IBM unveils intrusion-detection service for wireless nets

It users 'sniffing' technology to spot security flaws

By Paul Roberts

October 8, 2003 12:00 PM ET

Recommended

IDG News Service - Citing the "explosion" of wireless "hot spots" in public spaces, homes and businesses, IBM today unveiled a new managed intrusion-detection service for wireless networks.
The new intrusion-detection service uses "sniffing" technology developed by IBM that can detect the presence of unauthorized access points, denial-of-service attacks, improperly configured access points and compromised Wired Equivalent Privacy (WEP) encryption keys, according to Jim Goddard, security principal at IBM Global Services.
The new service relies on a network of Linux appliances that act as wireless sensors and are deployed much as wireless access points are within an office, Goddard said. "They look like fuse boxes mounted on the wall," he said.
The sensors monitor wireless network activity using wireless attack signatures developed by IBM. Warnings about possible attacks are relayed to a Tivoli Risk Manager console at an IBM Global Services operations center in Boulder, Colo., Goddard said.
That center operates 24 hours a day, seven days a week, and allows customers to respond quickly to wireless attacks, he said. Because wireless attackers must be within range of access points to launch an attack, that response might involve summoning security guards to intercept someone who is reconnoitering wireless access points on a corporate campus or trying to compromise a company's wireless infrastructure.
"The technology is doing the same thing that [intrusion detection] has done for a long time, but the response is different. With a wireless attack, you could be talking about somebody in a parking lot outside the corporate headquarters, as opposed to 10,000 miles away with a traditional [Internet] attack," Goddard said.
Customers will receive daily reports that summarize wireless security events, as well as monthly trend-analysis reports from IBM.
IBM became attuned to wireless security issues after hearing complaints from many of its managed services customers. "In our managed environments, this has already become an issue. There's this sense that wireless networks need protection but that it should be integrated with an overall managed plan."
IBM will be marketing the new intrusion-detection service to companies of all sizes that need to lock down wireless networks. The service may also appeal to companies that are opposed to introducing wireless technology and want to prevent employees from setting up their own wireless access points in cubicles, Goddard said.
Customers don't need to be using Tivoli or have an existing relationship with IBM Global Services to use the service. But they will need to have the network of wireless sensors installed, as well as a device to collect data from the wireless sensors and

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Mobile/Wireless

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.