Meru Offers RF-Level Security

Heralding a burst of new security products for enterprises, wireless infrastructure provider Meru Networks Inc. has released its new Security Services Module, which the Sunnyvale, Calif.-based firm bills as the first radio-frequency signal-level security solution for wireless LANs.

The SSM technology relies on three techniques: continuous micro-scanning, radio jamming, and transmission scrambling, all to provide enterprise WLANs with an extra layer of security beyond packet encryption.

"There are still critical gaps in WLAN security," asserts Meru director of marketing Joel Vincent. "Many enterprises are looking for a 'belt and suspenders' approach to protecting wireless transmissions. They haven't had that extra layer of security for confidential information, and so they've severely limited the deployment of WiFi or banned it completely."

As a result, many observers believe that the advent of RF-signal security technology could hasten the widespread deployment of wireless LANs in enterprises.

Jamming the signal
Essentially, the Meru technology works by monitoring and manipulating traffic on individual access points at the radio-frequency level. Meru's AirShield technology can "micro-scan" packet transmissions continuously, for only micro-seconds at a time, meaning that APs can monitor intrusions and security violations without interrupting transmissions to other APs on the network.

Once the SSM detects a rogue transmission, it can jam the rogue by blasting white noise in the channel used by the rogue every time it tries to transmit a packet. Other nodes on the network don't recognize the noise and so ignore it. Critically, the jamming technology works without affecting other traffic on the network or on other, nearby networks (which would be illegal). To preempt attacks, the SSM's antenna technology uses fine-grained, RF-level scrambling to render specific transmissions "invisible" to clients other than the specific sender and receiver.

Costing $2,500 for the most basic version, the SSM will be available beginning in the second quarter of 2006.

A complement, not a replacement
Current solutions tend to isolate rogues and shut them down at the port level, a method that can cause service disruptions and impair service quality, particularly on voice networks. Attacking the rogue AP problem at the radio-frequency level will significantly reduce these problems, says UCLA computer-science professor Songwu Lu, who has been using the SSM in his wireless-network testbed for a few months.

"With current solutions, it takes a significant amount of time to detect" a rogue, explains Lu. "Once they detect it, it takes a significant amount of overhead, in terms of bandwidth to mitigate the problem. In the best case you consume more bandwidth, which can really kill wireless voice conversations."

Because SSM works at the RF level, says Lu, it should be complementary to security technologies already available in the marketplace: "Because current solutions try to tweak transmissions at the protocol level and the system level, but not at the RF level, Meru's technology should be complementary to what other people are doing."

— Richard Martin, Senior Editor, Unstrung

Page 1 / 2   >   >>
RBMartin 12/5/2012 | 4:09:00 AM
re: Meru Offers RF-Level Security They claim the scanning process is much less than other scanners (microseconds vs. milliseconds), thus the availability to keep the AP online while scanning (as the story specifies). Also, I'm curious why you say "if it was real it wouldn't be availabe in Q2 2006."

Not carrying water for Meru -- I'd like to hear more specific objections to this technology.
wlanner 12/5/2012 | 4:09:00 AM
re: Meru Offers RF-Level Security Marketing fluff (not that Meru doens't have too much of this), if it was real it wouldn't be availabe in Q2 2006.

Plus, could it be more vague? Micro-scanning - you mean going off channel for a few milliseconds and listening? Blasting white noise on a channel without intefering?

Looks like Meru is making a defensive announcement because everyone is doing this today - Cisco/Airespace, Aruba, Bluesocket, Colubris, Trapeze, Air Magnet, AirDefense and the list goes on.
wlanner 12/5/2012 | 4:09:00 AM
re: Meru Offers RF-Level Security My point was if this was something solid you would announce it and ship it. Why are they announcing something that now that they will have in May or June?

I'd give more specific objections if they gave specifics on what it does. Microseconds to scan? How would you see a beacon that is sent every 100ms? I'm sure the scanning companies like AirMagnet, AirDefense, Network Chemistry would have something to say about this.

I have no problem with something new. My only issue is that they give no details on what they are doing or really how its different (is that because its not shipping until Q2 and they don't know yet). Meru has never participated in an open bakeoff with Network World, etc...

So, they claim all this great technology without any details, yet never show up at a bakeoff.
router_guy 12/5/2012 | 4:08:57 AM
re: Meru Offers RF-Level Security Only Meru could market a denial of service attack as a feature. Since they preach all Access Points on one channel it would be easy for them to fill the other channels, unused by Meru Wireless, with traffic. They probably send big packets at 1Meg and never back off when collisions are detected. Or they use RTS packets back to back to make everybody wait. They can't use this strategy on the same channel as their APs.
davste4709 12/5/2012 | 4:08:55 AM
re: Meru Offers RF-Level Security I don't see how Meru have the right to jam a close-by network which might have just as much right to use the same channel or channels as the 'protected' network. While the 'product' is aimed at 'enterprise', in a dense urban environment, often stations or access points from an external network could have stronger signals than some of the networks own STAs or APs. Really, this sort of 'jamming' ought to be illegal.

RBMartin 12/5/2012 | 4:08:54 AM
re: Meru Offers RF-Level Security Meru insists that its version is legal because it jams only the offending client. I will pass on your comments to them for further explanation.
meshsecurity 12/5/2012 | 4:08:51 AM
re: Meru Offers RF-Level Security Boring....been there done that stuff. Everyone and their mother implemented these type of features years ago. Wireless IDS/IPS was a nice marketing spin that had about one years worth of life back in 2003. Now, if they can come up with an integrated wired/wireless story then I will stop blasting Meru's "security" press releases.

RBMartin 12/5/2012 | 4:08:51 AM
re: Meru Offers RF-Level Security Here's more from Meru marketing director Joel Vincent:

"After reading the conversation on the message board I would clarify that we don't do anything to clients that don't match the criteria for a rogue.

"Jamming is a simple more graceful method of rogue mitigation. Instead of sending de-auth packets (as others do) we jam the offender at the radio level so that everyone else ignores them.

"The method we use is not at the packet-level so there is no network flooding or any such thing. We only jam rogues. Its a more graceful, less traffic-intesive mitigation technique that frees the WLAN from excessive de-auth packet transmissions."
whithercisco 12/5/2012 | 4:08:44 AM
re: Meru Offers RF-Level Security Richard,

Did you know that Meru only supported scanning intervals of 1 minute until this release. Airespace, Aruba and perhaps even Trapeze have been doing millisecond scanning for ages now. Aruba claims that they can now even support scanning without compromising voice QoS by implementing higher layer protocol understanding which affects RF scanning periodicity.

This microsecond scanning seems like a lot of marketing hoopla.

What happens when you scan for a few microseconds and don't catch the rogue APs beacons which are usually set to transmit every 100 milliseconds?

Also, jamming is illegal according to the FCC. What does Meru say about that?

I see this Meru articles as biased reporting in exchange for advertising which Meru seems to do a lot on unstrung.

Sorry, but I have to call it for what its worth!

whatupwireless 12/5/2012 | 4:08:38 AM
re: Meru Offers RF-Level Security Did you cut and paste this from your last posting trying to slam Rick? How about something original and/or at least interesting. What do you have against Rick?

>I see this Meru articles as biased reporting in >exchange for advertising which Meru seems to do >a lot on unstrung.
Page 1 / 2   >   >>
Sign In