Cirond and Newbury Networks Tools Combat Rogue Wireless Access

Wi-Fi security firms Cirond Corp. and Newbury Networks announced new products this week at the Wi-Fi Planet 2003 expo here that can seek out and lock down so-called "rogue" access points.

SAN JOSE, CALIF.—Wi-Fi security firms Cirond Corp. and Newbury Networks announced new products this week at the Wi-Fi Planet 2003 expo here that can seek out and lock down so-called "rogue" access points.

Cirond, based in San Jose, announced two new versions of its AirPatrol security tool; the first, AirPatrol, uses wired networks to hunt down unauthorized access points, while a second, mobile version of the software can be run on a standalone notebook or Tablet PC.

Newbury Networks Inc. introduced Version 3.0 of its own WiFi Watchdog tool, which defines a "virtual firewall" that allows access points access to the network.


Although numbers for the number of unauthorized wireless access points within corporate networks are hard to come by, they remain one of the greatest fears of network managers, analysts said. An engineer plugging in a $80 access point into a corporate network can provide an open backdoor into the corporate network.

For example, a product such as Hewlett-Packard Co.s ProCurve 150wl 802.11b wireless card and access point can transmit data at 11Mbps at up to a rated 80 feet—far enough for a competitor to access the network from a corporations parking lot.

"When we interviewed our client companies, we found that 49 percent of them responded that rogue access points were their highest concern," said Julie Ask, research director of Jupitermedia Corp. of South Darien, Conn.

Hunting down the access points, therefore, is a priority for IT managers. Cirond, Newbury, and rivals such as AirMagnet Inc. have placed a priority on managing access points, which can cut off access when new unauthorized points are detected.

Cironds new tools are designed to expand the companys served market into the small- and medium-sized business space. On Wednesday, Cirond announced that the second version of its WiNc connectivity management tool will ship in January, 2004, and cost $2,500. The price will include 50 licenses for the complementary WiNc or PocketWiNc software which can run on either a notebook PC or handheld PDA, respectively. WiNc Manager automatically shuffles Wired Equivalent Privacy and Wi-Fi Protected Access keys, eliminating the need for users to manually enter them, and can configure the networks Wi-Fi channel allocation and provide guest access to visitors.

WiNc Manager also includes a technology called AirPatrol, the name Cirond assigned to its access point-detection service. On Thursday, Cirond said it would break out AirPatrol into two standalone products for customers who lack wireless networks: AirPatrol, which will cost $1,495, and AirPatrol Mobile, priced at $995.

While Ceronds WiNc Manager software uses a companys own Wi-Fi-enabled laptops to sniff out rogue access points, an unofficial wireless network is exactly what an AirPatrol customer may be trying to prevent, according to Nicholas Miller, president and chief executive of Cirond.

AirPatrol and AirPatrol Mobile includes MapView, which overlays the location of the access point onto a custom background, such as a scanned office diagram. To detect the rogue access point, however, customers must invest additional capital into deploying third-party wireless bridge devices, which the AirPatrol software uses as sensors.

Once the rogue access point is located, AirPatrol details the access point type, signal strength, channel and location.

"More sophisticated tools are built into WiNc," Miller said. "We just give you want you want, without the technical gobbledygook. We could provide packet-level information, but we figure our customers arent going to want it or know how to take advantage of it anyway."

Likewise, AirPort Mobile is a simpler version of the PocketWiNc software. Access points are sniffed out by manually roaming an office site with the software installed in either a tablet PC or notebook, and requires no other network equipment, Miller said.

/zimages/1/28571.gifFor more information about wireless security, click here.

Meanwhile, Boston-based Newburys WiFi Watchdog 3.0 emphasizes a "virtual firewall" in its latest release, a feature that Cironds WiNc software includes as well. Instead of using off-the-shelf Wi-Fi bridges or a corporations own wireless infrastructure, customers must purchase Newburys approved sensors. The enterprise-class tool sells for $29,995, which includes ten sensors, according to Matthew Gray, the founder and chief technical officer.

The WatchDog software can define zones of access to prevent or enable access to the WAN; for example, WatchDog can allow access within a conference room, but "wall off" the network at the boundary of the building. Although the technology is dependent on the number of sensors used, boundaries are usually about a meter thick, Gray said.

Newbury has also beefed up its detection of false positives, a weakness of competing products, Gray said. In a business park, for example, a "rogue access point" may in fact be an access point in an office next door. By identifying those access points to begin with, a network administrator can focus his time on locating the real trouble spots, he said.