AirDefense: Wireless Security for Enterprises
May 04, 2004
In the rush to go wireless, administrators will find that they must supplement standard security measures with serious reporting and policy-enforcing products. Count AirDefense among them.
During the 90s, the Internet was the veritable Gold Rush of the 20th century. Businesses were making money hand-over-fist at the mere mention of it. In this environment, attackers flourished because the drive was to simply get online. And security? Well, it seemed most everyone assumed that it would take care of itself.
Let's fast-forward a few worm- and attack-ridden years. The Internet boom went bust, replaced this time by a "boomlet" by the name of wireless.
Metcalfe's law still hasn't changed and many rightfully acknowledge the benefits of going wireless. Sadly, security still remains somewhat of an afterthought. In scary parallels to the past, companies are getting a little gung-ho on connecting wirelessly and making things easier for users to hop on.
This is a particular issue for medium to large companies seeking cost savings. Wireless allows for that, but is it worth the risk? I personally think yes, especially if you have the tools that can make your network safer on a larger scale.
Enter Air Defense.
This company has introduced a hardware methodology for dealing with wireless security. In larger environments — say, something over 15-20 APs covering wide areas — control over the network becomes heavily decentralized, and often, security policy enforcement can vary depending on the location. This kind of environment, often found on college campuses, hospitals, and Fortune 500 companies, can be one of the main reasons why organizations shy away from using wireless.
However, control can be centralized and policies maintained by using a product like AirDefense. A Smart Sensor, looking at an area of approximately 40,000 to 60,000 square feet, can be added to wireless networks to detect activity on 802.11a/b/g. In addition to checking the network's status 24/7 (all the time, not just every so often), Smart Sensors utilize both encryption (end-to-end) as well as authentication to pass information to the central server appliance, a hardened device that is ready to go to work when it arrives. This means that attackers, even if they detect the sensor's activity, aren't privy to that the sensor sees.
Constant monitoring ensures that the connection states are well guarded, making it harder to hide Man-in-the-Middle (MITM) attacks amongst others. Being able to detect attacks immediately can be critical for some environments. An IDS, as part of the Smart Sensor package, complements the package.
Page 2: Smart IDS, centralized management and proactive defenses.