Prevention Methods Shore Up Wireless LAN Defenses

Prevention methods are moving to the forefront of wireless security, as security developers such as AirDefense and Wibhu link intrusion prevention systems to WLANs.

Security developers took more than a decade to move from intrusion detection to intrusion prevention in the world of wired networking. But in the fast-paced wireless space, vendors are already jumping on prevention as the first step in security.

Companies such as AirDefense Inc. and Wibhu Technologies Inc. are set to release new tools that borrow heavily from their wired counterparts and introduce IPSes (intrusion prevention systems) to WLANs (wireless LANs) for the first time.

AirDefense, the Atlanta-based WLAN security pioneer that had been focused on detecting attacks, this week will roll out Version 6.0 of its namesake product with new laptop-based network protection built into the client. Called AirDefense Personal, the new capability comes as an agent that continually checks for malicious or unwanted connections to networks.

/zimages/2/28571.gifWLAN intrusion detection systems can help spot and lock out trouble in new ways. Read eWEEK Labs analysis.

The agent also checks for bad configurations on protected machines, alerting users and the AirDefense server when a problem is found.

The new version will include the ability to automatically detect and terminate clients on the WLAN. Using a predefined corporate policy, AirDefense 6.0 communicates with the AirDefense sensors to locate and analyze rogue clients when they connect to the network. The system can then alert the administrator or automatically disconnect the client.

AirDefenses new release, available this week and priced starting at $6,995, includes a mapping feature that shows administrators where each wireless network device is at any given time. For enterprise IT departments that have been reluctant to deploy WLANs for security reasons, the visibility and access control that Version 6.0 offers could make the decision easier.

"Security is a huge concern in the wireless environment. You have to protect wireless just like wired networks," said Fred Nwokobia, senior engineer at Lehman Brothers Inc., in New York, and an AirDefense customer. "[The automatic disconnect] is a great feature. But you have to regulate it by policy, or you could do damage to a neighbors network."

While AirDefense continues to refine its offering, Wibhu Technologies, which will change its name to AirTight Networks Inc. next week, will release its first security solution at months end.

Next Page: Mapping feature tracks devices on the WLAN.