Columns

Hunter Dickinson Finds Security with Cirond

• By Kathleen Ohlson
• September 1, 2005

Employees at Hunter Dickinson clamored for wireless capability so they could easily work from its worldwide offices in South Africa, Tibet, Mexico, Chile and Canada.

But Hunter Dickinson’s Anthony Maw was leery about implementing wireless capability in the company’s infrastructure. “It’s a leaky technology that broadcasts…to the whole world, and that’s the real issue when deploying wireless,” says Maw, Hunter Dickinson’s network administrator. “We’re on the tenth floor of a high-rise tower, so there’s visibility across the building and down on the street.”

After a year of research, Hunter Dickinson selected Cirond’s AirPatrol wireless network management security suite, which includes tools to visualize wireless connections, detect and locate rogue access points, and encrypt wireless connections. AirPatrol runs on a PC with Microsoft Windows XP and doesn’t require a dedicated server. Changes are pushed out through the central console, rather than staff making changes to individual computers—a responsibility Maw wasn’t keen on.

Hunter Dickinson is spread over three floors in its Vancouver headquarters, with nine access points allowing its employees—ranging from executives, consultants to field staff—to access e-mail, the Internet and the network from their laptops without being plugged into the network.

AirPatrol features AutoKey, which automatically generates Wired Equivalent Privacy keys every 24 hours. The company downloads WEP keys 7 to 14 days in advance, changing the keys at midnight. AirPatrol features a panic button, so if Maw suspects the network was compromised, it will immediately force the key to change. The suite also includes AAA—authentication, authorization and accounting—that reports who is connected to the network and wireless devices within 1,500 feet. “It helps me keep everything under wraps,” Maw says.

MapView, another AirPatrol tool, shows exactly where all wireless devices are located throughout Hunter Dickinson’s network—even if users aren’t connected to the network. “If you’re in a large facility, and there’s a laptop sitting in the office, it’s similar to finding a needle in a haystack,” he says.

MapView also identifies devices as known or unknown, and any unauthorized devices are singled out and disconnected or disabled. Alerts are also automatically created and sent to Maw’s pager, cell phone or e-mail account when a rogue device is discovered.

According to Maw, the mining company’s executives are jazzed about their new mobility. Executives now bring their laptops to meeting rooms, and through the course of a meeting, they take notes, check e-mail and access files. “They now have a LAN party,” he says.

Hunter Dickinson’s employees aren’t the only ones who benefited from wireless capability. Maw and his assistant are spared from always having to go to a user’s computer to solve problems. They now either diagnose a problem remotely or take their laptops to the user’s computer to make network administration changes.