/   Network World   /   Expert Column   /   Securing wireless networks

Securing wireless networks

/ 31 July, 2012

When it comes to ensuring 24/7 security and compliance monitoring of corporate Wi-Fi networks, straightforward business economics demands the need for cost optimisation. And yet, guaranteeing the biggest bang for your buck is easier said than done. Werner Heeren, Regional Sales Director of Fluke Networks, reveals how to maximise ROI without compromising corporate data.

Werner Heeren, Regional Sales Director, Fluke Networks

Protecting WLAN from those bent on corporate espionage is not easy. Hacking is on the rise for many reasons: a tough trading economy; frequent job changes; and pure and simply it provides a quick and easy way of lowering the knowledge barriers that prevent market entry. A motivated hacker knows that most security programs focus on regulatory compliance. He or she also knows that IT departments have limited budgets, which often become diluted when attempting to defend against an almost continuous stream of attack vectors. The hacker only has to find one way in.

Wi-Fi all around

The plain truth is that the Wi-Fi explosion continues unabated. As a technology it has become ubiquitous and the workplace is no exception – everyone prefers Wi-Fi. However, with tightening requirements for adherence to compliance standards such as PCI, there is an increasing need for full time compliance monitoring solutions in retail, banking and other financial applications, with all the associated costs that implies.

Of course, not only is Wi-Fi convenient, it saves costs, and so more and more applications are moving towards wireless. However, with rising numbers of devices used across Europe comes greater RF and increasing WLAN stress. Large, complex corporate systems are pushed hard beyond their original design specification, creating congestion and gaps in both performance and security. Ultimately there are often too many wireless variables, which along with increasingly complex application infrastructure, often mean intermittent problems that are difficult to capture.

With budgets stretched everywhere, IT operations are frequently not optimised to address such issues effectively. User reports are often too general and too late. Tech support is over-burdened, and because many users will only try tech support once or twice if they do not get a quick resolution, and then not report issues again – immediate detection of performance gaps with detailed root cause is critical. Adding to the problems, the correlation of data from disparate tools is difficult to manage manually.

In poor health

Fluke Networks can report the recent example of a health care company and the Wi-Fi challenges it faced. Symptoms first surfaced with multiple reports of trouble connecting at different sites. The problem was the partial outage of electronic health record (EHR) wireless carts, but various investigations over seven days proved inconclusive. It was only discovered later that the RADIUS networking protocol showed failed authentication attempts of six times the normal rate during the problem period, by which time problems had begun to stack up: there were extensive patient care delays, staff were frustrated and carts were out of position.

Many in the past who have thrown money at problems such as these, have often been left frustrated and out-of-pocket, particularly given the cost of high end enterprise wireless solutions and their vendor-locked management systems. However, like it or not, there are gaps in the offerings of many wireless management platforms, and the door is open for a solution that can pick up the slack.

Vendor independent

Increasingly, a dedicated third-party system for WLAN full time compliance monitoring and security is the preferred choice for enterprises serious about protecting their wireless networks. The proven and reliable troubleshooting capability of such systems means fewer false alarms, greater problem diagnosis and solution, and ultimately, more time for managers to spend on core business activities.

One such vendor-independent solution is AirMagnet Enterprise from Fluke Networks, which in its latest version 10 seeks to make hard-to-find problems more obvious, even as the WLAN gets ever more complex. So how is this achieved? Well, there’s more than a new trick or two on offer, arguable chief among which is the first Software Sensor Agent (SSA) for WLAN security and performance monitoring, which takes the functionality of a hardware-based sensor and makes it deployable (flexibly) on a Windows-based client PC.

The concept means that the SSA can be added to existing laptops or even desktop PCs deployed around the enterprise (just add a USB wireless adapter), and a battery of performance tests can be scheduled to run periodically, along with continuous detection for rogue access points.. A low cost solution, the SSA essentially acts as a force multiplier for WLAN support and basic WIPS needs.


Economic viability

In comparison with, say, two hardware sensors, cabling and ceiling installation, 4 x SSA with WLAN adaptors and PC install presents a far more cost effective solution for stretched IT budgets. There is also the option to mix SSA and hardware sensors to optimise cost, deployment plans and security monitoring needs. Ultimately, it allows network professionals to build a flexible solution from standard hardware sensors, which are the core technology for monitoring WLANs, and a cost effective software alternative for multi-site health care, retail and concession operations needing basic PCI or HIPAA compliance monitoring.

Additionally in version 10, the market’s first Automatic Health Check (AHC) capability exercises the likes of authentication servers, DNS and throughput SLAs automatically from a number of locations on the network. Again, a cost effective means of proactively monitoring WLAN health from the end user to the cloud, AHC provides detailed measurement and trending reports. This functionality is able to instantly pinpoint network service or application outages, wireless authentication failures and download speed degradation before users are affected. The upshot is increased WLAN quality and availability while minimising help desk and IT resources.

Vital signs improving

Returning to the example of the health care company, AHC resolved the issue of verifying wireless EHRs. With the automated AHC test configured to ‘ping’ the application server every five minutes, the transaction failed due to time-out at RADIUS authentication. Here, the alarm triggered ‘wireless application unreachable’, notifying users and activating back-up procedures. The alarm then triggered ‘RADIUS authentication unreachable’ presenting diagnosis and mobilisation to fix. This not only minimised the impact on users, it provided immediate information on the situation with the time to resolve reduced to minutes instead of days. Furthermore, it maximised IT staff efficiency, as they were able to focus on exact root causes only, eliminating unstructured analysis.


With the ongoing ‘unification’ of wireless with wired networks, having a firm grip on what occurs in the air is mandatory, despite the complexities. Simply generating a list of rogues and neighbouring noise sources is no longer sufficient; replicating the client experience automatically for signs of network service trouble is nothing short of essential.