Mobility vendors reinforce security capabilities

Vendors such as Network Chemistry and Ecutel are taking steps to raise the bar for their respective disciplines of mobile security.

Network Chemistry, traditionally focused on Wi-Fi intrusion detection and prevention in enterprise environments, is expected to announce today that it’s taking its story on the road. It is adding endpoint security to its RFprotect line to protect against threats specifically associated with not only Wi-Fi, but also Bluetooth, EV-DO, UMTS/HSDPA, EDGE, and WiMAX networks when users are traveling.

Administrators can set policy to prevent bridging between interfaces and ad-hoc connections, limit connections to known access points or locations, and require encrypted VPN tunnels when appropriate, Network Chemistry President and CEO Rob Markovich said.

Traditional endpoint security systems, available from a growing number of sources such as SSL VPN makers, router makers and security service providers, tend to operate at the operating system, anti-virus, and firewall layers, but don’t address specific Layer 1 and 2 wireless vulnerabilities, he said.

Network Chemistry says it has also helped get the industry’s first public database of wireless vulnerabilities and exploits off the ground. Designed to be vendor-neutral, www.wirelessve.org, set to go live this week, is intended to become a place where known wireless threats are categorized and described using common taxonomy. Eventually, best practices and fixes will reside there for the public to use in staving them off. Markovich says that about 20 vendors are supporting the project and organizations such as the Center for Advanced Defense Studies are sponsoring the effort.

Meanwhile, Ecutel is bringing endpoint security – as well as device management – to mobile IP VPNs, also called mobile application gateways. These client/server products enable workers in motion (such as field workers) to roam among any type of wireless network, so long as IP is running, without interruption in a session.

This product space has traditionally been strong on encryption and mobility but a bit light on endpoint security. Some access blocking to corporate resources has been available from Ecutel, NetMotion Wireless, and others, but remediation to bring devices into compliance with policy hasn’t been generally available, for example.

Ecutel late last month added the ability to its Viatores mobile IP VPN offering for security rules for mobile devices to be upheld, access control policies to be enforced and remediation actions to be taken prior to connection.

Ecutel is also in the Cisco Network Admissions Control (NAC) program. “But for customers that don’t have 100% Cisco architecture, that’s not a great solution, so we fill in,” Ecutel CEO Tom Matthews said.

The cost for the endpoint security module is $59 per client, installable by an FTP download. The first products are for Windows platforms, and the company intends to add support for PDAs and Linux in the future, Matthews said.