One interesting outcome is that the insecure wireless WEP protocol will be banned…but not until June 2010. Says Ars Technica:

Although TJX has become the poster-child for consumer data theft over WiFi, it is (by far) not the only company to use insecure wireless technologies. Wireless security manufacturer AirDefense released a report in late 2007 saying that a quarter of the 4,748 retail access points it surveyed across the US had no security whatsoever, while another quarter only used WEP, “one of the weakest protocols for wireless data encryption.” Just under half (49 percent) of the surveyed hotspots used WiFi Protected Access (WPA) or WPA 2—much stronger encryption protocols than WEP.

If you’re wondering about what other impacts will have, you might want to read through the PCI site or sign up for the SecureWorks webcast on October 14th to learn more.

Upping The IPS Ante

Motorola announced this week its intentions to acquires Wireless IDS/IPS vendor AirDefense. The acquisition may provide a bit of deja vu to readers who recall the acquisition of Network Chemistry's wireless IDS/IPS assets by Aruba Networks in 2007.

Meru Networks, eschewing acquisition for product introduction made its own announcement on Monday, announcing the company's RF Barrier, an active RF management solution that aims to solve the problem of what the vendor is calling "leaky RF." The Meru solution actively blocks 802.11 RF from escaping the physical confines of a WLAN deployment to thwart external "parking lot" attacks by closing Wi-Fi based attack avenues.

In fact, 2007 - 2008 has been a time focused on shoring up the security of the WLAN as the networks become more critical to over 50% of enterprises Forrester sees investing in the networks today. As the networks are more pervasive, moving toward covering the entire physical environment, and more employees are relying on Wi-Fi to access corporate data and applications, it's high-time to secure the WLAN.

In the case of Motorola, the Wi-Fi network is especially critical. As the vendor embarks on selling its message of the all-wireless enterprise, where WLANs will interconnect not only users to the network, but networke edge devices -- such as WLAN access points -- to the network along with storage, printers and other peripheral devices, the WLAN is citical and, therefore, a major focus for security.

In markets such as retail, standards like the Payment Card Industry's Data Security Standard dictate wireless security, but compliance and regulation aside, it is becoming easier to secure the WLAN, regardless of the industry you are in. Vendors are rapily working to close security gaps with product enhancements and new product introductions. Look for a broader suite of solutions to address security coming from your primary network vendor; while this won't negate the need to  integrate these add-on network elements, the single source should ease integration to some degree.

How secure do you feel your organization's WLAN is today? What are your concerns either about securing the network or its current lack of security?

Who doesn't remember the cone of silence from the original Get Smart TV series.  Whenever Max and the Chief had something important to discuss they would lower the cone of silence so that no one else could hear them or eavesdrop. So it is only fitting with the recent release of the Get Smart movie, Meru Networks has released a wireless cone of silence.

Meru is one of few stand alone wireless companies still hanging on out there.  So they need to be innovative to survive.  Their latest product, RF Barrier puts antennas around a physical plant to dampen and make it impossible to to listen in on wireless data exchanges.  They claim this is a first of its kind.  Thinking about it though, I don't see a big barrier to other companies having similar technology. I don't think you have to be a genius to broadcast traffic that puts out "noise" to hide legit traffic. I think the real special sauce is that this works in conjunction with Meru's other security products like wireless firewalls and secure access points.

With Motorola's recent purchase of AirDefense is having wireless IPS soon going to be table stakes in the wireless provider game?  I think it is and while Meru's RF barrier is a nice story, they are going to need to have some sort of IDS/IPS in their product line to keep up.

Who doesn't remember the cone of silence from the original Get Smart TV series.  Whenever Max and the Chief had something important to discuss they would lower the cone of silence so that no one else could hear them or eavesdrop. So it is only fitting with the recent release of the Get Smart movie, Meru Networks has released a wireless cone of silence.

Meru is one of few stand alone wireless companies still hanging on out there.  So they need to be innovative to survive.  Their latest product, RF Barrier puts antennas around a physical plant to dampen and make it impossible to to listen in on wireless data exchanges.  They claim this is a first of its kind.  Thinking about it though, I don't see a big barrier to other companies having similar technology. I don't think you have to be a genius to broadcast traffic that puts out "noise" to hide legit traffic. I think the real special sauce is that this works in conjunction with Meru's other security products like wireless firewalls and secure access points.

With Motorola's recent purchase of AirDefense is having wireless IPS soon going to be table stakes in the wireless provider game?  I think it is and while Meru's RF barrier is a nice story, they are going to need to have some sort of IDS/IPS in their product line to keep up.

Not sure if it is because of the slumping market and economy or in spite of it, but there pace of merger activity has been picking up lately and the security industry has not been immune to it.  Today saw two meaningful deals announced that could have an impact on the security landscape:

1. Sophos buys Utimaco - Saw this one when I woke up today, as it is a European deal.  UK based Sophos is buying German based Utimaco, makers of the SafeGuard line of data encryption/protection/DLP product line.  Sophos is paying cash $340 million US for in this deal.  This means they are substantially dipping into the credit market, as this is far more than they reported cash on hand. So like the Brocade/Foundry deal, the acquiring company feels strong enough about the acquisition to mortgage the house to get it.  In this case, I think Sophos is making a smart deal. They clearly say that to compete with Symantec, McAfee and Microsoft they are going to need a full endpoint security suite. AV alone is not just going to cut it. This gives Sophos a real play in DLP and data storage space. 

Yes they could have just done a partner deal for this type of technology, but I applaud them for going out and buying the technology.  I wondered if they would use this as a reverse merger entry to the public markets but it doesn't look like that.  In any event it looks like Sophos is making the play and spending the bucks to be a player in the endpoint security suite game.

2. Motorola buys AirDefense - Well one of the air brothers finally found a taker. I always thought that for all of the press AirDefense, AirTight and AirMagnet receive, the revenue just didn't match the hype. Stand alone wireless security was a tweener.  Would traditional security cover wireless or would traditional wireless cover wireless security.  In any event a stand along wireless security play is a tough road.  So with this answer Motorola says wireless handles wireless security. 

My question is what does the future hold for Motorola.  They are reportedly getting out of the cell phone business.  Is their wireless business, even a secure one enough to support this giant?  I don't know but there is a bit of "dead man walking" over there if you ask me. 

I think the play is clear though that wireless providers are going to snap up wireless security companies. The real issue is at what prices.  If anyone hears a price on this one, let me know.

Not sure if it is because of the slumping market and economy or in spite of it, but there pace of merger activity has been picking up lately and the security industry has not been immune to it.  Today saw two meaningful deals announced that could have an impact on the security landscape:

1. Sophos buys Utimaco - Saw this one when I woke up today, as it is a European deal.  UK based Sophos is buying German based Utimaco, makers of the SafeGuard line of data encryption/protection/DLP product line.  Sophos is paying cash $340 million US for in this deal.  This means they are substantially dipping into the credit market, as this is far more than they reported cash on hand. So like the Brocade/Foundry deal, the acquiring company feels strong enough about the acquisition to mortgage the house to get it.  In this case, I think Sophos is making a smart deal. They clearly say that to compete with Symantec, McAfee and Microsoft they are going to need a full endpoint security suite. AV alone is not just going to cut it. This gives Sophos a real play in DLP and data storage space. 

Yes they could have just done a partner deal for this type of technology, but I applaud them for going out and buying the technology.  I wondered if they would use this as a reverse merger entry to the public markets but it doesn't look like that.  In any event it looks like Sophos is making the play and spending the bucks to be a player in the endpoint security suite game.

2. Motorola buys AirDefense - Well one of the air brothers finally found a taker. I always thought that for all of the press AirDefense, AirTight and AirMagnet receive, the revenue just didn't match the hype. Stand alone wireless security was a tweener.  Would traditional security cover wireless or would traditional wireless cover wireless security.  In any event a stand along wireless security play is a tough road.  So with this answer Motorola says wireless handles wireless security. 

My question is what does the future hold for Motorola.  They are reportedly getting out of the cell phone business.  Is their wireless business, even a secure one enough to support this giant?  I don't know but there is a bit of "dead man walking" over there if you ask me. 

I think the play is clear though that wireless providers are going to snap up wireless security companies. The real issue is at what prices.  If anyone hears a price on this one, let me know.

Last week I came down pretty hard on Air Defense (here and here) for phishing WAPs at the InfoSecWorld trade show. Well just to show you that sometimes people make mistakes and if you blog it, you may get it addressed, I wanted to share the following email that I received today. I have redacted out the names to protect the innocent and the guilty.

Alan,

Let me start by first apologizing for any inconvenience I might have caused you or any other vendor at InfoSec World. You can be assured that next time I will collect alarms in the privacy of my own home prior to going to a convention.  I setup a test box during the vendor setup on Monday, this is a tool we use to show some wireless attacks.  After about an hour I shut it off, I was using it to gather some historical data to show in Advance Forensic.  If I recall correctly it did run it for about 5-10 minutes the 2^nd day after the demo crashed and we lost the data I collected on Monday (plug was kicked out).  This was very brief and not intended to be harmful. 

The intent behind using the page with AirDefense was in case anyone who saw the page could at least ask us why it happened and we could apologize and explain that it was just temporary.  JOHN DOE, the gentlemen you spoke with, was not aware of my actions nor was anyone else from AirDefense. I did ask him to point you out so I could apologies and let you know it should no longer be a problem but he didn???t see you.   I unplugged the test box just in case it was still doing something behind the scenes.  Once again I do apologize for any issues I may have caused.  If you have any questions or comments please feel free to call.  Also thanks for making us aware that it may have still been phishing people off their APs.

Thanks,

So to this Air Defense engineer, I take you at your word and apology accepted.  I am glad to hear that Air Defense does not condone this as a legitimate trade show tactic. Go in peace and sin no more ;-)

Last week I came down pretty hard on Air Defense (here and here) for phishing WAPs at the InfoSecWorld trade show. Well just to show you that sometimes people make mistakes and if you blog it, you may get it addressed, I wanted to share the following email that I received today. I have redacted out the names to protect the innocent and the guilty.

Alan,

Let me start by first apologizing for any inconvenience I might have caused you or any other vendor at InfoSec World. You can be assured that next time I will collect alarms in the privacy of my own home prior to going to a convention.  I setup a test box during the vendor setup on Monday, this is a tool we use to show some wireless attacks.  After about an hour I shut it off, I was using it to gather some historical data to show in Advance Forensic.  If I recall correctly it did run it for about 5-10 minutes the 2^nd day after the demo crashed and we lost the data I collected on Monday (plug was kicked out).  This was very brief and not intended to be harmful. 

The intent behind using the page with AirDefense was in case anyone who saw the page could at least ask us why it happened and we could apologize and explain that it was just temporary.  JOHN DOE, the gentlemen you spoke with, was not aware of my actions nor was anyone else from AirDefense. I did ask him to point you out so I could apologies and let you know it should no longer be a problem but he didn’t see you.   I unplugged the test box just in case it was still doing something behind the scenes.  Once again I do apologize for any issues I may have caused.  If you have any questions or comments please feel free to call.  Also thanks for making us aware that it may have still been phishing people off their APs.

Thanks,

So to this Air Defense engineer, I take you at your word and apology accepted.  I am glad to hear that Air Defense does not condone this as a legitimate trade show tactic. Go in peace and sin no more ;-)