ETelemetry, a company that specializes in extracting information from enterprise network traffic, last week released an update to its Locate network appliance, that will give companies the ability to sniff out and disable rogue wireless access points that are connecting to their network.
The problem, says eTelemetry CTO Alan Schunemann, is a common one: employees bring in their own private mini hub or switch and hooking it up to the network as a rogue access point. The Locate feature, he says, helps solve this problem by using eTelemetry's "IP-to-people" technology that maps users by monitoring all traffic for logon information to services such as instant messaging, e-mail and Active Directory. Thus, the technology is able to correlate people on the network to IP addresses, media access control addresses and switch ports in real time.
The new Locate 4.1 update uses this IP-to-people data to determine when a new or unknown user, device and IP address appears on the corporate network, including rogue devices that are using unauthorized Wi-Fi. From there, Locate sends out a security alert letting the IT department know that an unauthorized access point is connecting to the network . Locate also gives the department the ability to directly shut down all rogue access points that it identifies on the network, Schunemann says.
"What's nice about our product is that once you know where the rogue access point is, you can identify the person who probably set it up," says eTelemetry CEO Ermis Sfakiyanudis. "It's a rack-mountable 1U device that you can peg to the network through a normal switchboard connection."
Prices for eTelemetry's Locate 4.1 start at US$7,500 for the hardware and 500 client licenses. Users can purchase packages of 500 additional licenses for US$1,000 each.