Surveying security on wireless LANs

Finisar Corp. this month will add security features to its software for monitoring IEEE 802.11b wireless LANs, allowing managers to identify and eliminate unauthorized users.

Finisar’s wireless protocol analyzer software, Surveyor Wireless 1.1, can now spot rogue access points and discover rogue end stations on a corporate wireless LAN. The company will show the updated software at NetWorld+Interop and Comdex Atlanta 2002. The software was first introduced in May at NetWorld+Interop Las Vegas.

Surveyor Wireless monitors 802.11b traffic, which operates on the 2.4-GHz frequency and offers users speeds of 11Mbps. The software tracks utilization, channels and error statistics. It can be used when deploying a WLAN to determine coverage and locate access points, or it can be used to monitor and troubleshoot an existing WLAN.

The added security features address a major concern of network managers deploying WLANs, says Mike Disabato, an analyst with The Burton Group Corp. He says rogue access points can quickly deconstruct security measures a network manager takes when deploying a WLAN.

“Unauthorized access to a wireless LAN can undo firewalls and most of the hard work done to secure a company’s network,” Disabato says. He adds that Surveyor Wireless can identify Wireless Equivalent Privacy (WEP) encrypted traffic and give authorized users a key to decrypt the traffic. “The WEP features will keep out the casual user,” Disabato says.

Surveyor Wireless runs on a laptop with a PCMCIA slot or Cardbus and a supported 802.11b wireless adapter. Finisar also includes drivers to specific vendors’ 802.11b network cards, such as Symbol Spectrum 24, Cisco Aironet 340/350 and 3Com AirConnect, among others. Running on a laptop, the software can generate more than 30 different alarms specific to 802.11b traffic and notify network managers of problems via SNMP traps.

The software can support two separate wireless cards in a single laptop so that each card can be dedicated to a separate channel. It also offers multichannel views of all seven layers of packets and network traffic, and it can use filters to focus in on any one layer.

While Finisar competes with Network Instruments and Network Associates’ Sniffer products, Disabato says Surveyor Wireless offers an easy-to-use interface and a comprehensive monitor for WLANs. “If you have a wireless network, you need a product like this to understand the network’s coverage – and holes – and overall channel utilization,” he says.

Surveyor Wireless 1.1 will be available for beta use in September and is scheduled for general availability in October. The software normally costs US$5,000, but Finisar is offering an introductory special of US$2,500 until the end of October.

New customers can also take advantage of a free subscription agreement for 12 months – meaning that if they buy Surveyor Wireless now for 802.11b they can upgrade for free to the 802.11a and/or 802.11g versions Finisar plans to release in the next year.