Rob Markovich, the CEO of WLAN security company Network Chemistry, calls the company’s Sensor Agent Software the key to its intrusion detection and prevention system. So, naturally, he’s giving it away. The Sensor Agent is available for free to any WLAN vendors that want to build it into their products.
“What’s best for customers is choice,” says Markovich. “We have our own sensor hardware, we’re the only [IDS/IPS vendor] that makes our own, but we also are taking software that runs on them and allowing it for use on anyone’s access points, providing enterprises the ability to turn any AP into a sensor.”
Vendors can work directly with Network Chemistry to do this, and offer sensors under their own brand. Still, the focus is more on end-user customers that have an overabundance of existing APs—whether deployed or decommissioned and just sitting around—that the IT staff can convert into sensors. Those customers, however, do not get the Sensor Agent free—they’ll have to pay a license fee of roughly $400 for each AP they want to convert.
“The beauty of the initiative is that we can port this and have it run on anyone’s APs without making any hardware or software changes by the vendor,” says Markovich.
He says that ultimately the company will support the Sensor Agent on any access point hardware that customers request, but that the list of enterprise class hardware to use is short. The list starts with equipment from Cisco and Symbol, the two corporate WLAN equipment leaders, so Network Chemistry says they’ll be the first supported. The full port of the System Agent to a third-party access point takes three to four weeks, including quality assurance testing. The company always starts with a call to the vendor first to see if they would like a tighter working relationship, but if the AP vendor says no, the company will go ahead with the port themselves.
“In a year or so, we’ll have support for all the enterprise APs out there,” says Markovich.
Enterprise equipment may be just the start. With the cost of consumer-grade APs well below $100 these days, customers would like to turn their Linksys and D-Link products into sensors as well. Markovich says that is coming.
Sensor Agent will turn an AP into a dedicated sensor—it can’t be used for network access by client computers. Still, changing the firmware back to AP status is always possible, albeit time-consuming, since each AP has to be handled one by one at this point. It’s possible that in a 2.0 release, the switch back and forth could be automated, controlled by Network Chemistry’s RFProtect flagship software.
Network Chemistry is the OEM behind several companies with their own sensors. The company only recently made the list of partners—Bluesocket, Cirond, Newbury Networks, Netscout, Wireless Valley, WildPackets, and Adventnet—public. Markovich says Network Chemistry is the market leader in WLAN sensor deployments, when you count all of the sensors out there from his company as well its partners. The company is also working on extending relationships with WLAN management systems.
“We’re indifferent to whether [customers] use our own sensors or third-party from Cisco or Symbol: we’ve priced in such a way that it doesn’t make much of a difference,” says Markovich. “If they have surplus units, then this is a cost savings. We found one size does not fit all. Our position is agnostic.”
Network Chemistry is not the first company hoping to turn third party APs into sensors for their own IDS/IPS systems. Other companies on this track include competitor AirMagnet, which recently announced a deal with Colubris to turn its APs into distributed sensors.