Safeguarding The Invisible Wave

For nearly a decade, Kansas City, Mo.-based FishNet has focused on general security protection. But Fish, who grew his company from a desk in his basement to four locations nationwide, admits it was back-to-school time when FishNet added wireless security to its menu of services.

"FishNet is a security company, it's all we do, 100 percent," Fish said. "But when we started building a practice specifically around wireless security, we found you have to learn a lot more. Not just how wireless works, but how a wireless site is surveyed, and how it's audited for vulnerabilities."

FishNet quickly got up to speed through partnerships with wireless security vendors such as AirDefense and AireSpace and wireless survey technology maker Ekahau. FishNet was soon reeling in bids for installations and audits.

"We were hired by this one national organization to perform a wireless security audit, and less than 30 minutes after our engineers hit the ground, they'd hacked into the corporate wireless network from the parking lot and were perusing offices in other states," Fish said.

Still, nothing prepared FishNet for the job it's currently tackling: a secure wireless network encompassing the four-building campus of a national consumer-electronics retailer. The catch: None of the buildings are finished yet.

"It takes us to a whole different level," said Paul Klahn, FishNet's director of consulting services. "We're trying to determine signal strength through walls that aren't even there yet. We're pondering wireless access points while they're pouring concrete."

FishNet engineers suddenly found themselves wearing hard hats while trying to plan wireless defense strategies like how close an outsider will be able to get to the building based on nothing but blueprints of the lawn.

"We are not building contractors, but here we are now working alongside union electricians, construction teams, [with] everyone arguing about where to put an access point. Do you put it above the false ceiling or below it?" Klahn said. "You can't have this building finished and then have the CEO of the company [sit on a certain couch and say, 'I can't get on the wireless network.' "

Despite the challenges, Klahn noted that getting in on the ground floor of construction actually helps FishNet provide stronger wireless security.

"We are able to balance the wireless security design side-by-side with the architects and the wired network people who are on the site. They built mock-up rooms that represent the different rooms that'll be in the finished building, which is allowing us to do things like signal strength testing," Klahn said.

Fish is quick to admit there's no such thing as a permanent win in the battle to keep hackers off a secured wireless network.

"In the security space, we never say never. Securing a wireless network is just a matter of staying ahead of the hackers, always deploying leading-edge products, and then redeploying if necessary. What's secure today may not be secure tomorrow," Fish said.

Wireless security vendors such as AirDefense are working to keep the arsenals of their VARs a force to be reckoned with.

"A wireless card can turn a simple laptop into a lethal weapon," said Anil Khatod, president and CEO of Atlanta-based AirDefense. "In the wired world, you have two lines of defense: a door preventing physical access to the building, and a firewall guarding the Internet connection. But with wireless, you can bypass both of these security perimeters."

AirDefense recently upgraded its AirDefense Enterprise 4.0 wireless monitoring platform, which works in conjunction with the vendor's integrated Mobile 802.11a/b/g WLAN security and device inventory product and Bluetooth monitoring system. Using a system of four detection engines, Air-Defense's platform catches rogue wireless device transmissions before they penetrate the network. A signature engine authenticates valid wireless users, while a protocol engine works to repel hackers using out-of-phase wireless packets to confuse a wireless access point and gain network access. Then, a policy engine allows for the creation of custom security rules, while an anomalous behavior engine stops any wireless transmission pattern that hits a threshold set by a statistical baseline of known, legitimate wireless data. The tool also charts wireless behavior and reports patterns to reduce false-positive and negative readings, Khatod said.

Such a fortified approach to wireless security covers the gamut of wireless attack plans, from simple attempts at illegitimately entering a wireless network to more brutal assaults such as denial-of-service attacks. Whether an intruder is merely looking for free wireless access or has malicious intent, they are a threat to corporate networks and integrators must work to keep them out.

"There is always more going on in the air than almost all our clients realize," said Mike McManama, director of wireless computing at DigitalNet, a Herndon, Va.-based security integrator that caters in large part to security-sensitive government accounts. "It's always a big surprise to them when they see the volume of wireless activity that's trespassing on their network," he said. McManama tells of one customer with 39 active access points and data rates sufficient enough to let anyone sitting with a laptop in a nearby public hot spot to access data from the business network.

For government-classified environments, the security standard is 256-bit encryption, twice the rate of common 128-bit technology. DigitalNet partners with Fortress Technologies for the gear, and McManama said that for any customer that really wants to get serious about wireless security, solution providers should offer them 256-bit encryption.