Subcommittee SC27, IT Security techniques. For more information see http://www.17799central.com/iso-27001.htm.
2. In the United Kingdom, ISO 27001 is a direct replacement for BS7799-2:2002. It is also the preferred operative business process management system even
Live Capture
P o we r e d
by
Ai r Ma g n e t
Monday, January 29, 2007
2:34:17PM
How does an organization comply with ISO 27001?

An organization's ISMS is driven by its business needs and objectives, security requirements, and processes in light of its size and organizational structure.
To comply with ISO 27001, organizations must plan, establish, maintain, and improve an ISMS policy that includes objectives, processes, and procedures to
manage risk and improve information security.
Planning, implementing, and operating an ISMS uses the controls, processes, and procedures in ISO 27001, along with the implementation guidelines referenced
in ISO/IEC 17799:2005 ( Information technology - Security techniques - Code of practice for information security management) (Hereinafter ISO 17799).*3
Does an organization also have to comply with ISO 17799?
No. ISO 17799 provides guidelines to implement the security controls required by ISO 27001. Organizations will comply with and be certified with ISO 27001.
What exactly does an organzation have to do to comply with ISO 27001?*4
Implement plans, processes, and controls to attain certain objectives in information security that relate to an ISMS (Information Security Management System),
management responsibility and review of the ISMS, internal ISMS audits, and ISMS improvements.
The specific security controls to implement per ISO 27001 are found in Annex A of the International Standard. They are organized around clauses and can be
directly referenced to ISO 17799 for implementation guidelines. The clauses are organized around the following numbered topics that correspond to the standard:
5. Security Policy
6. Organizing Information Security
7. Asset Management
8. Human Resources Security
9. Physical and Environmental Security
10. Communications and Operations Management
11. Access Control
12. Information Systems Acquisition, Development and Maintenance
13. Information Security Incident Management
14. Business Continuity Management
15. Compliance
3. The ISO/IEC 17799 was also prepared by the Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security
techniques.
4. This report is not a contract and does not guarantee an organization's compliance with the ISO 27001 Standard. The organization is responsible for its correct
application. Also note that compliance with the International Standard does not provide immunity from legal obligations.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
How can AirMagnet help an organization comply with ISO 27001?

AirMagnet helps an organization implement security controls for wireless networks and devices to help comply with the requirements of ISO 27001, an
international industry standard for security.
Using AirMagnet products, organizations can establish, maintain, and improve information security and obtain valuable reports to review whether specific wireless
assets are within the organizaion's security requirements as identified by the ISO 27001 standard.
AirMagnet will locate and identify wireless devices on an organization's network and provide device-level alarms to document and design an information security
system. It performs stateful analysis of wireless communications to identify more than 135 classes of threats in real time and analyzes the effectiveness of
implemented controls on all wireless devices. AirMagnet determines whether or not the wireless network and specific wireless devices are in compliance with the
requirements set by the organization per the ISO 27001 standard.
AirMagnet system-level and device-specific Compliance Reports for ISO 27001 will verify and record an organization's efforts to comply with ISO 27001 as well
as other industry, legal, and regulatory requirements such as the PCI (Payment Card Industry) standard, GLBA (Gramm-Leach-Bliley Act), HIPAA (Health
Information Portability and Accounting Act), and Sarbanes Oxley Act of 2002.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
AirMagnet Disclaimer
ISO 27001 Policy Compliance Reports
AirMagnet Enterprise ISO 27001 Policy Compliance Reports provide a security framework to comply with ISO 27001 and enable an organization to plan,
establish, maintain, and improve an Information Security Management System (ISMS). An ISMS includes objectives, processes, and procedures to manage risk
and improve information security.
The Policy Compliance Reports focus on wireless network security in an ISMS and aim to guide network administrators in documenting their wireless security
policies and responding to wireless security threats and incidents in compliance with ISO 27001 and its implementation guidelines found in ISO/IEC 17799:2005
Information technology - Security techniques - Code of practice for information security management.
AirMagnet operation is limited to wireless networks and devices operating in the unregulated radio frequencies (2.4 - 5 GHz). It operates and reports on networks
and devices that use wireless technologies. It does not apply to wire-line networks and devices not operating in the wireless spectrum.
AirMagnet Policy Compliance Reports provide information about the law and are designed to help users satisfy government regulations. This information,
however, is not legal advice. AirMagnet has gone to great lengths to ensure the information contained in the Policy Compliance Reports is accurate and useful.
AirMagnet, Inc. recommends you consult legal counsel if you want legal advice on whether our information and software is interpreted and implemented to fully
comply with industry regulations.
The information contained in the Policy Compliance Reports are furnished under and subject to the terms of the Software License Agreement (License). The
Policy Compliance Reports do not create a binding business, legal, or professional services relationship between you and Airmagnet, Inc. Because business
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
1/ System Level Compliance Report

AirMagnet ISO 27001 Compliance Reports
This report summarizes your networks overall compliance with the ISO27001 on a per-policy basis.
ISO 27001 Directive
Section 4.1.
General requirements: The organization shall establish, implement, operate,
monitor, review, maintain and improve a documented ISMS within the
context of the organization's overall business activities and the risks it faces.
Section 4.2.1a)
Define the scope and boundaries of the ISMS in terms of the characteristics
of the business, the organization, its location, assets and technology, and
including details of and justification for any exclusions from the scope.
Compliance
AirMagnet Compliance Reports and device-level alarms help establish and
maintain a documented information security system for wireless networks and
devices.
AirMagnet can define the scope of the organization's wireless devices and
networks and provide asset and technology information.
Section 4.2.1b)2)
that takes into account business and legal or regulatory requirements, and
contractual security obligations.
AirMagnet includes Compliance Reports that verify and record an

organization's efforts to meet legal requirements for wireless networks and
devices. Compliance Reports include GLBA, HIPAA, and Sarbanes Oxley
Section 4.2.1b)4)
establishes criteria against which risk will be evaluated.
AirMagnet provides asset and technology information on wireless devices to

add to the criteria against which an organization's risk will be evaluated.
Section 4.2.1d)1)
Identify the assets within the scope of the ISMS, and the owners of these
assets.
AirMagnet discovers wireless devices and their capabilities to determine

wireless assets within the scope of the ISMS.
Section 4.2.1d)2)
Identify the threats to those assets.
AirMagnet perform stateful analysis of all wireless devices and transmissions

to identify more than 135 classes of threats in real time.
Section 4.2.1d)3)
Identify the vulnerabilities that might be exploited by the threats.
AirMagnet System Level and Device-specific Compliance Reports identify

controls currently implemented, and not implemented, on wireless assets.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 4.2.1f)1)
Identify and evaluate options for the treatment of risks by applying the
appropriate controls.
AirMagnet's device-specific alarms determine the existence of appropriate

controls for wireless assets in the ISMS.
Section 4.2.1f)3)
Identify and evaluate options for the treatment of risks by avoiding risks.
AirMagnet identify and evaluate security controls on wireless devices and

provides options to mitigate security concerns.
Section 4.2.1g)
Select control objectives and controls for the treatment of risks.
AirMagnet monitors and reports on security controls applied to wireless

devices to assess whether control objectives are satisfied using System Level
and Device-specific Compliance Reports.
Section 4.2.2c)
Implement the controls selected in 4.2.1g) to meet control objectives.
AirMagnet Compliance Reports confirm or deny the implementation of

security controls on wireless assets and assess whether the organization is in
conformance with this international standard.
Section 4.2.2d)
Define how to measure the effectiveness of the selected controls or groups of
controls and specify how these measurements are to be used to assess control
effectiveness to produce comparable and reproducible results.
Device-level Compliance Reports indicate the effectiveness of selected

controls for wireless assets.
Section 4.2.2f)
Manage operation of the ISMS.
AirMagnet creates and enforces security policies for wireless LANs and
devices focused on specific business needs and regulatory requirements to
help manage the ISMS.
Section 4.2.2g)
Manage resources for the ISMS.
AirMagnet creates and enforces security policies tied to specific business

needs and regulatory requirements to manage the wireless components of the
ISMS.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 4.2.3a)3)
Allow management to determine whether the security activities delegated to
people or implemented by information technology are performing as expected.
AirMagnet System Level and Device-level Compliance Reports enable

management to determine whether wireless information technology is
performing as expected.
Section 4.2.3b)
Undertake regular reviews of the effectiveness of the ISMS (including meeting
ISMS policy and objectives, and review of security controls) taking into
account results of security audits, incidents, results from effectiveness
measurements, suggestions and feedback from all interested parties.
AirMagnet Compliance Reports and notifications will enable organizations to

undertake regular reviews of wireless networks and devices to determine the
effectiveness of the wireless components in the ISMS.
Section 4.2.3c)
Measure the effectiveness of controls to verify that security requirements have
been met.
AirMagnet Compliance Reports measure the effectiveness of controls on

wireless devices to determine conformance to this International Standard.
Section 4.2.3d)4)
Monitor and review the ISMS to identify threats to the ISMS.
AirMagnet's security monitoring tools and Compliance Reports provide

information on identified and perceived threats to wireless assets to help
organizations review risk assessments.
Section 4.2.3d)5)
Monitor and review the ISMS to determine the effectiveness of the
implemented controls.
AirMagnet's security monitoring tools and Compliance Reports for wireless

networks and devices identify changes to implemented controls and their
effectiveness to add to an organization's review of risk assessment.
Section 4.2.3d)6)
Review risk assessments at planned intervals, taking into account changes to
external events, contractual obligations, and social climate.
AirMagnet Compliance Reports incorporate legal requirements to help

organizations review and update risk assessments.
Section 4.2.3e)
Conduct internal ISMS audits at planned intervals.
AirMagnet Device-level Compliance Reports satisfy an organization's internal

audit for the purposes of this international standard.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 4.2.3h)
Record actions and events that could have an impact on the effectiveness or
performance of the ISMS.
AirMagnet records diagnostic, performance, and security events occurring on

wirless assets in the ISMS, as well as any automated actions based on those
events.
Section 4.2.4b)
Take appropriate corrective and preventive actions per Sections 8.2 and 8.3,
below and apply the lessons learnt from the security experiences of this
organization and other organizations.
AirMagnet can take automated actions based on events occurring on wireless

assets using a Best Practice Policy Profile developed on the best practices of
organizations implementing wireless devices.
Section 4.2.4d)
Ensure that the improvements achieve their intended objectives.
AirMagnet Compliance Reports can determine whether improvements

achieved their objectives on wireless devices in the ISMS.
Section 4.3.1b)
ISMS documentation shall be comprehensive and include the entire scope of
the ISMS.
AirMagnet Compliance Reports help identify, locate, and determine the

capabilities of wireless assets to help document the scope of the ISMS.
Section 4.3.1c)
The ISMS documentation shall include procedures and controls to support
the ISMS.
AirMagnet Compliance Reports document controls on wireless assets to

include in ISMS documentation.
Section 4.3.3
Records shall be established and maintained to provide evidence of
conformity to requirements and the effective operation of the ISMS. They
shall be protected and controlled. The ISMS shall take account of any
relevant legal or regulatory requirements and contractual obligations.
Records shall remain legible, readily identifiable and retrievable. The
controls needed for the identification, storage, protection, retrieval, retention
time and disposition of records shall be doucmented and implemented.
AirMagnet records of events on wireless networks and devices is maintained

in a centralized, secure database with password controlled access and
assigned rights.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 5.1e)
Management is responsible for providing sufficient resources to establish,
implement, operate, montor, review, maintain, and improve the ISMS.
Airmagnet can help management establish, implement, operate, monitor,

review, maintain, and improve wireless technology in the ISMS.
Section 5.1g)
Management shall ensure that internal ISMS audits are conducted.
Management can ensure internal audits of wireless assets in the ISMS using
AirMagnet Device-level Compliance Reports.
Section 5.2.1a)
Management is responsible to establish, implement, operate, monitor, review,
maintain, and improve an ISMS.
AirMagnet can help establish, implement, operate, monitor, review, maintain,

and improve on the security of wireless assets in the ISMS.
Section 5.2.1c)
The organization shall determine and provide the resources needed to identify
and address legal and regulatory requirements and contractual security
obligations.
AirMagnet Policy Profiles can help identify and address legal and regulatory
requirements.
Section 5.2.1d)
The organization shall determine and provide the resources needed to
maintain adequate security by correct application of all implemented controls
AirMagnet Device-level Compliance Reports can monitor wireless assets and

ensure the correct application of implemented controls on wireless
technology.
Section 5.2.1f)
Management is responsible, where required, to improve the effectiveness of
the ISMS.
AirMagnet security monitoring and reporting of wireless assets helps improve

the effectiveness of the ISMS and identify threats and vulnerabilities to
wireless technology.
Section 6a)
The organization shall conduct internal ISMS audits at planned intervals to
determine whether the control objectives, controls, processes and procedures
of its ISMS conform to the requirements of this international standard and
relevant legislation or regulations.
AirMagnet Device-level Compliance Reports run at regular intervals provide

an internal audit of wireless assets to determine whether control objectives
and specific controls conform to this International Standard as well as some
legal requirements.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 6b)
The organization shall contuct internal ISMS audits at planned intervals to
determine whether the control objectives, controls, processes, and procedures
of its ISMS conform to the identified information security requirements.
AirMagnet Device-level Compliance Reports run at regular intervals to

provide an internal audit of wireless assets to determine whether control
objectives and specific controls conform to identified security requirements.
Section 6c)
of its ISMS are effectively implemented and maintained.

objectives and specific controls are adequately maintained.
Section 6d)
of its ISMS perform as expected.

objectives and specific controls perform as expected.
Section 7.2a)
Management must review the results of ISMS audits and reviews.
AirMagnet System Level and Device-level Compliance Reports can be

included in ISMS audits and reviews.
Section 7.2c)
The input to a management review shall include techniques, products or
procedures, which could be used in the organization to improve the ISMS
performance and effectiveness.
AirMagnet diagnostic, performance, and security monitoring tools are

products that can be used in the ISMS to improve performance and
effectiveness.
Section 7.2d)
The input to a management review shall include the status of preventive and
corrective actions.
Management can be notified of AirMagnet's automated actions to locate

threats, trace devices, and stop wireless threats at the source. Automated
actions are also logged in a secure, central database that can be retrieved and
reported for management's review.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 7.2e)
The input to a management review shall include vulnerabilities or threats not
adequately addressed in the previous risk assessment.
AirMagnet Device-level Compliance reports identify vulnerabilites and

threats to wireless assets on an ongoing basis.
Section 7.2f)
The input to a management review shall include results from effective
measurements.
The absense of an alarm due to the implementation of an effective security

control on a wireless device would be sufficient input to determine the
effectiveness of the control.
Section 7.2h)
The input to a management review shall include any changes that could affect
the ISMS.
AirMagnet alarm notifications and Compliance Reports document changes to

wireless assets that could affect the ISMS.
Section 7.2i)
The input to a management review shall include recommendations for
improvement.
AirMagnet makes specific recommendation for identified security threats and

vulnerabilities that can be added to management's recommendations to
improve the ISMS for wireless technology.
Section 8.3a)
Improve the ISMS by identifying potential nonconformities and their causes.
AirMagnet diagnostic, performance, and security monitoring tools identify

nonconformities in wireless devices in the ISMS. Organizations can use
AirMagnet for advice on nonconformities and configure it for automated
action where applicable.
Section 8.3b)
Improve the ISMS by evaluating the need for action to prevent occurrence of
nonconformities.

nonconfromities in wireless devices in the ISMS. Organizations can use
Section 8.3c)
Determine the need for preventive action and take such action where
necessary.

Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section 8.3d)
Improve the ISMS by recording results of actions taken.

nonconformities in wireless devices in the ISMS. Organziations can use
action where applicable. Automated actions are logged in a secure, central
Section 8.3e)
Improve the ISMS by reviewing the preventive action taken on a regular basis.

action where applicable. Organizations run Device-level Compliance Reports
Section A.10.10.1
Audit logs recording user activities, exceptions, and information security
events shall be produced and kept for an agreed period to assist in future
investigations and access control monitoring.
AirMagnet Enterprise maintains logs of user and devices in a central, secure

data store.
Section A.10.10.3
Logging facilities and log information shall be protected against tampering
and unauthorized access.

data store.
Section A.10.10.4
System administrator and system operator activities shall be logged.

data store.
Section A.10.10.5
Faults shall be logged, analyzed, and appropriate action taken.
AirMagnet Enterprise logs all faults to a centralized, secure server.
Section A.11.2.2
Ensure the correct and secure operation of information processing facilities by
restricting, controlling, and allocating the use of privilges.
The allocation and use of privileges shall be restricted and controlled.
AirMagnet Compliance Reports and configurable notifications report on

Section A.13.1.1
security events in timely manner.
Ensure information security events and weaknesses associated with
information systems are communicated in a manner allowing timely corrective
action to be taken.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001 Directive
Compliance
Section A.13.2.1
Where a follow-up action against a person or organization after an
information security incident involves legal action (either civil or criminal),
evidence shall be collected, retained, and presented to conform to the rules for
AirMagnet's secure, centralized log file collects the anatomy of a security

incident for future prosecution or litigation.
Section A.14.1.2
Counteract interruptions to business activities and protect critical business
processes from the effects of major failures or natural disasters and ensure
their timely resumptioin by
identifying events that cause disruption along with the probability and impact
of such interruptions and their consequences for information security.
AirMagnet Compliance Reports and notifications inform the organization of

security incidents and provide the impact of the event on information
security.
Section A.15.1.1
Avoide breaches of any law, statutory, regulatory, or contractual obligations.
AirMagnet Compliance Reports help an organization satisfy legal

requirements can be used to help an organization meet statutory and
regulatory obligations.
Section A.15.3.2
Maximize the effectiveness of and minimize interference to and from the
information systems audit process by protecting the systems' audit tools from
possible misuse or compromise.
AirMagnet Enterprise secures audit information on wireless devices in the

ISMS and uses a centralized database with authentication and distributed
rights access. Changes to the database are logged and archived for a separate,
independent audit of the AirMagnet system.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
2/ Policy Level Compliance Report

This report summarizes your networks compliance on a per-policy basis, showing you the total number of devices that are in compliance or violation of each and
every policy in the ISO 27001 Policy.
ISO 27001
A.9.2.4
10.9.1
10.9.2
4.2.2.h)
A.15.2.2
A.15.1.6
A.15.2.1
4.2.3a)1)
4.2.3a)2)
A.15.1.4
A.12.3.2
A.12.3.1
4.2.3a)4)
A.12.2.3
A.12.2.2
A.11.7.1
A.10.1.2
A.10.8.5
A.10.8.4
A.10.8.3
A.10.6.1
A.10.3.1
A.10.8.1
10.9.1
10.9.2
4.2.2.h)
4.2.3a)1)
4.2.3a)2)
4.2.3a)4)
A.10.1.2
A.10.3.1
A.10.6.1
A.10.8.1
A.10.8.3
A.10.8.4
A.10.8.5
A.11.1.1
A.11.2.1
A.11.4.1
A.11.4.2
A.11.4.3
A.11.4.6
A.11.7.1
A.12.2.2
A.12.2.3
A.12.3.1
A.12.3.2
A.12.5.1
A.12.5.3
A.15.1.4
A.15.1.6
A.15.2.1
A.15.2.2
A.9.2.4
Total:
1.8%
4.1%
9.5%
4.1%
9.4%
9.5%
7.0%
4.1%
9.4%
1.8%
1.8%
1.8%
1.8%
0.0%
0.0%
0.0%
0.0%
0.0%
0.0%
1.8%
0.8%
2.1%
1.8%
1.8%
0.0%
0.0%
1.5%
1.5%
9.5%
9.5%
4.1%
100.0%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
ISO 27001
180
160
140
# of Devices
120
100
80
60
40
20
4.
2.
4. 2.h
2. )
3a
4. )1
2. )
3
4. a)2
2. )
3a
)
A. 4)
9.
A. 2.4
10
.
A. 1.2
10
.
A. 3.1
10
.
A. 6.1
10
.
A. 8.1
10
.
A. 8.3
10
.
A. 8.4
10
.8
.
10 5
.9
.
10 1
.9
A. .2
11
.
A. 1.1
11
.
A. 2.1
11
.
A. 4.1
11
.
A. 4.2
11
.
A. 4.3
11
.
A. 4.6
11
.
A. 7.1
12
.
A. 2.2
12
.
A. 2.3
12
.
A. 3.1
12
.
A. 3.2
12
.
A. 5.1
12
.
A. 5.3
15
.
A. 1.4
15
.
A. 1.6
15
.
A. 2.1
15
.2
.2
# Violating
Devices
# Compliance
Devices
Compliance Device
Policy
Violation
Violating Device
4.2.2.h)Implement procedures and other controls capable of enabling

prompt detection of security events and response to security incidents.
81
59
105
64.02%
4.2.3a)1) Promptly detect errors in the results of processing.
35
32
132
80.49%
4.2.3a)2) Promptly identify attempted and successful security breaches and

incidents.
80
59
105
64.02%
4.2.3a)4) Help detect security events and thereby prevent security incidents
by the use of indicators.
81
59
105
64.02%
A.9.2.4 Prevent loss, damage, theft or compromise of assets and

interruption to the organization's activities
35
32
132
80.49%
A.10.1.2 Ensure the correct and secure operation of information

processing facilities.
60
56
108
65.85%
A.10.3.1 Minimize the risk of systems failures.
35
32
132
80.49%
ISO 27001
Compliance
%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
A.10.6.1 Ensure the protection of information in networks and the

protection of the supporting infrastructure.
80
59
105
64.02%
A.10.8.1 To maintain the security of information and software exchanged

within an organization and with any external entity.
15
15
149
90.85%
A.10.8.3 Maintain the security of information and software exchanged

15
15
149
90.85%

15
15
149
90.85%

15
15
149
90.85%
10.9.1 Ensure the security of electronic commerce services, and their

secure use.
15
15
149
90.85%
10.9.2 Ensure the security of electronic commerce services, and their

secure use.
35
32
132
80.49%
A.11.1.1 Control access to information.
164
100.00%
A.11.2.1 Ensure the correct and secure operation of information

processing facilities.
164
100.00%
A.11.4.1 Prevent unauthorized access to networked services.
164
100.00%
164
100.00%
164
100.00%
164
100.00%
15
15
149
90.85%
A.12.2.2 Prevent errors, loss, unauthorized modification or misuse of

information in applications.
158
96.34%
A.12.2.3 Prevent errors, loss, unauthorized modification or misuse of

information in applications
18
16
148
90.24%
A.12.3.1 Protect the confidentiality, authenticity or integrity of

information by cryptographic means.
15
15
149
90.85%
A.12.3.2 Protect the confidentiality, authenticity or integrity of

information by cryptographic means.
15
15
149
90.85%
A.12.5.1 Maintain the security of application system software and

information
164
100.00%
A.12.5.3 Maintain the security of application system software and

information
164
100.00%
A.11.7.1 Ensure information security when using mobile computing and

teleworking facilities.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
A.15.1.4 Avoid breaches of any law, statutory, regulatory or contractual

obligations, and of any security requirements.
13
13
151
92.07%
A.15.1.6 Avoid breaches of any law, statutory, regulatory or contractual

obligations, and of any security requirements.
13
13
151
92.07%
A.15.2.1 Ensure compliance of systems with organizational security

policies and standards.
81
59
105
64.02%
A.15.2.2 Ensure compliance of systems with organizational security

policies and standards.
81
59
105
64.02%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
Compliance
Status
# Compliance
Devices
AirMagnet Alarms
# Violating
Devices
ISO 27001 Directive
4.2.2.h)Implement procedures and other controls capable of enabling prompt detection of security events and
response to security incidents.
2
162
98.78%
AP broadcasting SSID
32
132
80.49%
Exposed Wireless Station detected
24
140
85.37%
DoS: Unauthenticated association
163
99.39%
12
152
92.68%
AP operating in bridged mode detected
160
97.56%
Potential Pre-802.11n device detected
163
99.39%
Client with encryption disabled
163
99.39%
Device Probing for APs
160
97.56%
Excessive low speed transmission
160
97.56%
Ad-hoc node using AP's SSID
163
99.39%
Higher speed not supported
163
99.39%
16
148
90.24%
161
98.17%
10
154
93.90%
Crackable WEP IV key used
Device unprotected by TKIP
4.2.3a)1) Promptly detect errors in the results of processing.
Unassociated station detected

Excessive frame retries
Excessive missed AP beacons
4.2.3a)2) Promptly identify attempted and successful security breaches and incidents.
24
140
85.37%
163
99.39%
163
99.39%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
162
98.78%
12
152
92.68%
160
97.56%
32
132
80.49%
160
97.56%
4.2.3a)4) Help detect security events and thereby prevent security incidents by the use of indicators.
162
98.78%
12
152
92.68%
163
99.39%
32
132
80.49%
24
140
85.37%
160
97.56%
163
99.39%
163
99.39%
160
97.56%
A.9.2.4 Prevent loss, damage, theft or compromise of assets and interruption to the organization's activities
1
163
99.39%
16
148
90.24%
160
97.56%
163
99.39%
161
98.17%
10
154
93.90%
24
140
85.37%
160
97.56%
32
132
80.49%

A.10.1.2 Ensure the correct and secure operation of information processing facilities.
A.10.3.1 Minimize the risk of systems failures.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
161
98.17%
160
97.56%
10
154
93.90%
16
148
90.24%
163
99.39%
163
99.39%
A.10.6.1 Ensure the protection of information in networks and the protection of the supporting infrastructure.
163
99.39%
160
97.56%
162
98.78%
32
132
80.49%
24
140
85.37%
163
99.39%
12
152
92.68%
160
97.56%

A.10.8.1 To maintain the security of information and software exchanged within an organization and with any
external entity.
162
98.78%
12
152
92.68%
163
99.39%
A.10.8.3 Maintain the security of information and software exchanged within an organization and with any
external entity.
163
99.39%
162
98.78%
12
152
92.68%
external entity.
163
99.39%
162
98.78%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
12
152
92.68%
external entity.
163
99.39%
162
98.78%
12
152
92.68%
12
152
92.68%
163
99.39%
162
98.78%
10.9.1 Ensure the security of electronic commerce services, and their secure use.
10.9.2 Ensure the security of electronic commerce services, and their secure use.
161
98.17%
163
99.39%
16
148
90.24%
163
99.39%
10
154
93.90%
160
97.56%
A.11.7.1 Ensure information security when using mobile computing and teleworking facilities.
163
99.39%
162
98.78%
12
152
92.68%
A.12.2.2 Prevent errors, loss, unauthorized modification or misuse of information in applications.

160
97.56%
161
98.17%
A.12.2.3 Prevent errors, loss, unauthorized modification or misuse of information in applications

10
154
93.90%
160
97.56%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
161
98.17%
163
99.39%
A.12.3.1 Protect the confidentiality, authenticity or integrity of information by cryptographic means.

12
152
92.68%
163
99.39%
162
98.78%
A.12.3.2 Protect the confidentiality, authenticity or integrity of information by cryptographic means.

162
98.78%
12
152
92.68%
163
99.39%
A.15.1.4 Avoid breaches of any law, statutory, regulatory or contractual obligations, and of any security
requirements.
163
99.39%
12
152
92.68%
A.15.1.6 Avoid breaches of any law, statutory, regulatory or contractual obligations, and of any security
requirements.
163
99.39%
12
152
92.68%
A.15.2.1 Ensure compliance of systems with organizational security policies and standards.
12
152
92.68%
163
99.39%
160
97.56%
24
140
85.37%
32
132
80.49%
163
99.39%
160
97.56%
162
98.78%
163
99.39%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
A.15.2.2 Ensure compliance of systems with organizational security policies and standards.
160
97.56%
163
99.39%
163
99.39%
160
97.56%
162
98.78%
32
132
80.49%
24
140
85.37%
163
99.39%
12
152
92.68%
Notes:
1) By default, your network fails to comply with the ISO 27001 Directive if one of the devices violates any of its policy sections.
2) Link: http://www.17799central.com/iso-27001.htm
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
3/ Device-Specific Compliance Report
Compliance
%
100.00%
A.15.2.2
P P P P P P P P P P P P P P P P P
A.15.2.1
P P
A.15.1.6
P P
A.15.1.4
100.00%
A.12.5.3
A.12.5.1
P P
A.12.3.2
P P
A.12.3.1
P P P P P P P P P P
A.12.2.3
100.00%
A.12.2.2
A.11.7.1
P P
A.11.4.6
P P
A.11.4.3
P P P P P P P P P P
A.11.4.2
63.33%
A.11.4.1
P P P P P P P P P P P P P P P F F
A.11.2.1
P F
A.11.1.1
F F F F F F F F P P P P
10.9.2
86.67%
10.9.1
A.10.8.5
P F
A.10.8.4
P P
A.10.8.3
P F P P F P F P P P
00:16:B6:F9:2E:CC-b
Channel: ?
A.10.8.1
76.67%
A.10.6.1
A.10.3.1
P P
A.10.1.2
F P F F P F P F P P P P
A.9.2.4
00:90:4B:BD:FC:3A-b
Channel: ?
GemTek
QA_linksys2
4.2.3a)4)
MAC Address-Media
CHANNEL
VENDOR
SSID
4.2.3a)2)
ISO 27001 Policy Sections

4.2.3a)1)
Device Information
4.2.2.h
This report contains detailed information about devices in compliance or violation of the ISO 27001 Directive. It checks the devices against each and every
provision in the Directive to show what policy sections are violated or upheld to. It lists all wireless devices deployed on your WLAN. The devices can be sort by
MAC address, media type, SSID, or vendor.
QA_linksys2
00:40:96:AF:8C:79-b
Channel: ?
Cisco
dlinkG
98:06:9D:D5:FF:31-b
Channel: ?
Sensor Coverage Survey
00:90:7A:05:2F:CF-b
Channel: 2
SpectraLink
AirMagnetGuest
00:90:7A:05:12:AC-b
Channel: 5
P P P P P P P P P P
SpectraLink
qa_wireless_11a_only@tv
_cubicle
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:02:6F:20:2D:E7-b
Channel: ?
P P P P P P P P P P
Senao
_cubicle
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:12:17:B5:AA:45-b
Channel: 10
Cisco
QA_linksys2
F F F F F F F F F F F F
F F
P P P P P P F F F F F P P F F F F
23.33%
00:02:6F:22:36:6E-b
Channel: 2
Senao
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:22:7E:E9-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:20:32:3D-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:14:F1:AF:1B:97-b
Channel: 7
Cisco
QA-1130-15
P P
76.67%
60:1D:4D:7A:96:B2-b
Channel: ?
compg
72:ED:3F:67:E4:B3-b
Channel: ?
Buffalo
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:20:A6:52:8F:65-b
Channel: 8
Proxim
tv-Wireless Network B
P P
76.67%
00:0B:86:84:B5:30-b
Channel: 8
Aruba
aruba-engr-11g
P F
P P P P P P P P F P P P P P P F F
60.00%
00:11:5C:4D:E8:41-b
Channel: 4
Cisco
AirMagnetGuest
P P
76.67%
P F
63.33%
00:0D:ED:AB:7C:23-b
Channel: ?
Cisco
Netgear
P P P P P P P P P P
P P
P P
100.00%
00:40:96:A1:4A:F8-b
Channel: ?
Cisco
BuffaloQA
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:0E:35:C0:35:7D-g
Channel: 4
Air2
00:16:6F:9C:00:A0-b
Channel: 10
QA_linksys2
28:B7:C6:A0:0B:B7-b
Channel: ?
QA_linksys2
00:13:02:1F:F0:1D-b
Channel: ?
NGbg
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:0C:F1:3E:E6:58-b
Channel: ?
P P
76.67%
P P P P P P P P P P
P P
P P
100.00%
P P
P P
100.00%
NGbg
00:14:A5:49:D3:3B-b
Channel: ?
GemTek
00:14:A5:54:87:1A-b
Channel: ?
P P P P P P P P P P
GemTek
_cubicle
00:90:7A:05:2E:45-b
Channel: 2
SpectraLink
compa
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:22:3B:D3-b
Channel: ?
Senao
compa
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
F F
P P P P P P F P F F F P P F F F F
26.67%
P F
60.00%
32:64:0D:38:5B:8F-b
Channel: ?
NGbg
00:0C:41:A8:7A:C2-b
Channel: 9
ENG-linksys_rtf
00:14:F1:AF:1B:96-b
Channel: 7
Cisco
QA-1130-14
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:12:17:DB:88:81-b
Channel: 11
Cisco
QA_linksys1
P F
P P P P P P P F F P P P P P P F F
56.67%
00:11:5C:4D:E8:40-b
Channel: 4
Cisco
Air2
F P F F P F P F F F F F
F P
P P P P P P F P P F F P P F F F F
43.33%
00:0B:85:79:03:C0-b
Channel: 11
Airespace
QA-1130-15
P P P P P P P P P P
P P
P P
100.00%
00:15:2B:AC:CB:CF-b
Channel: 7
Cisco
AM_vofi
P P P P P P P P P P
P P
P P
100.00%
00:90:96:C6:C2:CE-b
Channel: ?
Askey
Air3
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:66:24:90-b
Channel: ?
Airespace
<No current ssid>
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:26:7F:80-b
Channel: ?
Airespace
<No current ssid>
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:12:F0:1A:6C:5D-b
Channel: ?
<No current ssid>
00:90:7A:05:2E:AA-b
Channel: 2
SpectraLink
NETGEAR
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:02:6F:22:7E:E7-b
Channel: ?
Senao
compg
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:14:F1:AF:1B:95-b
Channel: 7
Cisco
QA-1130-13
P P
76.67%
00:20:A6:53:8E:73-b
Channel: 8
Proxim
BuffaloQA
F F
26.67%
00:90:96:CB:2F:8B-b
Channel: ?
Askey
P P
76.67%
P P P P P P P P P P
P P
P P
100.00%
F F
P P P P P P F F F F F P P F F F F
23.33%
00:14:F1:AF:1B:94-b
Channel: 7
Cisco
QA-1130-12
P P
76.67%
00:0F:34:A7:78:10-b
Channel: 2
Cisco
QAVOFI
P F P P F P F P P P
P F
P P P P P P P F F P P P P P P P P
80.00%
04:83:6D:6C:AE:AA-b
Channel: ?
NGbg
00:13:02:1B:3A:AC-b
Channel: ?
<No current ssid>
00:0D:0B:4F:5E:00-b
Channel: 6
BuffaloWing
P P
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:0B:85:01:33:A0-b
Channel: ?
Airespace
QA-1130-13
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:14:F1:AF:1B:93-b
Channel: 7
Cisco
QA-1130-11
P F
60.00%
00:0B:46:91:EA:72-b
Channel: 1
Cisco
BuffaloQA
P P P P P P P P P P
P P
100.00%
00:12:F0:9E:5D:01-b
Channel: ?
00:90:4B:BD:FC:46-b
Channel: ?
GemTek
NGbg
00:0E:35:0D:DA:73-b
Channel: ?
QAVOFI
00:0C:F1:42:84:29-b
Channel: ?
QAVOFI
00:0C:F1:4C:27:6E-b
Channel: ?
NGbg
B8:8D:56:46:54:8B-b
Channel: ?
NGbg
P P
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:0E:35:C0:5D:AE-g
Channel: 2
P F
63.33%
00:90:4B:BD:FC:34-b
Channel: 8
GemTek
HopOnWireless
P P P P P P P P P P
P P
P P
100.00%
00:90:4B:BD:FD:12-b
Channel: ?
GemTek
HopOnWireless
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
F F F F F P F F F F F F
F F
P P P P P P F F F F F P P P P F F
33.33%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
QAVOFI
68:B3:1E:94:E5:5B-b
Channel: ?
HopOnWireless
00:90:7A:05:2F:74-b
Channel: 5
SpectraLink
QAVOFI
00:16:6F:6D:57:FA-b
Channel: ?
Air2
00:13:02:1B:39:88-b
Channel: ?
aruba-engr-11a
00:14:A5:01:94:D0-b
Channel: 8
GemTek
02:24:12:1D:E4:3D-b
Channel: ?
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:02:6F:20:6C:90-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:14:F1:AF:1B:92-b
Channel: 7
Cisco
QA-1130-10
P P
76.67%
00:0B:85:01:33:AF-b
Channel: 10
Airespace
QA-1130-11
P P P P P P P P P P
P P
P P
100.00%
00:03:7F:BE:E0:35-b
Channel: ?
Atheros
compg
P P
76.67%
00:40:96:A4:0E:EC-b
Channel: ?
Cisco
compg
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
F P
43.33%
00:0E:35:7F:4E:29-b
Channel: ?
00:02:6F:20:32:6A-b
Channel: ?
Senao
00:0B:7D:27:9C:EB-b
Channel: ?
Air2
00:40:96:59:A9:39-b
Channel: 6
Cisco
QA-350-2
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:14:F1:AF:1B:91-b
Channel: 7
Cisco
P P
P P
100.00%
P F
60.00%
P P P P P P P P P P
P P
P P
100.00%
00:90:4B:BD:FD:21-b
Channel: ?
GemTek
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:90:4B:BD:FC:43-b
Channel: 10
GemTek
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:21:27:23-b
Channel: 10
Senao
P P P P P P P P P P
P P
P P
100.00%
00:90:7A:04:F0:C4-b
Channel: 2
SpectraLink
P P P P P P P P P P
P P
P P
100.00%
00:14:F1:09:12:D8-b
Channel: ?
Cisco
P P P P P P P P P P
P P
P P
100.00%
00:11:F5:43:B1:B9-b
Channel: 1
P P P P P P P P P P

96:20:7C:98:19:E6-b
Channel: ?
NGbg
00:59:29:6D:54:0D-b
Channel: ?
MetroFi-Free
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:14:F1:AF:1B:90-b
Channel: 7
Cisco
AM_vofi
F P F F P P P F F F F F
F P
46.67%
00:13:80:43:11:55-b
Channel: 11
Cisco
QA-1200-7
F F
26.67%
00:0B:85:52:FF:F0-b
Channel: 11
Airespace
QA-350-2
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:54:D8:30-b
Channel: ?
Airespace
QA_linksys2
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:04:23:A2:81:E8-b
Channel: ?
Intel
AirMagnetGuest
P P P P P P P P P P
P P
P P
100.00%
00:90:4B:BD:FD:0F-b
Channel: ?
GemTek
compg
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
6E:BB:13:70:43:A0-b
Channel: ?
QA_linksys2
00:12:F0:95:67:4B-b
Channel: ?
AirMagnetGuest
42:DE:6D:E4:F7:D0-b
Channel: ?
Buffalo
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:13:80:43:11:54-b
Channel: 11
Cisco
QA-1200-32
P P
76.67%
00:14:A5:54:85:67-b
Channel: ?
GemTek
compg
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:20:2D:88-b
Channel: 8
Senao
P P P P P P P P P P
P P
P P
100.00%
P P
P P
100.00%
P P
P P
100.00%
P P
76.67%
00:13:80:43:11:53-b
Channel: 11
Cisco
QA-1200-31
F F
26.67%
00:13:80:43:12:20-b
Channel: 11
Cisco
QA-1200-36
P P
76.67%
00:02:6F:21:2A:43-b
Channel: ?
P P P P P P P P P P
Senao
_cubicle
6E:B0:18:D5:8B:09-b
Channel: ?
P P P P P P P P P P

00:13:5F:F9:7F:00-b
Channel: 10
compg
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:13:80:43:15:20-b
Channel: 2
Cisco
QA_QATest4
P F
60.00%
00:90:4B:72:B8:6D-b
Channel: ?
GemTek
P-780_g6
P F
63.33%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
F F
30.00%
P P P P P P P P P P
P P
P P
100.00%
P F
63.33%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:16:6F:6C:72:B4-b
Channel: ?
Monitored
00:16:6F:54:3C:95-b
Channel: ?
Sabre
00:14:A5:01:95:87-b
Channel: 8
GemTek
00:0C:F1:42:8B:BC-b
Channel: ?
Sabre
00:90:4B:CC:75:7E-b
Channel: ?
GemTek
NGbg
00:16:CF:9F:E8:EC-b
Channel: ?
compa
D6:C2:55:CC:AA:FD-b
Channel: ?
compa
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:13:80:43:11:52-b
Channel: 11
Cisco
QA-1200-30
P P
76.67%
P P
76.67%
00:02:6F:3A:3F:B1-b
Channel: ?
Senao
PRISM-SSID
P F
63.33%
00:02:6F:20:18:85-b
Channel: ?
Senao
P P
76.67%
00:02:6F:22:37:52-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:20:8A:BF-b
Channel: 2
Senao
NGbg
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P F
63.33%
P P P P P P P P P P
P P
100.00%
00:14:A8:53:4C:60-b
Channel: 7
tech-1200
00:0E:35:89:B5:C3-b
Channel: ?
<No current ssid>
00:13:CE:CF:4A:D7-b
Channel: ?
NETGEAR
00:02:8A:A8:9A:15-b
Channel: 11
Ambit
QA-1200-26
P P
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:13:80:43:11:51-b
Channel: 11
Cisco
QA-1200-26
P P
76.67%
P F
63.33%
00:90:7A:05:07:F3-b
Channel: 5
SpectraLink
QAVOFI
F F F F F P F F F F F F
F F
P P P P P P F F F F F P P P P F F
33.33%
00:02:6F:20:8C:E0-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:14:A5:54:77:FC-b
Channel: 2
GemTek
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:40:96:AF:31:BC-b
Channel: ?
Cisco
<No current ssid>
P P P P P P P P P P
P P
P P
100.00%
00:40:96:A1:49:BA-b
Channel: ?
Cisco
<No current ssid>
P P
76.67%
00:13:80:43:11:50-b
Channel: 11
Cisco
QA-1200-25
P P
76.67%
00:09:5B:D6:5C:F8-b
Channel: 2
Netgear
NGbg
P P
76.67%
00:12:F0:29:83:8A-b
Channel: ?
HopOnWireless
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:0B:85:54:EA:60-b
Channel: 11
Airespace
QA-1200-26
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:21:C4:7C-b
Channel: ?
Senao
BuffaloQA
P P
76.67%
00:02:6F:22:00:5E-b
Channel: ?
Senao
BuffaloQA
P P
76.67%
00:09:7C:14:A7:0D-b
Channel: ?
Cisco
ANY
P F
63.33%
00:02:6F:20:2E:0D-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
00:14:A5:01:95:84-b
Channel: 2
GemTek
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:14:A5:01:95:EA-b
Channel: 2
GemTek
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:14:A5:01:95:B7-b
Channel: ?
GemTek
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:CD:59:78:3C:00-b
Channel: ?
HopOnWireless
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:40:96:AB:51:F4-b
Channel: ?
Cisco
Air2
P F
63.33%
00:0B:46:91:E2:48-b
Channel: ?
Cisco
QA-1200-32
P F P P F P F P P P
P P
P F
86.67%
00:40:96:A8:2E:28-b
Channel: ?
Cisco
QAVOFI
P P
76.67%
00:90:4B:BD:FC:D6-b
Channel: ?
GemTek
NGbg
P P P P P P P P P P
P P
P P
100.00%
00:40:96:59:B9:44-b
Channel: 6
Cisco
QA-350-2
F P
43.33%
00:02:8A:A3:09:20-b
Channel: 9
Ambit
QA-1200-25
P P P P P P P P P P
P P
P P
100.00%
00:20:A6:4C:A6:A3-b
Channel: ?
Proxim
AM_vofi
P P
76.67%
00:15:F9:41:C4:46-b
Channel: 7
Cisco
AM_vofi
P P P P P P P P P P
P P
P P
100.00%
00:02:6F:20:32:2F-b
Channel: ?
Senao
P P P P P P P P P P
P P
P P
100.00%
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:02:6F:21:29:D7-b
Channel: ?
Senao
compg
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
P P P P P P P P P P
P P
P P
100.00%
00:11:5C:4D:E9:11-b
Channel: 4
Cisco
AirMagnetGuest
P P
76.67%
00:07:85:B3:8A:E3-b
Channel: 5
Cisco
QAVOFI
P F P P F P F P P P
P P
P F
P P P P P P P P F P P P P P P P P
83.33%
00:0B:85:01:34:40-b
Channel: 11
Airespace
QA-350-2
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:23:7B:00-b
Channel: 11
Airespace
QA-350-2
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:08:12:D0-b
Channel: 11
Airespace
QA-350-2
P P P P P P P P P P
P P
P P
100.00%
00:13:CE:C8:54:ED-b
Channel: ?
Air2
00:90:4B:BD:FD:09-b
Channel: 10
GemTek
00:13:02:89:9F:86-b
Channel: ?
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
00:04:23:6C:CB:AC-b
Channel: 11
Intel
whitman_wireless
P F
63.33%
00:0B:85:54:E9:90-b
Channel: ?
Airespace
EagerWireless
P P P P P P P P P P
P P
P P
100.00%
00:0B:85:04:3A:80-b
Channel: ?
Airespace
EagerWireless
P P P P P P P P P P
P P
P P
100.00%
P F
63.33%
P F
63.33%
P P P P P P P P P P
P P
P P
100.00%
F P
43.33%
F P
43.33%
00:13:02:77:23:ED-b
Channel: ?
EagerWireless
00:13:02:31:12:22-b
Channel: ?
GoogleWiFi
5C:7B:25:56:9C:A1-b
Channel: ?
AM_vofi
00:0D:0B:1A:14:03-b
Channel: 10
Buffalo
00:11:5C:4D:E9:10-b
Channel: 4
Cisco
Air2
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM
Notes:
1) P = Pass and F = Fail.
2) Channel specific policy violations will not be included in the Device-Specific Compliance Report.
3) AirMagnet has enabled alarms relevant to theISO 27001 Directive in its Policy Compliance Reports.Disabling any alarms tied to the Reports will
degrade their effectiveness and result in a wireless network that does not comply with the respective industry regulations.
Live Capture
P o we r e d
by
Ai r Ma g n e t
2:34:17PM

Reports ISO 27001

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Reports ISO 27001

Enviado por

Direitos autorais:

Formatos disponíveis

International Standard for Information Security (ISO 27001)

Monday, January 29, 2007

How does an organization comply with ISO 27001?

Monday, January 29, 2007

How can AirMagnet help an organization comply with ISO 27001?

Monday, January 29, 2007

Monday, January 29, 2007

1/ System Level Compliance Report

AirMagnet includes Compliance Reports that verify and record an

AirMagnet provides asset and technology information on wireless devices to

AirMagnet discovers wireless devices and their capabilities to determine

AirMagnet perform stateful analysis of all wireless devices and transmissions

AirMagnet System Level and Device-specific Compliance Reports identify

Monday, January 29, 2007

ISO 27001 Directive

AirMagnet's device-specific alarms determine the existence of appropriate

AirMagnet identify and evaluate security controls on wireless devices and

AirMagnet monitors and reports on security controls applied to wireless

AirMagnet Compliance Reports confirm or deny the implementation of

Device-level Compliance Reports indicate the effectiveness of selected

AirMagnet creates and enforces security policies tied to specific business

Monday, January 29, 2007

ISO 27001 Directive

AirMagnet System Level and Device-level Compliance Reports enable

AirMagnet Compliance Reports and notifications will enable organizations to

AirMagnet Compliance Reports measure the effectiveness of controls on

AirMagnet's security monitoring tools and Compliance Reports provide

AirMagnet's security monitoring tools and Compliance Reports for wireless

AirMagnet Compliance Reports incorporate legal requirements to help

AirMagnet Device-level Compliance Reports satisfy an organization's internal

Monday, January 29, 2007

ISO 27001 Directive

AirMagnet records diagnostic, performance, and security events occurring on

AirMagnet can take automated actions based on events occurring on wireless

AirMagnet Compliance Reports can determine whether improvements

AirMagnet Compliance Reports help identify, locate, and determine the

AirMagnet Compliance Reports document controls on wireless assets to

AirMagnet records of events on wireless networks and devices is maintained

Monday, January 29, 2007

ISO 27001 Directive

Airmagnet can help management establish, implement, operate, monitor,

AirMagnet can help establish, implement, operate, monitor, review, maintain,

AirMagnet Device-level Compliance Reports can monitor wireless assets and

AirMagnet security monitoring and reporting of wireless assets helps improve

AirMagnet Device-level Compliance Reports run at regular intervals provide

Monday, January 29, 2007

ISO 27001 Directive

AirMagnet Device-level Compliance Reports run at regular intervals to

AirMagnet Device-level Compliance Reports run at regular intervals to

AirMagnet Device-level Compliance Reports run at regular intervals to

AirMagnet System Level and Device-level Compliance Reports can be

AirMagnet diagnostic, performance, and security monitoring tools are

Management can be notified of AirMagnet's automated actions to locate

Monday, January 29, 2007

ISO 27001 Directive

AirMagnet Device-level Compliance reports identify vulnerabilites and

The absense of an alarm due to the implementation of an effective security

AirMagnet alarm notifications and Compliance Reports document changes to

AirMagnet makes specific recommendation for identified security threats and

AirMagnet diagnostic, performance, and security monitoring tools identify

AirMagnet diagnostic, performance, and security monitoring tools identify

AirMagnet diagnostic, performance, and security monitoring tools identify

Monday, January 29, 2007

ISO 27001 Directive