Product Group Tests
Wireless security (2006)
Testing products that each perform a slightly different function made picking the best two difficult, but we decided that the BlueSocket BSC2100 is our Best Buy. It is an excellent product that securely merges your wireless and wired networks. It is surprisingly easy to use, and its roles-based engine integrates with your existing authentication servers, so you don’t need a whole new set of usernames and passwords. If you want to run wireless networks in your organisation, this is an excellent way to secure them. Colubris Networks’ InCharge RF Manager Server gets our Recommended award. With a hardware console and sensors, it provides your company with secure monitoring tools. The management tools are very easy to use and even enable you to configure protection against rogue access points. It is an invaluable tool for enforcing a wireless policy.
Full Group Summary
Wireless networking has come a long way in the past few years and, with the majority of new notebooks containing wireless cards, has become a popular and convenient way to get access to networks. While most of it is good news, particularly as wireless provides an easy way to extend the network without having to run new cables, it does bring with it a host of security problems.
These are many and varied, but one of the biggest threats to the corporate network comes from rogue or unsecured wireless access points, as outsiders don’t even need to physically plug into the network, they can sit safely outside and connect.
With the wireless access points behind the firewall, the hacker has just skipped your first line of defence and now has free rein of your network.
Rogue access points are an even bigger problem than your own insecure wireless, as they let the same thing happen but, as you haven’t authorised them, you might be unaware of the threat. Even if you find out about it, you’ve still got to track the access point down and disable it.
With the problem getting worse, the market has responded with a fast expanding range of products designed to protect your network from these threats.
The first part of our test looks into these threats, and we have three hardware and software products designed to monitor and secure your wireless access points.
Using distributed sensors, these products scan for rogue access points and unauthorised access, warning you immediately a potential breach occurs. Using these tools, you can track down and locate the problem, cutting it out before a major breach occurs.
To test, we connected these sensors to our test network to see how it dealt with our wireless access points. Where possible, we also tested each product’s defence tools, to check whether we could successfully block access to the unauthorised access points. While security and monitoring are one thing, there is also the protection and defence of existing wireless access points.
While it’s true that most access points can be configured securely with WPA encryption and more cosmetic things, such as disabling SSID broadcasts, these things cut out one of the best things about using a wireless network – their ease of use.
As soon as you turn on shared encryption, everybody has to be given a long key to type into their wireless client. And because the encryption is shared, as soon as a client is on the wireless network, it can see other users’ traffic. This makes network protection very difficult to achieve.
For this reason, we have got one product that can monitor and control your wireless networks, while protecting your corporate network from threats.
Its level of security means that you can allow unsecured access through a wireless access point for those users that need it – such as guests to your company, who can simply connect to your network – while forcing other users to authenticate themselves.
With user-based controls, this product can force wireless users into the same kinds of strict access controls as those on the wired network.
The problem of wireless doesn’t stop at the corporate network, however. As mentioned earlier, most notebooks now ship with wireless adaptors, and while this makes it easy to connect these notebooks to wireless networks, it also raises lots of security issues.
First, users often don’t know whether they are connecting to a secure network or not, which can open the notebook up to attack.
Second, a lot of notebooks happily broadcast that they would like to take part in an ad-hoc network, which means that the hacker can try and connect directly to the notebook.
Access to foreign networks should be rigidly defined, which means that you need software to ensure that your policy is met both in and out of the office. Our final product does exactly this, and we tested it to see the level of the wireless controls that it can use, applying the policy to our test notebook.
In all cases, we were looking for products that were flexible in their approach to wireless security. After all, the point of wireless is flexible networking, so there’s no point in using products that will clamp down so hard that using the wireless network becomes next to impossible.
This defeats the whole point of wireless in a business environment.
In total, then, we have gathered together five varying products to test this month that focus on different aspects of wireless security. In practice, depending on your security policy, you are likely to find that you need one or more of these products.