NETWORK WORLD NEWSLETTER: JOANIE WEXLER ON WIRELESS IN THE ENTERPRISE 11/17/04 Today's focus: Do we really need rogue AP detection?
Dear [EMAIL PROTECTED], In this issue: * Many ways to keep intruders off your WLAN * Links related to Wireless in the Enterprise * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Airespace Airespace manufactures end-to-end WLAN intelligent wireless networking platforms that centralizes networking intelligence for cost effective management and enterprise-wide policy enforcement. In the last year and a half, the Airespace Wireless Enterprise Platform received over 19 industry awards in product evaluations. Click http://www.fattail.com/redir/redirect.asp?CID=88418 to learn more about Airespace's industry distinctions. _______________________________________________________________ DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on WLAN Security; IT Documentation; protecting the internal network from worms, Trojan horses, and other malware threats; measuring employee productivity and more. Click here to download: http://www.fattail.com/redir/redirect.asp?CID=88300 _______________________________________________________________ Today's focus: Do we really need rogue AP detection? By Joanie Wexler Theoretically, if enterprises properly implement current wireless LAN security standards, rogue (unauthorized) access points shouldn't allow intruders to sneak onto a network. Right? I mean, by definition, with 802.1x authentication in place, outsiders shouldn't be able to gain network authentication. Thus, they shouldn't be able to access any (or hardly any) network resources, depending on how the enterprise has set up its policies. So why do we need to monitor the air for rogue APs? The key words in this discussion, of course, are "theoretically," "should" and "depending." The success of authentication and access control is dependent upon implementation level and proper configuration. In practicality, many older forms of WLAN security that don't use 802.1x are still in use. In many of those cases, unblessed APs could plug right into an Ethernet port and unauthorized users attached to that AP could start accessing network resources, if no other credential-checking systems have been set up. That's one reason we need and will continue to need rogue AP detection. And it's why some WLAN monitoring specialists are strengthening the degree of automation in their rogue intrusion detection/prevention systems. AirMagnet, for example, recently upgraded the centralized flavor of its WLAN monitoring system, now called AirMagnet Enterprise. The latest version, 5.0, not only discovers if a wireless rogue device has found its way onto the WLAN; it will instruct the wired Ethernet switch to block the port to which that AP is connected. That way, the system automatically shuts down anyone accessing the wired network through the unauthorized AP (someone in the parking lot, for example). Likewise, according to the company, the system can now automatically block rogue communications over the airwaves. You can set a policy ahead of time that says, for instance, "In our financial building, if you see a rogue AP, disable it entirely, e-mail me and page me," says vice president of marketing Rich Mironov. The company has also added triangulation software capabilities so that once that pesky AP has been blocked, you can locate it quickly and take appropriate action. By way of background, the AirMagnet Enterprise architecture uses distributed "smart" sensors that perform all traffic analysis locally and forward only the result to a centralized server appliance. This way, they don't forward all the event data over the WAN and consume multiple megabits of WAN bandwidth. AirMagnet's Mironov claims that the company uses just "2% of the WAN bandwidth of alternate solutions" - by which he means, primarily, AirMagnet's main competitor, AirDefense. Speaking of AirDefense, aside from its recently reported integration efforts with Cisco, the company has also upgraded its own software, and some start-ups have also joined the WLAN intrusion-detection crowd. More on those developments in a future newsletter. RELATED EDITORIAL LINKS AirDefense counterattacks WLAN threats Network World, 11/08/04 http://www.nwfusion.com/news/2004/110804airdefense.html Vendors tout WLAN security products Network World, 11/01/04 http://www.nwfusion.com/news/2004/110104wlanproducts.html Wireless IDSs garner attention Network World Wireless in the Enterprise Newsletter, 10/20/03 http://www.nwfusion.com/nlwir827 Options for monitoring your airspace Network World Wireless in the Enterprise Newsletter, 09/10/03 http://www.nwfusion.com/nlwir828 Sesame opens up wireless guest access Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504sesame.html _______________________________________________________________ To contact: Joanie Wexler Joanie Wexler is an independent networking technology writer/editor in California's Silicon Valley who has spent most of her career analyzing trends and news in the computer networking industry. She welcomes your comments on the articles published in this newsletter, as well as your ideas for future article topics. Reach her at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Airespace Airespace manufactures end-to-end WLAN intelligent wireless networking platforms that centralizes networking intelligence for cost effective management and enterprise-wide policy enforcement. In the last year and a half, the Airespace Wireless Enterprise Platform received over 19 industry awards in product evaluations. Click http://www.fattail.com/redir/redirect.asp?CID=88417 to learn more about Airespace's industry distinctions. _______________________________________________________________ ARCHIVE LINKS Archive of the Wireless newsletter: http://www.nwfusion.com/newsletters/wireless/index.html Wireless research center Latest wireless news, analysis and resource links http://www.nwfusion.com/topics/wireless.html _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
