Aruba Networks today announced that the Aruba wireless infrastructure withstood all attempted intrusions while providing secure wireless access during the recent DefCon and Black Hat security conferences in Las Vegas, Nevada. A final analysis of network logs from the events confirms that several thousand attempted breaches were detected and prevented. DefCon is an annual event for the "hacker underground", and Black Hat is an annual conference for security professionals.
Over 7,500 participants attended this year's events, creating what is arguably one of the fiercest hacking environments to be found. Despite a direct challenge from conference founder and organiser Jeff Moss, Aruba's wireless infrastructure stood strong.
"During my opening remarks, I explicitly encouraged attendees to take a shot at hacking the wireless network," said Jeff Moss. "Given the level and concentration of hacker talent at these events, I was more than pleasantly surprised they did not succeed. In fact, this is the first year the wireless network has managed to stay up without interruption for more than four hours. That is a true testament to the intrusion protection and advanced security functionality of Aruba's wireless solution."
The wireless network was heavily utilised during both conferences, supporting more than 2,600 users and passing more than 33GB of data. Among the attempted breaches detected and prevented were approximately:
- 535 Man-in-the-Middle attacks
- 200 denial of service attacks
- 270 rogue APs
- 750 wireless bridges
- 2,090 AP MAC spoofing attempts
- Numerous impersonation attacks, IP spoofing, and syn floods.
Aruba's wireless intrusion protection not only detects unauthorised wireless devices and access, but also provides an automated response to shut down the threat.
"We knew we were putting our equipment and technology right in the middle of the hackers' playground, but we viewed this as the ultimate test of our network security implementations," said Keerti Melkote, vice president of marketing and founder of Aruba Networks. "We are very pleased with the results and confirmation of our effectiveness, even in the most hostile of environments."
For both events, the Aruba team deployed Aruba 6000 and Aruba 2400 mobility controllers running ArubaOS mobility software, along with Aruba AP 70 access points. Aruba's mobility system delivers the industry's most secure wireless solution and includes an integrated stateful firewall, sophisticated authentication and encryption, and advanced wireless intrusion protection. To accommodate the large number of users and provide optimal performance, load balancing was turned on, and Aruba's Adaptive Radio Management self-configured and automatically adjusted the RF resources.
"The hacker community is constantly coming up with new ways to break existing systems, and we must do everything possible to stay current," said Luiz Eduardo dos Santos, leader of Aruba 's Wireless Security Incident Response Team, who closely monitored the network during the conferences. "The knowledge we gain by having DefCon and Black Hat as customers is invaluable. It gives us a first-hand opportunity to learn about new attacks, and everything we learn at their events goes directly into improving the product for our customers."