Recently, a \u201cWireless in the Enterprise\u201d reader reported being forced to disable intrusion-prevention monitoring within shared, multi-tenant locations because the wireless scanning system was generating a confusing abundance of red herrings, or \u201cfalse positives,\u201d from neighboring access points.The thought of anyone forced to turn off security caused my anxiety level to spike.It turns out that economics preclude the use of a third-party overlay monitoring system at the reader\u2019s company, which opted instead for a combination access point (AP)\/scanning system built by its Wi-Fi systems vendor. This is a pure example of the \u201cinsurance policy\u201d nature of network security, which boils down to balancing how much you invest with the potential impact of a compromise to your organization.You can fix the red herring problem if you are willing to spend a bit; you have to decide how much security you can justify \u201cbuying.\u201d Most of today\u2019s overlay systems support policy enforcement engines that automatically discover and classify nearby devices that aren\u2019t connected to your network as unauthorized but not troublesome. Once the device has been classified as non-threatening, the system doesn\u2019t continue generating alerts about its existence.Among the vendors providing such systems are AirDefense, AirMagnet, AirTight Networks, Highwall Technologies, Network Chemistry and Newbury Networks. (AirDefense and AirTight are currently in patent litigation over a different component of their systems, the remote security event-filtering and transmission mechanism.)A Network Chemistry system, for example, would identify all known APs as authorized, then use a variable such as signal strength to differentiate between threatening devices in the facility and non-threatening neighboring devices, explains Brian deHaaf, vice president of product marketing.\u201cFor example, any AP with a signal weaker than -70db might be known to be outside of the facility. A stronger signal might indicate that it is inside the facility and, if not authorized, is a threat to be addressed.\u201dThe automatic classification of unknown APs as rogue APs by some systems can also be problematic, adds Sri Sundaralingam, director of product management and technical marketing at AirTight. The reason is that someone with a handheld wireless analyzer will have to find and check all the \u201cunknowns,\u201d which can cause a scalability problem, he says.Dilip Advani, technical marketing engineer at AirMagnet, has some advice that could fit my reader\u2019s budget. He observes that the reader\u2019s neighboring tenants should also be concerned that their devices are leaking wireless signals.\u201cIdeally, neighboring stores could resolve this diplomatically by sharing their network information to come up with a wireless non-interfering environment,\u201d he suggests. \u201cThis might require neighbors to change channels, lower their power settings\u201d or make other network adjustments, he notes.