IBM has unveiled a managed intrusion detection service
for wireless networks.
The service uses "sniffing" technology developed by IBM to
detect the presence of rogue access points, denial-of-service
attacks, improperly configured access points and compromised Wired
Equivalent Privacy (WEP) encryption keys.
It relies on a network of Linux appliances which act as wireless
sensors and are deployed in a similar way to wireless access points
within an office, according to Jim Goddard, security principal at
IBM Global Services.
The sensors, which "look look like fuse boxes mounted on the
wall", monitor wireless network activity using attack signatures
developed by IBM. Warnings about possible attacks are relayed to a
Tivoli Risk Manager console at an IBM Global Services operations
centre in Colorado.
The centre operates around the clock and allows customers to
respond quickly to wireless attacks. Because wireless attackers
must be within range of access points to launch an attack, that
response might involve summoning security guards to intercept the
culprit.
Customers will receive daily reports summarising wireless
security events, as well as monthly trend analysis reports from
IBM.
IBM will market the service to companies of all sizes. Customers
do not need to be using Tivoli or have an existing relationship
with IBM Global Services to take advantage of the service, but will
need to have the network of wireless sensors installed as well as a
device to collect data inputs from the wireless sensors and forward
them to IBM's monitoring facility.
The service is available immediately. Companies must pay a
one-time $30,000 fee to set up the wireless sensor network. Annual
support subscriptions cost $50,000.
Forrester Research senior analyst Laura Koetzl said many
companies are eager to deploy widespread wireless networks on
corporate campuses and within office buildings, but are reluctant
to do so because of the security issues that surround wireless Lan
technology and fears about intrusions and the loss of critical
data.
IBM's new service may appeal to those companies, which often
lack the staff and expertise to be able to audit their own wireless
Lans, she added.
Paul Roberts writes for IDG News Service