Extending the Protected Network Wirelessly

By Vince Barnes | Dec 8, 2003 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3286531/Extending-the-Protected-Network-Wirelessly.htm

Having provided anti-virus, anti-spam, content filtering, and firewall protection at the perimeter, on the server farm, and on the local workstations, security administrators may feel they've covered all their bases in terms of protecting the valuable information flow on the enterprise's IT infrastructure.

This feeling can start to erode, however, when the need arises to provide access for satellite offices and home users — and especially so when wireless connections need to be included in that mix.

The tools available to help extend the protected space outward include Virtual Private Networks (VPNs) and a variety of encryption and authentication tools. When it comes to adding wireless nodes to the network, the security question has often meant working with tools offered by a variety of vendors to provide a full security package. And the ongoing problem of extending anti-virus protection as the network grows compounds the complexity of the situation.

Fortunately, new weapons that are aimed at simplifying the administrator's tasks are being added to the arsenal. One example that captured attention at the most recent Comdex is the SOHO TZW from SonicWall.

Available for less than $900, the SOHO TZW is an economical appliance with a price tag that belies its capabilities. The TZW packages a firewall, VPN technology, and secure wireless access in a single unit. The TZW runs SonicWall's SonicOS operating system, which has a similar look and feel across SonicWall's line of products. The appliance also features a simple to use web interface and a variety of wizards for performing deployment tasks that can greatly reduce setup time.

The TZW provides heavy-duty wireless network security by enforcing the use of IPSec 3DES encryption to create a VPN on the wireless LAN. All users must authenticate to be granted access.

When initially connected, a device is provided a private IP address with no access beyond the TZW. Once authenticated, a VPN is built and granted a level of access that depends on the authentication used.

The built-in Stateful Packet Inspection (SPI) firewall allows unusual flexibility in creating access rules. An administrator can create multiple trusted zones of access for wired, wireless, and guest access. This flexible protection allows for separation between the LAN and WLAN users, as well as the ability to create guest accounts that allow a guest access to the Internet without providing any access to the local network.

Page 2: Enforced Network Anti-Virus

Enforced Network Anti-Virus

The TZW can also serve as a part of a strong anti-virus defense. SonicWall has a zero administration Network Anti-Virus solution that it developed in partnership with McAfee (Network Associates). The solution employs advanced heuristic technologies and automatic alerts, and is backed up by McAfee's Anti-Virus Emergency Response Team (AVERT).

SonicWall Network Anti-virus is a subscription service that utilizes an anti-virus agent running in its Internet Security Appliance family, including the SOHO TZW. The agent transparently monitors virus definition files and triggers downloads and installations for each computer connected to the network.

The security appliance, in this case the SOHO TZW, enforces a policy that ensures that every PC to be granted access is actively running the most up-to-date anti-virus software, ensuring that the network remains protected from rogue users and new viruses.

The mechanism works by communicating between the McAfee Anti-Virus agents on the workstation computer and in the security appliance whenever the computer attempts to send traffic through the SonicWall. The SonicWall agent sends a request for the VirusScan version. If it gets no response, access is denied. It it gets a response with an out-of-date version, it triggers a transparent auto-update.

The subscription service also provides alerts to network administrators when new fast-moving viruses are discovered, providing as much information as possible for immediate defensive action, and providing automated anti-virus protection updates as soon as they are available.

The SonicWall Network Anti-Virus system can also efficiently allocate anti-virus licenses across distributed networks that have multiple Internet Security Appliances. A significant cost benefit can be derived from such efficiencies as needs in the network change.

Virus outbreaks are very expensive. The cost of removal alone is sufficient to warrant a paid subscription service, even without consideration of the potentially staggering costs associated with lost productivity and lost confidence.

Centralized enforcement of an anti-virus policy is a powerful tool to use in the protection of the corporate network. This could never be more true than when wireless connectivity is added to the mix, and especially if the courtesy of guest access to the Internet is to be extended.

Overall, SonicWall's SOHO TZW offers an affordable and efficient means for extending security – and network access – beyond the confines of an enterprise's local network.

Feature courtesy of Enterprise IT Planet.

» See All Articles by Columnist Vince Barnes