Security SaaS hits WLAN community

* Online wireless threat management service should ease compliance efforts

"Coulda had a V-8." That was my knee-jerk reaction when AirTight Networks told me it planned to launch software-as-a-service (SaaS) for securing wireless LANs. Duh! Why hasn't someone thought of this before?

At the RSA 2008 conference this week in San Francisco, AirTight, known for its wireless intrusion prevention system (WIPS) products, intends to launch SpectraGuard Online. The wireless vulnerability management assessment SaaS is broader in its monitoring and reporting scope than the company’s WIPS appliances, which customers deploy and manage themselves onsite and which AirTight will continue to sell. (Compare IPS products)

The SpectraGuard Online SaaS relies on hardware sensors installed in business sites, but moves the security auditing and information reporting out into the Internet “cloud.” The idea is to make wireless auditing and security more affordable - about $2 per floor per day - for organizations with small IT budgets, such as those in retail, legal and education markets, says Sri Sundaralingam, AirTight director of product management and technical marketing.

The service checks a given environment against the wireless security aspects of seven compliance mandates, including PCI, HIPAA, SOX, GLB and others, he says.

Realty information services company LoopNet is a 300-employee company that has been testing the AirTight SaaS offering “and definitely will keep it,” says Wayne Warthen, senior VP and CTO at the company. “This SaaS is particularly attractive, because wireless security won’t ever be a core competency for our small IT team” of seven people, he says.

LoopNet went public in 2007 and struggled through its first SOX audit. “Auditors are very concerned about wireless,” Warthen explains. “But if we can tell them we have a third party that does wireless security for a living monitoring us 24/7, they will think that’s great.”

He continues: “[With a SaaS], we don’t have to spend $20,000 to bring up a wireless security system; we can spend small incremental amounts for each square foot of real estate. That's exactly the way you want to manage your business.”

Here’s how the SaaS works: AirTight ships preconfigured sensors to your sites, recommending that customers start with one sensor per floor. The SaaS cost is $50 per sensor per month, which translates into less than $2 per day for a floor with a single sensor. Within 72 hours, AirTight begins shipping reports to you about the vulnerability status of your environment, flagging any misconfigurations that don’t conform to policy.

AirTight will monitor your environment and provide three SaaS service options: a wireless vulnerability assessment that performs wireless policy audits, checking for things like misconfigured WLAN equipment; a regular check for compliance with the wireless security aspects of mandates; and remediation services.

Learn more about this topic

 
Join the discussion
Be the first to comment on this article. Our Commenting Policies