Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/16/2008
03:55 AM
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Wireless Security Gets Boost From New Round of Products

Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises

SAN FRANCISCO -- RSA 2008 Conference -- Wireless security vendors used last week's conference here to showcase both the problems and solutions in controlling access to wireless voice and data.

AirTight Networks launched SpectraGuard Online, touted as wireless security's first manifestation of the software-as-a-service (SaaS) model that more vendors -- and a few cyber criminals -- are using. (See New Crimeware-as-a-Service Market Thriving.)

In addition, Alcatel-Lucent added partners to its OmniAccess 3500 "ecosystem" for safeguarding laptops wirelessly. And RSA Labs showcased an innovative wireless authentication scheme to keep mobile handsets secure.

Just how bad is the problem of wireless insecurity? Vendor AirDefense made a welcome change-up to the tired tradeshow stunt of identifying local, low-flying vulnerabilities. Instead, AirDefense surveyed the wireless security of more than 1,000 Bay Area entities, and assigned grades for four industry categories.

The highest grade, a "B-" went to the transportation sector; retailers earned a "C+"; finance got a "C-" and government brought up the rear with a "D".

The biggest problem was poorly protected wireless access points (APs); of the 4,606 APs detected, about 22 percent lacked good security, AirDefense said. "In government, an alarming 72 percent of APs and in finance 67 percent of APs were unencrypted or using WEP," which has proven to be easily hacked, according to the vendor.

Is wireless really such a security minefield? Not according to analyst Craig Mathias, founder of the FarPoint Group, who specializes in wireless networking and mobile computing.

"We're at the point now where most concerns about wireless security can be put aside -- they've addressed the big problems with solutions like WPA2," Mathias told Dark Reading. "But if you only consider wireless security, then you're missing the bigger issue of network security and information security -- you can secure a wireless LAN and still have an insecure network."

AirTight pitched its new SpectraGuard Online as either an onsite wireless intrusion prevention system or as a hosted service; either options comes with three modules: vulnerability assessment, regulatory compliance, and vulnerability remediation.

After the customer installs pre-configured wireless sensors, they begin receiving wireless vulnerability reports via email. Customer data is hosted in an SAS70 certified facility designed for security and high availability, according to AirTight. And it said that the pay-as-you-go approach is aimed at security pros and IT buyers concerned about big capital expenditures, buying features they'll never use, and keeping down the total cost of ownership.

SpectraGuard Online costs $50 per sensor per month, plus a small leasing fee for the vulnerability-assessment module. The compliance module is included for free; 24x7 phone and email support are also included. The vendor is also making the service available for a free 30-day trial.

And while the OmniAccess 3500 Nonstop Laptop Guardian (NLG) made by Alcatel-Lucent isn't new, the vendor added four new partners to its collection of vendors or software developers that integrate their third-party apps for improved laptop security and management.

The OmniAccess handles functions like patch management, "remote kill" deletion of encryption keys and certificates; asset and configuration management; and two-factor authentication, among others.

Alcatel-Lucent said Phoenix Technologies will provide encryption, recovery, and authentication services for the OmniAccess 3500; SafeNet's adding its QuickSec VPN software from SafeNet has been integrated into the OmniAccess 3500 for more secure roaming and remote use. In addition, Sierra Wireless will provide CDMA and HSPA modems for the OmniAccess 3500, while Utimaco Safeware AG has integrated its SafeGuard Enterprise data security solution with the OmniAccess 3500 for policy configuration and administration, as well as pre-boot authentication.

Pricing for the Alcatel-Lucent platform runs about $250 per card, $10,000 per server and $10-$15 per user per month for the license, a spokeswoman said.

Finally, RSA Labs demonstrated a prototype that may never see the commercial light of day, but was a fresh take on mobile authentication. Under its Wireless Access-Control Research Project (WARP), the organization developed a standalone token that transmits SecurID passcodes via WiFi, without any new hardware or drivers required on the client side.

The idea is to perform SecurID-type authentication without typing any digits, but also encrypt files and unlock screens. RSA also showed how a WARP token could be used to deliver a hidden "back channel" SMS message confirming details of a mobile banking transaction. "This helps address the problem of man-in-the-middle attacks and trojans that SecurID alone is unable to protect against," the research organization said in its announcement.

In broader terms, WARP seeks to secure ambient computing devices in a flexible way that also makes it easy to use "cloud computing" networks and services more seamlessly, RSA said.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0565
PUBLISHED: 2020-02-25
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
CVE-2020-9393
PUBLISHED: 2020-02-25
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.
CVE-2020-9394
PUBLISHED: 2020-02-25
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
CVE-2019-3999
PUBLISHED: 2020-02-25
Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
CVE-2020-8809
PUBLISHED: 2020-02-25
Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker ...