Jay Chaudhry is the CEO of AirDefense, a company exclusively focused on WLAN security with technology that is designed to monitor and analyze 802.11 Layer 1 and Layer 2 packets in the airwaves.
AirDefense’s flagship product is the industry’s first Enterprise Wireless LAN security appliance to monitor and protect the airwaves.
AirDefense’s patent-pending technology integrates multi-dimensional intrusion detection with stateful monitoring to effectively secure WLANs.
What events in the wireless security market have marked this year?
This past year has been marked by some great advancements in wireless LAN security. However, the progress has been superceded by the sophistication of available tools to break the new security. Before 802.1x was ever implemented, people found a way to break it. WPA has introduced this year but has yet to be implemented.
Warchalking, Wardriving, Warspamming – these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?
The terms Warchalking, Warspamming and Wardriving called attention to the basic insecurities of wireless LANs. In the wireless world, you cannot control the medium for which data is transferred. While there have been few cases of warchalking, the businesses that discovered these markings on their buildings have become increasingly sensitive to WLAN security. However, if it hasn’t happened to you, you are not likely to see it as a threat.
Warspamming is a legitimate concern. With the backlash to spam and new laws aimed to curb the junk emails, spammers are looking for new ways to get their mass emails to millions of users. An insecure wireless LAN is an easy entry point to an enterprise email relay server.
For the most part, Wardriving is a harmless act by wireless hobbyists. However, enterprises should be especially concerned about where wardrivers post the data they collect about the discovered WLANs. Enterprises should be careful in configuring their network to not beacon the SSID, which essentially acts as the name of the network. The SSID should never reflect the company name in any fashion. Check out https://wigle.net/gpsopen/gps/GPSDB/ for a detailed look into wardrive postings.
Will there be a slowdown in acceptance of wireless technology in the corporate environment in 2003 because of increased security concerns?
The growth of wireless LANs have been slowed a bit by security concerns. However, business managers are accepting the risks when they see the huge productivity gains they can receive with this new technology. New security solutions are catching up. Only the most risk-adverse enterprises can avoid wireless LANs completely.
What are your predictions for the future when it comes to wireless security?
Security continues to improve as this new technology matures. If the development of the Internet and traditional wired-side networks is any indication, attacks on wireless LANs will grow in sophistication to introduce more advanced identity theft, Denial-of-Service attacks, Man-in-the-Middle attacks and others that we have yet to imagine.