By Vincent Ryan

It is no secret that wireless local area networks, or WLANs , can be probed by anyone within range of their radio signal, leaving them vulnerable to eavesdropping, unauthorized access and even viruses. In short, most WLANs have security loopholes large enough to drive a truck through.

WEP (wired equivalent privacy), is the security mechanism that comes standard with 802.11 products, but its days are short-lived. That is because a new standard -- Wi-Fi protected access, or WPA -- is on the way. In the meantime, however, vendors are not waiting for certification; they are building products to bridge the time lag and give WLAN administrators solutions now.

The No. 1 security problem for WLANs is that a large number of enterprises do not activate their existing security systems, says Meta Group senior analyst Chris Kozup.

The second biggest problem is the existence of rogue access points -- unauthorized WLAN nodes set up by people within the enterprise, often behind secure firewalls. "Because there is such a grass-roots push in wireless LANs, a number of people are going ahead and installing products on their own," Kozup told NewsFactor.

Rogue access points can be dealt with in a number of ways. Vendors sell airwave "sniffers" designed to detect them, for example. These products are really overlay networks that send information back to a centralized database, Kozup said.

Wavelink a company that makes network management, security and application development platforms for WLANs, plans a second-quarter release for its product that will enlist mobile devices on the LAN to become monitors for unauthorized access points. "Historically, people have wandered around with detectors scanning the frequencies, but that's sporadic and periodic," Bob Whelan, chief technology officer at Wavelink, told NewsFactor.

Encryption is perhaps the most-discussed security problem for wireless networks. WEP uses a static technique in which all users in a given area have the same encryption key. WPA fixes this problem by moving to a more complex encryption technique called TKIP, or temporal key integrity protocol, that uses a per-packet key mixing function. Further improvements are expected in future 802.11 standards.

Continued @ Newsfactor