Which Way to WIPS?
August 22, 2007
Partnerships between WLAN infrastructure and security providers soothe customers' wireless nerves.
This week, Ruckus Wireless and AirTight Networks announced intent to jointly market their WLAN and WIPS products as a comprehensive secure wireless platform for small-to-medium enterprises. While overlay vs. embedded Wireless Intrusion Prevention continues to be debated, this latest move illustrates how WLAN vendors are straddling that line through partnership and acquisition.
According to the agreement, Ruckus will recommend AirTight SpectraGuard to its customers that require more than basic rogue detection, while AirTight may recommend the Ruckus ZoneFlex Smart WLAN system to its SME customers. The two companies products have been tested to verify compatibility and interoperability, promoting smooth deployment of the combined package.
"Wireless security continues to scare the crap out of people," said David Callisch, VP of marketing for Ruckus Wireless. "Along with link-layer encryption and user authentication, wireless intrusion prevention is the third essential component. Mid-sized enterprises deploying wireless LANs not only want to be able to see what's going on but to do something about it. We give them that choice with AirTight, a best of breed solution that can be easily added to fourth generation Smart WLANs where and when the customer wants. We're not force-feeding our customers."
With this announcement, AirTight adds Ruckus to a lengthy list of WLAN vendor partnerships, including 3Com, Cisco, Colubris Networks, Extreme Networks, Siemens, Extricom, LVL7, and NextHop. Similar relationships exist between other independent WIPS players (AirMagnet, AirDefense, Network Chemistry) and WLAN vendors like Bluesocket, Divitas, Enterasys Networks, Motorola/Symbol, Nortel, Trapeze Networks, and Xirrus.
Baked in or bolted on
Such arrangements help WLAN vendors satisfy a broader range of customers. Early on, several vendors added part-time monitoring and basic security alertingprimarily rogue AP detectionto access points. Some customers find this embedded approach satisfactory, but others do not. For example, independent security systems may be required in heterogeneous networks, networks that ban wireless, and in organizations that must comply with separation of duty policies. Other companies may want a full-time IPS or require the richer feature set typically offered by todays WIPS products.
WIPS/WLAN vendor partnerships leave the ball in the customers court, while providing limited integration between otherwise separate products. For example, some multi-radio APs can be configured to run WIPS sensor firmware on a radio that has been dedicated to that task, avoiding the cost of separate sensors. Some WLAN management GUIs can click-through to WIPS dashboards, alerts, and reports, tying information together at the point where it is actually presented.
But where will vendors draw the line between loose coupling and tighter integrationeven assimilation?
I predicted some time ago that a consolidation of WLAN-specific management tools would occur, as these functions, which include spectrum assurance, WLAN assurance, and wireless IDS/IPS, along with other ad-hoc WLAN-specific tools, get subsumed into WLAN management systems from the system vendors and possibly third parties, said Craig Mathias, founder of Farpoint Group. Innovations initially found in point products are usually rolled up, over time, into more elaborate product offerings. Mathias expects this will hold true for wireless as well.
Build or buy
Of course, there are several ways in which consolidation could be achieved. Close partnerships and joint marketing and engineering efforts represent one popular route. Another is in-house expansion of the WLAN vendors own management system. However, rather than building new WIPS capabilities from scratch, larger WLAN vendors may opt to buy intellectual property and expertise.
Aruba Networks (now running second in the WLAN market overall) acquired Network Chemistry in July. Third-place Motorola/Symbol and market-leader Cisco both have established WIPS vendor partnershipsand a penchant for buying start-ups. I expect to see more of these [acquisitions] in the coming year, predicts Mathias.
But consolidation will not eliminate the market for independent WIPS products. There will always be a role when regulatory or auditing concerns dictate a separate system. And some customers will want a separate implementation for checks-and-balances regardless, said Mathias.
One way or the other, WIPS is expected to become part of all core WLAN product offerings. Through this weeks joint marketing agreement with AirTight, Ruckus Wireless joins that party.