Aruba Networks unveiled intrusion prevention technology enhancements that allow customers to write and share security
updates to defend against zero-day wireless attacks.
The company also unveiled a number of other enhancements to its product line, including a software upgradeable A/B/G to N router and the debut of a VPN replacement that can tap into Wi-Fi, Ethernet or wireless broadband.
"It really goes with the theme they've had since the beginning -- completely focused on security as the No. 1 issue, and they continue to build around that theme," said Paul DeBeasi, a senior analyst with Burton group. "No one else has that."
The RFprotect Wireless Intrusion Prevention System (WIPS) uses the LUA scripting language to define and defend against new wireless attacks. Upon discovering a new form of infiltration, security professionals can write their own defenses and then share them via the Wireless Vulnerabilities and Exploits (WVE) database at www.wve.org, a multi-organization-backed site dedicated to improving wireless security.
Aruba acquired RFprotect about a year ago from Network Chemistry.
"We're very much involved in the wireless security area as a vendor," said Mike Tennefoss, head of strategic marketing for Aruba. "This isn't about a competitive advantage; this is about helping users with more security."
Tennefoss said Aruba's long-term plans for the vulnerability-patching system were to move toward an antivirus-type paradigm, where vetted signatures are eventually pushed automatically onto devices.
Aruba's new approach to zero-day exploits could gain some market traction, DeBeasi said. Although it is unlikely to be a killer app, he said, it does strengthen the company's security message.
In addition to boosting its security, Aruba unveiled an A/B/G router that could later be upgraded to .11n via a for-purchase software patch. Tennefoss said the product was targeted at customers who were looking to make the jump to the higher-speed protocol but weren't yet willing or able to invest in the pricier devices.
The company also announced new Remote Access Point (RAP) software, which will be shipping early this summer. The software, which can be loaded onto the company's standard AP-70 access point, creates a flexible remote tunnel for accessing a corporate network remotely.
End users simply plug their device into the RAP, then use it to securely access their corporate intranet -- without having to deal with VPNs -- through available Wi-Fi, Ethernet, or broadband wireless like EVDO or HSDPA.
"We think the VPN replacement market is huge in the enterprise," Tennefoss said, adding that the key to the device was user-side simplicity. "It just works, and that's the objective."