AirDefense Locks Up Wi-Fi
Software maintains security on laptops when they're outside the network.
Peter Judge, Techworld.com
AirDefense is lining up a download that will lock down laptops for wireless use as well as an upgrade to its main product that will seek and destroy rogue access points automatically.
Mobile Defenses
Speaking at the Enterprise Wireless Technology event in London this week, the company said AirDefense Personal looks very similar in many respects to personal firewall products such as ZoneAlarm. "It enforces wireless security policy on laptops when they are outside the office," explained Spencer Parker, director of technical services at AirDefense in the United Kingdom.
The product will be available for download next week, said Parker, and will cost $15 or nothing at all--something that is still to be decided, apparently--for individuals, with corporates paying for a more complete version which can be set up to operate silently. When a user connects at a public hotspot, AirDefense makes sure security procedures are followed, and monitors for man-in-the-middle attacks. It also prevents bridging and inadvertent ad-hoc networking when the user returns to base and switches off Wi-Fi when the laptop is connected to the wired network.
Shutting Out Rogues
The company is set to upgrade its AirDefense Enterprise to version 5.0 on October 26, giving it the ability to automatically terminate any unauthorized "rogue" access points it detects attached to the enterprise network, as they appear.
IT managers can already shut down rogues manually with the current version, AirDefense Enterprise 4.1, using denial-of-service attacks, but it was not sensible to do this automatically, explained Spencer, as version 4.1 lacks the ability to tell whether an access point is attached to the network or not. Without this ability, a "terminate by policy" function would indiscriminately shut down any new access point, including those in neighboring offices or public hotspots in the coffee shop next door.
Because version 5.0 now has "rogue on my network" identification, it is safe to set up a termination policy, said Parker, although the actual termination process is complex: "You need a buffer overflow to terminate a Centrino system as Centrino systems ignore deauthentication packets," he says.
