In addition, Aruba customers will be able to make their user-defined signatures available to others by contributing them to the Wireless Vulnerabilities and Exploits (WVE) database at www.wve.org, a community vulnerabilities database. Aruba has long been an active participant in the WVE Project.
"Security is an unending, iterative process in which the best defense is built by rapidly integrating updates about real or potential attacks as quickly as possible," said Rajeev Shah, Aruba's wireless IDS product manager. "User-defined threat definitions are used successfully in other segments of the security market, and we're pleased to be the first to make it available for WIPS."
The new software represents the full integration of the RFprotect software that Aruba acquired from Network Chemistry in 2007. RFprotect software automatically detects network vulnerabilities and contains unauthorized clients and adhocs even as they roam. With its customizable security policies, RFprotect software delivers organization-specific security policy enforcement, reduces false positives, and generates reports to meet compliance requirements.
Originally acquired from Network Chemistry in 2007, RFprotect software automatically detects network vulnerabilities and contains unauthorized clients and adhocs even as they roam. Featuring customizable security policies, RFprotect software delivers organization-specific security policy enforcement, reduces false positives, and generates reports to meet compliance requirements. The new RFprotect software has been integrated into Aruba's secure mobility solutions to enhance Layer 1-2 security capabilities.
"It is important that interval between the detection of a security threat and its mitigation be as short as possible because of the vulnerability created by the gap," said Paul DeBeasi, senior analyst at Burton Group. "Collaboratively developing, testing, and disseminating security features, including user-defined signatures, can minimize the vulnerability more rapidly than relying on a single vendor for periodic updates. This method has been used effectively in areas such as virus detection, and is an innovative way to enhance WIPS security."
The new RFprotect software will be shipping early this summer, and will be introduced at Interop Las Vegas, April 29 May 1, booth 1262, at the Mandalay Bay Convention Center.
Tuesday, April 22, 2008
New WIPS from Aruba
Meru launched a new 802.11n AP
SUNNYVALE, Calif., Apr. 21, 2008 – Meru Networks has introduced the AP440, a four-radio IEEE 802.11n wireless access point that provides the data rates and functionality to let enterprises replace aging wired infrastructures with wireless networks without compromising access speed, throughput capacity, security or resiliency.
The AP440 has four radios that can each support the full draft IEEE 802.11n standard, in either the 2.4GHz or the 5GHz band. Meru's "channel blanket" architecture means that all four can be in use at once, though likely set-ups will probably use one radio for monitoring, intrusion detection, and protection from rogue access points.
Each of the AP440's four IEEE 802.11n radios supports access at up to 300 megabits per second (Mbps), for 1.2 gigabit-per-second (Gbps) capacity. Because the four radios work together to provide internal redundancy, load-balancing and security, enterprise users can dramatically reduce the number of access points and additional security sensors they need, realizing significant savings on cabling, connection and deployment/installation costs.
"By 2010, we predict that 79 percent of new connections will be wireless," said Rachna Ahlawat, Meru's vice president of marketing. "Security is no longer the number one concern - it is now reliability, followed by capacity, scalability, security and price."
Although the access point will be announced at next week's Interop conference in Las Vegas, it won't be available until the third quarter of this year. This could be useful in that it may allow electrical power to catch up with it. The current standard for power over Ethernet, IEEE 802.3af, will not deliver enough electrical power to run four Wi-Fi radios, but the next specification, 802.3at, should start to be available in products by then, said Vaduvur Bharghavan, Meru Networks chief technology officer.
The four radios should operate omni-directionally and without interfering with each other, said Bharghavan. With four channels, it will be easier to avoid unexpected interference, such as that from microwave ovens, said Bharghavan. "The best thing is to have a parallel channel available in the same band," he explained, saying traffic can move across right away, whereas in a channel-planning WLAN, such as those of Aruba, Trapeze and Cisco, moving an AP from one channel to another would mean dropping all the clients, and then changing the channel - and then changing channels on neighbouring APs. "If clients need to change channels, we are optimised to do that. It's not been done before."
The access point also includes a USB port, so the user can plug in a Wi-Fi monitoring device, on a few access points, such as the Metageek Wi-Spy spectrum analyzer, which improves on plain Wi-Fi monitoring by spotting other sources of interference such as microwave ovens and Bluetooth. "We have software on the AP that interfaces and pulls spectrum analysis off the Wi-Spy" said Bhargavan. "As spectrum analyzers get more sophisticated, it won't require a hardware upgrade to the AP - you can just plug in a different analyzer."
Meru is also announcing a virtual-reality visualisation tool which can display three-dimensional "heat-maps" of Wi-Fi coverage in a building. It relates access points on different floors, so should give a better indication of coverage, and allows the network manager to move through the building checking on likely coverage from his or her desk. This is an additional extra to Meru's existing management software, and costs $9,995.
The AP440 Access Point is priced at $2,995 and the MC5000 4-Gbps Acceleration Module at $15,000 (U.S. list). Both products will be available in the third quarter of 2008.
More: Meru
Monday, March 24, 2008
Trapeze launches RingMaster-200
Wi-Fi network maker Trapeze Networks has launched a pre-configured appliance that can manage up to 5000 wireless access points or 1000 wireless switches - and won a giant contract for 802.11n Wi-Fi.
The RingMaster-200 is a hardware version of Trapeze's RingMaster network management software, and is pre-tuned to manage wireless LANs. “Today, it’s common for enterprise Wi-Fi networks to include thousands of access points cover hundreds of acres and span multiple sites," said Ahmet Tuncay, Trapeze's marketing vice president.
Before this product, Trapeze's largest hardware device managed around 200 access points, while rival Aruba was ahead with its MMC-6000 which can manage 2048 APs. Both companies use software to manage larger installations, which has normally run on general purpose servers. Aruba's recently purchased AirWave management platform uses software to go up to 50,000 APs. Trapeze's appliance will make the process of design and management simpler, says Trapeze, saving hundreds of IT hours.
Ringmaster was central to Trapeze's recent success in winning what it calls "the world’s largest deployment" of the new 802.11n standard, a $15 million, five-year upgrade to the wireless LANs at the University of Minnesota. The upgrade will include $3 million on access points alone, swapping out existing APs from D-Link, Cisco and other vendors for around 9,500 of Trapeze's 802.11n access points. Ringmaster "…allowed us to quickly import our own CAD drawings and immediately begin Wi-Fi planning for 300 buildings, including 1,300-plus floors," according to Steve Cawley, the university’s vice president of IT.
RingMaster has been a big part of Trapeze's WLAN strategy from the beginning, for dealing with Wi-Fi propagation issues, and managing the lifecycle of WLANs. The appliance can make a "virtual" site survey based on architectural drawings, and configure access points for specific locations before they are installed.
The appliance is based on a Linux OS, and has two redundant 250GB hard drives to gather monitoring and performance data. The basic unit costs $19,000 (£9,515) including a licence to support 250 APs, which can be extended in steps of ten to 1000, up to 5000, if users buy software keys.
Trapeze's claims - like most claims in the ever-competitive Wi-Fi world - have already been disputed. Aruba told us that it already has an appliance that manages 5000 APs, called the MM-200. We have been unable to find this product on Aruba's site, however.
See more here
