IBM is hoping to help users take another step toward autonomic, or self-regulating, computers, which shall be able to manage, configure and maintain themselves, with the announcement of a new wireless security tool, Distributed Wireless Security Auditor.
The tool, which can run on wireless-equipped laptops and handhelds, constantly monitors wireless networks for the addition of new devices and configuration changes on existing devices, explains Dave Safford, manager of Global Security Analysis Lab at IBM Research. The data gathered from that monitoring is then transmitted back to a central server where it's compiled for use by administrators.
Traditional approaches to wireless network discovery and security have involved administrators equipped with wireless network gear roaming the halls and aisles of buildings, a process that is both expensive and time-consuming, Safford said. This approach allows companies to compile information about their networks at one point, but not continuously and it won't identify new access points as they are added.
"Security issues with 802.11b networks are largely ones of getting them configured correctly," he said. "The problem is finding access points... and making sure they have the appropriate security features turned on".
Distributed Wireless Security Auditor addresses this problem by running in conjunction with the wireless client software on laptops and handhelds, he said. Because the software is distributed and continuously monitors the network, it eliminates the need for multiple hardware-based sensors or frequent walk-throughs to discover new access points.
"We want more and more the systems to take care of themselves," Safford said. "This is a step towards that."
Wireless network administrators shouldn't get too excited yet, though, as the announcement is a technology statement, rather than a product announcement. The product is not yet available for purchase and IBM was unable to provide an exact timeline.
"It's not going to be a long time... a small number of months," he said.
When it is released, the software will work with Tivoli's Enterprise Risk Manager security console. For now the back-end software reports to Unix applications, with the client running on Linux. Windows client support is also due in the future.
For more information on network monitoring, our sister site Techworld has a comprehensive network monitoring resource page.