Vendors tout WLAN security advances

Two wireless LAN security vendors last week separately announced streamlined versions of their software.

Senforce's Wi-Fi Security is a less-expensive subset of the company's Endpoint Security Suite. The new offering downloads an agent to mobile or desktop clients and enforces centrally created security policies.

Meanwhile, AirDefense pulled from its server-based wireless intrusion-prevention product several components that now can be deployed on a wireless laptop to monitor radio traffic and pinpoint wireless-LAN clients and access points. The new product is called AirDefense Mobile.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Two wireless LAN security vendors last week separately announced streamlined versions of their software.

Senforce's Wi-Fi Security is a less-expensive subset of the company's Endpoint Security Suite. The new offering downloads an agent to mobile or desktop clients and enforces centrally created security policies.

Meanwhile, AirDefense pulled from its server-based wireless intrusion-prevention product several components that now can be deployed on a wireless laptop to monitor radio traffic and pinpoint wireless-LAN clients and access points. The new product is called AirDefense Mobile.

Senforce used several key elements of its current suite, and added a group of automatic reports, graphs and summaries of wireless activities and status. Policy Editor is a PC program for setting rules for what client devices can and can't do, such as "all wireless clients at headquarters can only connect to access points that support the Wi-Fi Protected Access 2 specification."

The policies are stored by Senforce server applications and distributed, along with an application called Security Client, to wireless devices whenever they boot up or change their network connection. Security Client has code to enforce the policy rules on the device.

The client code can't be unloaded, disabled or sidestepped by end users, Senforce says.

Missing from Wi-Fi Security are a range of features in the full suite such as the company's firewall; drivers for controlling features such as the use of USB drives on portable devices; and integration with third-party applications such as anti-virus products.

Rivals include AirDefense, AirMagnet and mobile device management vendors such as Mobile Automation, Wavelink and iAnywhere (which acquired XcelleNet's Afaria software).

Wi-Fi Security is priced starting at $45 per user.

The AirDefense Mobile application runs on any Windows XP laptop with a WLAN adapter using the Atheros chipset. It lets administrators monitor and analyze every frame from any kind of 802.11 access point within range of the adapter's radio.

The U.S. Army Forces Command (FORSCOM) has been using the mobile version to enforce its "no wireless" policy at Fort McPherson, Ga. Civilian network administrators do periodic "war walks" around the site, using the software and laptop to pick up transmissions.

"We found an Army Reserve unit that had installed an access point in a warehouse and hooked up laptops for inventory control," says Robert Isaacs, network security manager for Booz-Allen Hamilton assigned to FORSCOM. "We found it and shut them down."

The software also measures the strength of local radio signals. Using this data, AirDefense algorithms calculate the location of authorized and unauthorized wireless access points and users.

Although separate from AirDefense Enterprise, the mobile version can link with it and download details of radios in a given area.

In addition, the Enterprise version lets administrators assign descriptive names to devices such as "second floor conference room access point," and the mobile version can make use of these.