IBM unveils wireless intrusion detection service

IBM has launched a managed intrusion detection service for wireless networks.

IBM has unveiled a managed intrusion detection service for wireless networks.

The service uses "sniffing" technology developed by IBM to detect the presence of rogue access points, denial-of-service attacks, improperly configured access points and compromised Wired Equivalent Privacy (WEP) encryption keys.

It relies on a network of Linux appliances which act as wireless sensors and are deployed in a similar way to wireless access points within an office, according to Jim Goddard, security principal at IBM Global Services.

The sensors, which "look look like fuse boxes mounted on the wall", monitor wireless network activity using attack signatures developed by IBM. Warnings about possible attacks are relayed to a Tivoli Risk Manager console at an IBM Global Services operations centre in Colorado.

The centre operates around the clock and allows customers to respond quickly to wireless attacks. Because wireless attackers must be within range of access points to launch an attack, that response might involve summoning security guards to intercept the culprit.

Customers will receive daily reports summarising wireless security events, as well as monthly trend analysis reports from IBM.

IBM will market the service to companies of all sizes. Customers do not need to be using Tivoli or have an existing relationship with IBM Global Services to take advantage of the service, but will need to have the network of wireless sensors installed as well as a device to collect data inputs from the wireless sensors and forward them to IBM's monitoring facility.

The service is available immediately. Companies must pay a one-time $30,000 fee to set up the wireless sensor network. Annual support subscriptions cost $50,000.

Forrester Research senior analyst Laura Koetzl said many companies are eager to deploy widespread wireless networks on corporate campuses and within office buildings, but are reluctant to do so because of the security issues that surround wireless Lan technology and fears about intrusions and the loss of critical data.

IBM's new service may appeal to those companies, which often lack the staff and expertise to be able to audit their own wireless Lans, she added.

Paul Roberts writes for IDG News Service

Read more on IT strategy