| Click here for full white paper |
 |
| Click here for full white paper |
|
| Click here for full white paper |
|
Hunting
for Rogue Wireless LANs Can Be a Full-Time Job
The growing popularity and falling prices of wireless LAN hardware force every enterprise to address the growing problem of rogue wireless LANs, but hunting down rogue deployments with hand-held sniffers and scanners can turn into a full-time job. The risks of rogue wireless LANs can cause IT security managers to lose sleep, and the personnel required for manual site surveys can turn into a budget-crunching headache. As rogue wireless LANs begin to pop up on an enterprise network, IT security managers typically turn to freeware wireless sniffers and scanners, such as NetStumbler, Kismet or Ethereal, to manually survey the airwaves and hunt down rogue WLANs. However, this approach has proven to be flawed and unexpectedly costly because of the excessive amount of time and IT personnel required. Commercial products, such as AirMagnet and Network Associates' Sniffer Wireless, provide more user-friendly features, but offer little additional functionality. A September 2002 research brief from META Group questioned the viability of wireless sniffers and scanners for enterprise security.
The dangers of unsanctioned access points are well documented: An employee, vendor or on-site consultant can unknowingly put all information assets at risk by attaching a $100 consumer-grade access point to the enterprise LAN. This simple act circumvents all existing network security by broadcasting an open connection to the enterprise network. In addition to unsanctioned access points, rogue wireless LANs can also include unauthorized ad hoc networks between stations and "soft APs" that are actually laptops that function as access points. (See More than Just Rogue APs.) An enterprise with multiple locations relying on manual site surveys faces significant costs from the time requirements of walking the area, analyzing the collected information, reporting the information to central IT management and traveling to locations that do not have IT personnel on site. A single site survey can cost as much as $885. Costs Associated with Manual Site Surveys
The process of conducting site surveys requires the physical presence and valuable time of a network manager while the effectiveness is limited because it only samples the airwaves for threats. New rogue access points and other vulnerabilities can arise after a scan and will not be detected until the next time a network administrator surveys the network. Based on these costs, IT security managers must then decide how often they can afford to survey each site. However, organizations that increase the time between surveys risk greater exposure from rogue wireless LANs. A large organization with four large offices, 15 moderate offices and 40 small sites faces annual costs of $2.5 million for weekly site surveys.
The vast limitations of physical site surveys and the demands for personnel time limit the overall effectiveness of sniffers and scanners. Sniffers and scanners are simply not cost-effective for an enterprise with multiple locations or sensitive information that cannot risk rogue networks operating between security audits. In addition, IT security administrators would find this decentralized approach extremely difficult to manage and collect information for multiple locations. The alternative to conducting manual site surveys with wireless sniffers and scanners is to monitor the airwaves 24x7 with AirDefense. With its distributed architecture of remote sensors that report back to a centrally managed server, AirDefense eliminates the need for costly site surveys while it provides 24x7 security.
For more information about detecting rogue wireless LANs, click here to request the Wireless LAN Security: Enterprise Rogue Detection white paper.
Home
| Contact
Us | More
Info | Careers
| Webmaster |
