Product Details
Product Rating
AirFortress AF7500
AirMagnet Distributed System
Bluesocket WG-2100
Funk Software Odyssey Server
Funk Software Steel-Belted Radius Server
Madge WLAN Probe 2
Red-M Red-Detect Server
SonicWALL SOHO TZW
Vernier Networks AM 6500 Access Manager
Vernier Networks CS 6500 Control Server
Winning our Best Buy award by a whisker was the SonicWALL SOHO TZW. It is easy to deploy, yet offers powerful and integrated security for small-to-medium-sized companies. At the other end of the spectrum, the enterprise-class Bluesocket WG-2100 wireless gateway, by incorporating the company's Secure Mobility technology, wins the Recommended award.
Wireless security (2004)
Companies envisage "wireless" workers easily connecting to contribute, but Rob Jaques knows administrators need to turn dreams into a secure reality
The loss, theft and corruption of electronic data annually costs corporations billions of dollars in lost revenue. With the explosion in wireless technology, industry analysts are warning that this figure is set to increase dramatically.
Earlier this year, a survey carried out for RSA Security found that the number of wireless access points (APs) in London's main business district had increased by 229 percent to 1,078. Signals from most APs can be picked up as far as 300 feet from their physical location.
The fear for wireless security is real, and can blamed on the technology's history. Also, an attacker does not have to physically access the network – being in range of an AP is enough to gain a foothold. Much publicized weaknesses in the Wired Equivalent Privacy (WEP) standard, where certain aspects of the encryption key are transmitted (and therefore easily intercepted) in plain text, also tainted the technology's image.
Wireless networks are young. During the first years of wireless LAN (WLAN) adoption, many of the serious security breaches suffered on wireless networks could be blamed on simple mistakes, such as transmitting unencrypted data, or a lack of authentication on roaming devices. This has changed.
Businesses know they cannot rely on security through obscurity – deploying a WLAN in its default state without protection and hoping it is not discovered. With the inherent security weaknesses and early administrator mistakes heavily publicised by both television and the newspapers, users have been educated about securing a WLAN through the media exposure.
One of the main issues dogging wireless networking is that adequate security was not implemented from the start, which is why many of the products featured in this group test are designed to be combined with existing infrastructure as a security "add on" – often without offering wireless access.
While many existing wireless networks will benefit from these add-on products, it raises the question of why more security products do not incorporate APs.
Encryption, virtual private networks (VPNs) and authentication measures are known security prerequisites. The problems often come with managing the security measures and their interaction with users on the network.
However, the benefits offered by a wireless working environment, in terms of increased flexibility and reduced costs resulting from not having to lay physical cabling, are too great to be ignored. As wireless networking technology rapidly gains traction, system administrators find themselves in the firing line as they try to balance the conflicting requirements of improving access to data via WLAN deployments while ensuring that access is only available to authorized users.
All of the products in this group test can, if correctly and appropriately deployed, strengthen your company's security. Whether you are responsible for the data and access management of thousands of employees, or considering switching on wireless networking for only a few workstations in a small office, one or more of these products will suit your needs.
We analyzed a range of products, from probes and sensors through to high-end enterprise technology systems such as authentication and authorization servers.
Probes, like those from Madge, are deployed alongside companies' existing APs, detecting any unauthorized clients trying to access the network.
Other products, such as the AirFortress wireless gateway, are geared towards controlling user access to the network. Enterprise-level products such as the servers offered by Vernier Networks and authentication systems from Funk Software are geared towards businesses with a lot of wireless users that need authorizing, authenticating and accounting for while using the network.
The main benefit of a wireless network is mobility, so IT managers have to secure their networks without compromising it. The objective of most companies is to enable users to travel around the campus or building while maintaining a network connection while preventing unauthorized users gaining access.
Any security devices being implemented must keep network traffic to a minimum to prevent clogging the network. This is where standards such as extensible authentication protocol (EAP) offer some degree of protection, and heavy-duty authentication tools, such as Radius, excel.
Wireless networks offer great flexibility, but incur some risk. How do you keep track of the users and devices accessing the WLAN? How do you ensure that any guest users have the correct access rights? How do you determine which level of encryption you should use, considering the reduced performance you know heavy-duty encryption might cause?
All are valid concerns, and all are dealt with by the products reviewed here. They offer systems administrators the means to implement sound wireless security policies.
