Network Chemistry Goes on Wireless Security Spree

By Pedro Hernandez

December 05, 2005

Network security provider finishes off the year by extending its wireless protection platform and helping to launch an online threat advisory community.

Amidst many corporate networks are rogue access points and poorly configured laptops, all airing their inviting signals.

The ideal conditions for a mobile hacker.

Network Chemistry is tackling this problem on two fronts. The first is product-based, tweaking the company's existing offering and releasing new software to extend its protections. The other is education.

Product-wise, the company enhanced its flagship RFprotect Distributed platform, tweaking its detection and management capabilities. New this time around is the ability to ferret out unapproved APs and devices on obscure channels and non-802.11 technologies when used in concert with the company's sensors.

Discovering dangerous devices is one thing; doing something about it is another matter entirely. To remedy this, the company also added a honeypot, of sorts, to keep hackers at bay and acquaint IT workers to their tactics. Called UltraShield, the module functions as the wireless equivalent of an intrusion prevention system, segmenting unauthorized systems based on policies or at will. To track down the offending system, and the operators behind them, admins can utilize RFprotect's location mapping.

In October, the company added BlueScanner to its portfolio, filling the Bluetooth detection gap found in most wireless security suites. The free download alerts IT personnel to the presence of Bluetooth-enabled devices that can leak data.

However, it's the newly-released RFprotect Endpoint that's helping the Network Chemistry branch out and extend its reach beyond corporate networks.

Left under- or unprotected, their Windows laptops can provide a connection back to corporate LANs, putting them at risk, or expose critical data on mobile systems. RFprotect Endpoint prevents this.

Firstly, it makes no distinction on the type of connection found on a laptop. RFprotect Endpoint locks them all down: Wi-Fi, Bluetooth, EVDO, HSDPA, GPRS/EDGE, IrDA (infrared), Ethernet, and dial-up. This allows admins to prevent bridging, the practice of using one networking technology like 802.11 as a conduit to another connection such as Ethernet. Moreover, the software allows administrators to enforce policies such as mandatory VPN use or disabling ad-hoc mode.

The software also stymies savvy users that know their way around the networking applet in Windows. Working behind the scenes, the software doesn't even appear when process manager is invoked.

RFprotect Endpoint starts at $29 per client and is available now. Volume discounts are also offered.

Lastly, the company helped launch WirelessVE.org (WVE), a community effort designed to classify and catalog wireless vulnerabilities and provide threat assessment. Network Chemistry is joined by fellow founding sponsors CWNP and the Center for Advanced Defense Studies.

Inspired by CVE and the Open Source Vulnerability Database (OSVDB), WVE seeks to build up its threat database and draw attention to problems affecting all aspects of wireless security from vulnerabilities and the tools that exploit them to shortcomings in common protocols.

WVE is online and accessible now. Already, the database is populated with entries, both common and obscure, such as BlueBug, Car Whisperer and WEPCrack among several others.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.