Defending the WLAN Air
June 03, 2002
AirDefense is an enterprise-class WLAN security appliance with a state analysis engine to track all traffic, correlate data about it, and let you know about intruders.
AirDefense of Atlanta, GA, today announced the launch of its self-titled AirDefense enterprise wireless LAN security appliance.
More than just a WLAN sniffer, the product includes a state analysis engine for real-time 24x7 monitoring of all traffic on the network. It then correlates all traffic data with its intrusion detection engine to show security risks on the network.
In explaining a need for a product like AirDefense, company founder and CEO Jay Chaudhry says, "In a traditional network world, the admin has a poster on the wall showing all the routers, hubs, everything. The challenge we have with the WLAN is that the nature of the network is dynamic and fluid." Tracking a WLAN leans toward impossible without monitoring the radio signals."AirDefense is an appliance that is there to protect the airwaves," says Chaudhry. "It looks at same traffic access points see."
The Linux-based AirDefense appliance works on multiple platforms (it's designed to work on equipment from Cisco, Symbol, 3Com, Lucent/ORiNOCO and Linksys) and can be remotely managed via a Web browser. The product's patent-pending multi-dimensional intrusion detection engine for WLANs uses multiple technologies, all designed for Layer 1 and Layer 2 of 802.11 protocols, for detecting interlopers. It identifies threats using protocol analysis, policy deviations, signature verifications, and statistical anomalies in traffic. Correlating data from across the engine reduces false-positives while accurately identifying a threat.
Chaudhry says that the product is a great help in tracking down specific kinds of intrusions, from external Denial of Service attacks to internal rogue WLANs. Chaudhry sees rogue WLANs -- wireless access setup in a business without permission -- in three camps: malicious (of which there are few), a WLAN set up by employees for simple convenience, or setup by remote branches or departments of large enterprises. The latter spells the biggest security risk. "Some companies are giving amnesty programs to departments, asking them to notify IT of rogue WLANs so they can be made secure," says Chaudhry.
He summed up the AirDefense strategy by saying: "We help identify risks, we do real-time monitoring, we protect against problems and enforce policies, and perform diagnostics."