Big Blue said its wireless intrusion detection service is designed to help customers protect themselves against security breaches on wireless local area networks. The service includes Linux-based sensors that detect irregularities in the wireless network and identify unauthorized or unsecured access points, IBM said. That information is translated into reports that define the nature and severity of the problem, and it is run through a database that identifies trends or patterns to help "intrusion analysts" respond, IBM said.
The around-the-clock service builds on an existing product that involves IBM consultants visiting customer sites to check whether company wireless security policies are being enforced and to look for unauthorized wireless access points.
Kent Blossom, director of safety and security in IBM's Global Services wing, said the upgraded service should help companies have a disciplined approach to setting up wireless networks. A company's workers may be installing relatively cheap wireless access points without adhering to proper protocols, he suggested.
"Our offering will help make sure those wireless access points do get implemented and maintained according to the customer's security policy," Blossom said.
Blossom's argument echoes a view held by Forrester Research analyst Maribel Dolinov. "Already, companies without official Wi-Fi investments are overrun with Wi-Fi gear purchased and configured by employees, opening up real security and network management challenges," Dolinov wrote in a recent commentary. She also said almost a quarter of companies are now implementing wireless local area networks.
According to research company IDC, 55,000 new Wi-Fi hot spots will be installed in the next five years, adding to the 4,200 locations in operation at the end of 2002.
IBM isn't the only company that's offering to help companies secure their wireless networks. According to Dolinov, AirDefense and Fluke Networks have monitoring products for hunting down rogue, insecure access points.
Big Blue said its new service helps protect against problems such as denial-of-service attacks, when an access point is flooded with nonsense traffic to clog it, and "address masquerading," when a hacker steals a validated user address and identity.
