All it takes is a little creativity, a comfy place to sit, a laptop, and a handful of wireless hardware, and cracker types can clandestinely monitor wireless network traffic, boot up applications, or steal data outright.
Software maker Internet Security Systems Inc. (ISS) says: That ain't right.
The company aims to make wireless networks at least as secure as their tethered counterparts. By the end of next year, according to Gartner, half of U.S. companies will have deployed a wireless local-area network. That's more than double the 21% installed based at the end of 2000.
ISS says its new wireless-LAN security software, and consulting, education, and managed-security services are aimed at helping customers protect digital assets transmitted through the ether. ISS' X-Press update for its Internet Scanner software helps customers scan and identify rogue wireless access points. ISS' consulting services already provide evaluations, penetration testing, and design and security policy development.
Gartner analyst John Pescatore says much of the ISS announcement is marketing fluff. "The architecture, consulting, and education services are just the same old stuff," he says. But "the fact that they have added somesmarts to the scanner products to detect wireless-LAN gateways is a good thing," he adds. Pescatore explains that corporate power users tend to trek down to CompUSA, buy and install a wireless-LAN gateway with "the least secure possible configuration" and unwittingly place corporate data at risk.
But Pescatore warns that there's no way to detect malicious eavesdroppers to wireless-LAN gateways, making encryption critical. "We advise clients either use new 802.1x security options from Cisco, Lucent, and others and live with single vendor lock-in for now" or that they run IPSec virtual private networks on top of all wireless-network connections and not depend on the security services.