Wireless access points, especially WiFi are essential for the efficiency and competitiveness of businesses, and the productivity of their nomadic workforces who can log in to their corporate network from wherever they are in the world.

“However, the proliferation of wireless networks in offices and in public places also poses security risks for organisations in terms of increased vulnerability to malicious hackers, identity theft, the leakage of confidential corporate or customer information and so on,” said Ronald van Kleunen, Motorola, Enterprise Mobility Solutions principal solutions consultant and business development manager in Kuala Lumpur on 8 July.

“Wireless breaches have resulted in the theft of tens of millions of credit and debit card numbers, Gartner predicts the average cost per data breach as US$300 each, Network World estimates the average to be worth US$6.6 million and the average customer turnover after a breach is 3.6%,” he added.

An enterprise network with wired and wireless access points can be compromised in several ways from behind the internal network firewall protecting it from attacks from Internet side.

One is intrusion and attack by a hacker through its WiFi access points. Another is for an employee to being in an unauthorised or rouge WiFi access point and attach it to the network. Yet another is for an authorised outside contractor to bring in their notebook and attach it to the network with permission, then transfer confidential corporate information out through public WiFi access points outside using the notebook's WiFi facilities.

The Motorola AirDefense system consists of a rack-mountable Linux appliance such as the AirDefense 1250 and 4240, connected to the corporate network. It's installed in a secure location such as the data centre which is accessible only by authorised persons. All confidential information is stored on the appliance.

It connects through the network to integrated access points such as the AirDefense AP-7131 which Motorola claims is the industry's first IEEE 802.11n access point with three radios, one for client voice over IP and data access over WiFi at 2.4GHz, the second provides the wireless backbone connection at 5GHz in a wireless mesh network and serves as a wired network replacement, while third radio is for use by AirDefense for non-data applications such as 24 x 7 wireless intrusion prevention system (WIPS) sensor functionality.

The appliance also connects to wireless traffic sensors such as the AirDefense M520 with two antennas.

The AirDefense system monitors the pattern of radio-frequency waves in the air and predicts when a hacker's notebook PC will connect based on the protocols and at the critical point it blocks the attack. The appliance sends a disassociate packet to the rouge client to cause it to disconnect or a de-authentication packet to prevent it from re-connecting.

In case of a rogue access point, it instructs the switch to shut down the port to which its connected and using triangulation by the sensors it can pinpoint the location of the rogue in the building based on building plans and network configuration, so staff can get to it as soon as possible to remove it..

Its sensors can also monitor attempts to send rogue traffic to the outside and disable connection to the offending source.

The AirDefense 1250 appliance supports up to 100 sensors and a total of 22,500 wireless devices, the 3650 up to 400 sensors and 80,000 wireless devices and the 4250 up to 700 sensors and 150,000 wireless devices.

The AirDefense Enterprise wireless management solution performs this wireless security, lets users plan the layout of their wireless network based on building plans and recommends the optimal location of access points and their antenna for optimum coverage.

Its AirDefense Dashboard enables management of the network problems through remote monitoring of signal strength and communications between devices  in the main and branch offices and analyses wireless traffic to troubleshoot problems and provides forensic data so administrators can retrace any one device's past actions.

The forensics also enable administrators to study traffic patterns to determine issues such as wireless congestion, radio-frequency jamming and so on.

Since these issues work in the physical and data link layers - ie layers 1 and 2 of the Open System Interconnect (OSI) model, wireless security must operate in these layers as well.

Add-on modules such as Spectrum Analysis lets administrators determine interference from WiFi sources such as microwaves, cordless phones, Bluetooth and wireless cameras, while the WEP Cloaking add-on puts rogue packets into the air and masquerade WEP to confuse hackers.

The Centralise Management Console add-on lets administrators monitor tens of thousands of sensors across the enterprise from a central console, and synchronise the settings of multipliances to ensure consistent deployment.

The console is accessible either through a secured Web browser interface or a Java client running on the notebook.

The Windows-based AirDefense Personal software agent runs on mobile workers'  notebook PCs to provide wireless end-point security (WEPS) for all types of wireless networks, including WiFi, and cellular mobile data such as 3G, CDMA2000 EVDO, GPRS and so on.

AirDefense systems have been available in Asia through systems integrators for four  years and Motorola began promoting it aggressively in the Asia Pacific four months ago. Motorola acquired AirDefense in July 2008, following a three-year OEM arrangement with the company.