There’s a potential profit margin gold mine in selling wireless security. It’s a market that is literally wide open following a couple of years of strong WLAN equipment sales.
According to IDC, 25 percent of Australian organisations (large and small) currently own and operate a wireless LAN environment.
Local organisations are even starting to trial some pretty sexy applications such as transmitting VoIP over a wireless network.
Since 2004, enterprises, mid-sized companies and SOHO users have realised that wireless technology can support their mobile workforces.
But with the rise of wireless networking, came a lack of knowledge about how to secure these networks.
Security was either an afterthought for businesses deploying a wireless network or organisations that could see a genuine benefit, held off due to concerns over exposing crucial information to potential hackers looking to pluck their data out of the air.
How times have changed. If you believe Nick Verykios, marketing director at niche security distributor Firewall Systems, wireless security is now better than wired. Firewall distributes security products manufactured by Aruba, Blue Socket and Airmagnet.
“Wireless itself is a compelling technology, wireless security is better than wired and punters are starting to realise that if add all of the advantages of a wireless configuration – particularly at the edge [of your network] – it’s an easy choice.”
Adam Kleemeyer, product and solutions marketing manager at Nortel Asia-Pacific, says in the early days, wireless LAN technology was not adopted in the enterprise due to security concerns.
Today, however, as long as the reseller and/or end user implements the solution properly, the wireless networks are as secure as wired.
“In the market, there are still some concerns among customers,” he says, adding that the vendor trains and educates its channel partners to help alleviate security issues that are at the front of many end users’ minds.
Organisations deploying wireless networks want to be sure that not only are the airwaves secure, but there is protection in place against unauthorised access to the network. Today, “the foundation of security is built into the [wireless] product itself,” he says.
IDC telecommunications research analyst Jerson Yau, says that from an enterprise mobility point of view, security concerns continue to feature in the deployment and implementation of mobility strategies.
“However, security weaknesses as a priority for organisations has diminished over the past two years or so, thanks largely to the efforts of security vendors and network equipment providers promoting overall best practices to customers.”
Mark Winter, sales and marketing director at distributor InTechnology, believes the concerns for the majority of customers deploying wireless networks have changed. “They were previously worried about people sniffing the traffic through the air,” he says.
“The bigger concern now is not necessarily the data traffic going backwards and forwards – it is making sure the security on the access point is in place.
“Once [the user] puts an access point out there anyone can get access to it so they need to make sure that people connecting to a network are authorised users.
“Data encryption is still important but I want to make sure people on my network are actually authorised users rather than people sniffing an email that I’m sending,” he says.
The biggest problem is that users can still break into a WPA (Wi-Fi Protected Access) network using a Pre Shared Key (PSK), he says.
However, the use of 802.1x technology and a RADIUS (remote authentication dial-in user service) ensures only authorised users are connected to the network, he says.Resellers are starting to understand that they can make a reasonable margin selling wired networks, according to Firewall’s Verykios. “They’re starting to pitch it as their first preference when they do a diagnosis of their customer’s [network],” he says.
Users too are starting to understand that users can take a “network edge device” with them and be more efficient. “You’re always on with that kind of capacity and you’ve got good bandwidth,” he says.
It’s easy for the reseller or system integrator to prove that a wireless network is more secure than a wired network, he says.
“We see a lot of wireless sales going into wired networks to protect the edge from rogue intruders. [The user] needs some form of wireless security to protect the network from some form of unathorised wireless access.”
Resellers and integrators are making money identifying the holes in a customer’s network and charging for it. “Sometimes they charge them as part of an audit or they do a vulnerability test,” he says.
By doing this, the reseller has a logical reason to recommend a customer “tweak” their current security policy, Verykios says.
Firewall is training its resellers to ensure their customer’s security policies are more “contemporary”, he says.
Finding and attacking an organisation’s security holes is something that Rob McAdam, CEO of security consultancy Pure Hacking and his team do for a living. The company, which is independent of any manufacturer, charges a customer to hack their wireless network.
“We go in and they say “we’ve just installed wireless and we want someone with no background knowledge to do an assessment.’”
“If they want to, they will get us to exploit them,” he says.
Many organisations, McAdam says, have done their best to secure their networks but Pure Hacking often finds “there is a misconfiguration somewhere.
“We come in with a fresh pair of eyes – that’s where you find a lot of problems. A lot of the tools have security built into them and quite often it’s the human error component. That’s why they bring us in,” he says.
“The concept of trying to sell a product into the environment is not there at all with pure hacking. I’ve focussed purely on services,” he says.
Whether or not a wireless network is secure comes down purely to the skill level of the people configuring it. “The wired and wireless networks do have security built into them but it’s going to come down to the individuals that set them up,” he says.
“It’s like going to the gym – you can’t go once and say ‘I’m fit for life.’ You have to keep going to the gym and it’s the same with security. It never ends,” he says.
Channel players that are making a “bunch of money” according to Great Bay’s Winter, are actually developing a security policy for an organisation’s wireless network.
These companies are rolling out, implementing and monitoring the security of an organisation’s wireless infrastructure. “It’s all good and well to have a [security] policy written, but making sure it’s updated and adhered to is another key area,” he says.
“If your access points aren’t configured correctly, it will allow someone to gain access to that access point which opens up the network.”
Organisations that specialise in writing security policies and managing these access points are winning. “If you have to configure 100 access points, the chance that you will get one wrong is high.
If they are centrally managed, there’s a smaller risk of failure.
“There are guys out there doing this sort of stuff and because corporations don’t have the skill set, providing a managed service behind a wireless security rollout is a huge opportunity.
“You’re not going to make a whole bunch of money selling an access point but you’re going to [make money] on the security side,” he says.
InTechnology distributes a range of products that secure wireless networks. It recently signed an agreement with US-based Great Bay Software to distribute its “Beacon” end-point security offering which provides administrators with information to manage an authenticated wireless network.
In July, it also started distributing the AirWave Management Platform, a software application that lets users configure, analyse and monitor wireless network infrastructures in real-time.
“Most organisations are putting in place a single security policy for their wireless and wired infrastructure going forward.”
Telarus is one voice and data service provider that has just made the jump into the WLAN market.
The company – which sells into sites with 20 to 1000 seats - provides a site survey service for wireless users that involves assessing the customer’s site and working out a design that’s secure, says Fergus Fitzwater, security analyst at Telarus. Making sure “interference” is reduced is also part of the offering.
After configuring a wireless network, there are many technologies that resellers need to understand to ensure the customer gets the maximum benefit from the network.
Understanding how the radio actually works is important, he says. “[Product specifications] on distributor and vendor websites don’t tell you how the radio works and how they achieve the “bit rate,” he says. “A lot of installations, as a result, don’t get the expected performance,” he says.
Rolling out intrusion detection and prevention infrastructure is also crucial. “You need to [install] something that is going to detect when people are trying to connect and block that connection,” he says. When these products are installed, administrators are alerted when a rogue access point has been setup.
Maurice Famularo, marketing director Australia/New Zealand at networking equipment maker D-Link says that securing the network is also part of the site survey. This survey should determine what other WLANs exist within signal range can cause interference and the risk of other WLAN clients attaching themselves to any unsecured networks.
Resellers and integrators deploying WLAN need to specialist and become “experts” in site surveys to correctly spec products, he says.
Trusted advisor
The growing complexity of IT systems and wireless networks continues to produce confusion as well as the current environment of corporate anxiety, says Phillip Allen, research manager, vertical markets at IDC. Both issues have created an active market for security advice, he says.
“However, the problem is that end-users don’t know who to speak with and no vendors are really focussing on this and the marketplace is still a little confused and uncertain about who is able to best help them.
“In order to unlock the revenue opportunities in a crowded market, resellers will need to identify a clear strategy. Without a clear market positioning strategy, companies will get lost in the crowd and lose business to their competitors,” he says.
Resellers hold the key to helping customers understand wireless security according to Robert Pregnall, Asia-Pacific product manager for end-point security at Symantec.
Why organisations have placed security as an afterthought when deploying wireless devices is a mystery, he says.
“We have had the conventional anti-virus and border protection for all devices. Anti-virus and/or potent security offerings have been available. “Resellers hold the key to helping customers understand – as a trusted advisor,” he says.
Lock it down!
By
Byron Connolly
on Nov 10, 2006 11:41AM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Tech For Good program gives purpose and strong business outcomes
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Ingram Micro Ushers in the Age of Ultra
Kaseya Dattocon APAC 2024 is Back
Sponsored Whitepapers
-1.jpg&w=100&c=1&s=0)
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
.png&w=100&c=1&s=0)
