Tip

Key wireless LAN security tools for resellers

Early vulnerabilities in the Wired Equivalent Privacy (WEP) component of the IEEE

    Requires Free Membership to View

802.11 standard resulted in a broad range of professional, high-quality tools for the management of wireless LAN security and -- since security is a part of overall network management -- general WLAN management. In a previous article, I presented a landscape of wireless LAN (WLAN) security tools, dividing the world into four key categories. Here I'm offering a list of key companies in each category that will be of interest to value-added resellers (VARs) and systems integrators. Note that there can be significant category overlap with some products, so check the specs carefully before assembling a final list for your customers. And also note this list is not exhaustive -- these are just my favorites.

Spectrum assurance

A spectrum analyzer from an electronics test equipment vendor can also work here, but I don't recommend them for field use, as they are simply not specific enough to WLANs or other devices likely to be operating in the unlicensed bands. They can also be difficult for non-engineers to use.

WLAN assurance

Wireless IDS/IPS

WLAN management (third-party systems)

Choosing a wireless LAN security tool

Which one is right for your customers? A strategy I would suggest for starters is as follows:

  1. After a careful review of the requirements, tentatively select a WLAN system vendor.
  2. Carefully evaluate the management capabilities of the chosen product. Do not pick a product that does not operate according to your customer's needs.
  3. Consider the use of a third-party IDS/IPS and WLAN assurance product if the WLAN system is lacking in these areas.
  4. I now always recommend Cognio's Spectrum Expert, either as a standalone product or as part of another.

You may have noticed that I didn't mention site-survey tools. I'm not a big fan of doing site surveys except for post-installation analysis or maybe a quick pre-installation sweep. I also didn't discuss upper-layer security tools and techniques, such as the strong authentication provided by 802.1x and the overall network security of a VPN. These work the same way on wireless networks as they do on wired. The best advice I can offer when devising your overall security strategy is to think network, not wireless alone. As we enter the era of unified wired/wireless LANs, the next big trend in networks overall, this will become the default operational model regardless.

Finally, the early vulnerabilities in the WEP component of the IEEE 802.11 standard encouraged a broad range of hackers to experiment to their evil little hearts' content. If you're interested in the tools developed by these folks, have a look at my friend and colleague Lisa Phifer's excellent list of wireless security tools.

About the author
Craig Mathias is a principal with Farpoint Group, an advisory firm based in Ashland, Mass., specializing in wireless networking and mobile computing. The firm works with manufacturers, enterprises, carriers, government, and the financial community on all aspects of wireless and mobile. He can be reached at craig@farpointgroup.com.


 

This was first published in May 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.