Wireless security push fueled by paranoia

Wireless security became a necessity for Intermagnetics, but when the company used its access points to monitor the spectrum, performance suffered.

Tim Stowell calls it "paranoia." He doesn't want rogue access points or any other potential security hazards making their way into his wireless network.

"My biggest concerns are rogue access points -- people who install their own access points because they want to be able to walk around wirelessly," said Stowell, corporate network manager for Intermagnetics, a Latham, N.Y.-based manufacturer of large magnets for MRI machines and other medical equipment. "I don't worry too much about people sitting in our parking lot."

To ward off potential intrusions and rogues, Stowell deployed dual-mode access points from Aruba Networks. The dual mode allows them not only to act as access points but to monitor the spectrum for interference, rogues or other troubles.

One thing that wasn't anticipated, however, was how the dual mode would affect connectivity.

"When put into monitoring mode, it bit into performance," Stowell said, adding that users reported slower traffic.

When Stowell switched the monitoring capability off, connectivity came back.

"I turned off monitoring, and the users said, 'Hey, what did you do?'" he said.

Performance was back, but now there was nothing monitoring. Stowell said he came upon RFProtect from Network Chemistry, a wireless monitoring and threat prevention system. RFProtect was installed in the Latham headquarters and also tested out in Intermagnetics' office in Orlando, Fla. Stowell deployed RFProtect to supplement Aruba. Using a separate tool for monitoring allows the Aruba access points to stick solely to transmitting, so monitoring doesn't bite into performance.

In Orlando, they hit a small roadblock, Stowell said, because RFProtect automatically grabs the DHCP address and configures. But that problem was averted within a few minutes with manual configuration. In Latham, the deployment went smoothly.

"I didn't really find too much here in Latham that I didn't anticipate," he said. No rogue access points or other problems. In Orlando, there was one rogue access point, but it was very easy to find, he said, because RFProtect is laptop based and can be carried to the location of a trouble signal. "We saw it immediately," he said. The access point was added by an employee who wanted wireless connectivity without having to sign on to the network.

Stowell also made one other interesting find when a team of Sarbanes-Oxley auditors visited the office. He noticed that the auditors had an ad hoc network running among their laptops. Stowell said he thought it might have been a test -- the auditors quizzing him to see whether he would uncover the problem. It wasn't. And he brought it to the auditors' attention.

"Only one knew the ad hoc network was set up," he said.

For Stowell, it's all about peace of mind. At first, he wasn't crazy about the idea of going wireless, he said. He was concerned about security.

"I fought it for a while," he said, until convincing arguments were made for wireless, and his team found a wireless monitoring system. "But I acquiesced."

After giving in to wireless, Stowell plans on going full bore, especially now that he has a view of the wireless network and knows it's secure. He said he wants to install RFProtect in the other Intermagnetics offices in California and Wisconsin.

"It's mainly a level of paranoia to make sure there aren't things that aren't supposed to be there," he said. "There are two philosophies in security: Use an all-in-one product or a specialized product. I like kind of a hybrid of that."

 

Read more on Data centre networking