Wireless Intrusion Prevention WIPing Into Shape

By Michael A. Gips

Wireless devices used to be peripheral components in corporate IT systems, and they were treated accordingly, as peripheral concerns. That's changing. Corporations now say they are taking much more seriously the vulnerabilities inherent in wireless components.

According to a survey of large IT purchasers conducted by TheInfoPro (TIP), an independent research network that covers the IT industry, more companies are testing wireless security solutions, especially wireless intrusion prevention (WIP), and that "should translate into full-scale implementations if they are successful."

Every six months, TIP interviews members of its 900-company network - which includes Citigroup, FedEx, PepsiCo, and Harvard University - on their network security plans and IT security budget issues. Users are asked whether they use a category of solution, are pilot testing it, have short- or long-term plans to implement it, or have no plans to use it. Users also report specific vendors and products. The current iteration of interviews, called Wave 8, wrapped up in February.

Outside the realm of wireless, network intrusion prevention is growing, according to TIP, as companies ramp up from more reactive network intrusion detection systems. 3Com is in position to benefit the most, with its TippingPoint product, which has been certified by product-testing firm ICSA Labs, notes TIP.

Another significant development in Wave 8, according to Phil Lerner, TIP's managing director for information security, is that big companies are moving to enterprisewide single-sign-on solutions.

"The bottom line is that companies with 30,000 users have massive password management issues," says Lerner.

Interest in storage security is also burgeoning, says Lerner, with vendors such as Decru and Symantec benefiting from the upsurge. Web application security tools, which address vulnerabilities in Web servers and in software used on Web sites, such as e-commerce programs, are also hot items. Wave 8 results show that 34 percent of interviewees plan to spend more money on these tools.

TIP also asked users which IT security vendors they are considering abandoning and which they are least likely to switch from. Preliminary results of the interviews (final results weren't available at press time) indicate that users were wary of IBM's recent acquisition of network-intrusion-prevention pioneer Internet Security Systems (ISS). The fear, says Lerner, is that IBM will tinker with a sound product. "If they leave ISS alone" and provide good support, "it'll be just fine," he says. Users have also shown some reservations about Nortel's Contivity VPN Client product.

Receiving expressions of confidence, on the other hand, were products by such vendors as Novell, Blue Coat, PointSec, and nCircle. Among the products that interviewees said they were least likely to jettison were PointSec's laptop security product, and nCircle's IP360, an enterprisewide vulnerability and risk management system.

By Michael A. Gips, Director of Strategic Operations

technofile_chart0407.gif16.51 KB



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.