Security developers took more than a decade to move from intrusion detection to intrusion prevention in the world of wired networking. But in the fast-paced wireless space, vendors are already jumping on prevention as the first step in security.
Companies such as AirDefense Inc. and Wibhu Technologies Inc. are set to release new tools that borrow heavily from their wired counterparts and introduce IPSes (intrusion prevention systems) to WLANs (wireless LANs) for the first time.
AirDefense, the Atlanta-based WLAN security pioneer that had been focused on detecting attacks, this week will roll out Version 6.0 of its namesake product with new laptop-based network protection built into the client. Called AirDefense Personal, the new capability comes as an agent that continually checks for malicious or unwanted connections to networks.
The agent also checks for bad configurations on protected machines, alerting users and the AirDefense server when a problem is found.
The new version will include the ability to automatically detect and terminate clients on the WLAN. Using a predefined corporate policy, AirDefense 6.0 communicates with the AirDefense sensors to locate and analyze rogue clients when they connect to the network. The system can then alert the administrator or automatically disconnect the client.
AirDefenses new release, available this week and priced starting at $6,995, includes a mapping feature that shows administrators where each wireless network device is at any given time. For enterprise IT departments that have been reluctant to deploy WLANs for security reasons, the visibility and access control that Version 6.0 offers could make the decision easier.
“Security is a huge concern in the wireless environment. You have to protect wireless just like wired networks,” said Fred Nwokobia, senior engineer at Lehman Brothers Inc., in New York, and an AirDefense customer. “[The automatic disconnect] is a great feature. But you have to regulate it by policy, or you could do damage to a neighbors network.”
While AirDefense continues to refine its offering, Wibhu Technologies, which will change its name to AirTight Networks Inc. next week, will release its first security solution at months end.
Next Page: Mapping feature tracks devices on the WLAN.
TKTK
SpectraGuard uses proprietary algorithms to analyze each device as it attempts to connect to the WLAN to determine whether it is safe or potentially malicious. Once that decision is made, administrators can use the tools built-in mapping feature to track devices on the WLAN, as well as those that are not connected to the network but are in range of it.
“You have to be more accurate than an IDS [intrusion detection system] because you see wireless devices that have nothing to do with your network. You cant just start shutting them down,” said David King, CEO of Wibhu, based in Mountain View, Calif. “But anything thats a real security threat, we block it instantly.”
SpectraGuard, which will be available later this month, can also be configured using a white-list feature, which restricts connection to clients explicitly permitted to use the WLAN. No pricing has been set, according to officials.
In addition to the new releases from AirDefense and Wibhu, some other established vendors also are making moves in the WLAN security arena.
Highwall Technologies Ltd. Dec. 1 will announce the latest release of its WLAN monitoring and security system, according to officials at the Sarasota, Fla., company.
Highwall Enterprise 3.0 combines Wi-Fi sensors and antennas with a centralized management server.
The software in the release has been redesigned to include enterprisewide snapshots of the threat levels that devices pose to the network at any given time across multiple buildings. Pricing depends on configuration, but Highwall Enterprise 3.0 starts at $9,995. It is available now.
Highwall is in the final stages of being acquired by a large incumbent player in the WLAN space; the deal should close within the next three or four months, according to Rich Swier, Highwalls CEO.