Meru shields wireless networks from eavesdroppers

The company's RF Barrier tech uses antennas placed around an organisation's physical perimeter to disguise legitimate network data

Meru Networks has announced a system aimed at preventing 'parking lot' attacks of the kind that have affected TK Maxx and others.

The system, RF Barrier, works by using antennas distributed around an organisation's physical perimeter to make legitimate network data impossible for eavesdroppers to decode. The system complements other Meru wireless-security products, such as specialised firewalls and secure remote access points. The company claims it is the first physical perimeter security system based entirely on standard 802.11 technology.

Meru is the latest company to roll out technology intended to prevent data loss. Sophos this week announced plans to buy German data-loss prevention specialist Utimaco and PGP last week introduced its own endpoint security platform.

Other options for foiling eavesdroppers include using electrical conductors, metal mesh or RF-blocking paints to physically prevent RF signals from leaving premises, but such systems are difficult and expensive to implement, Meru argued. The company also said that such attacks pose a serious problem for network administrators in that they tend to be entirely passive, making them impossible to detect via conventional wireless intrusion-prevention systems.

RF Barrier is based on a standard wireless access point mounted on the inside perimeter of a building and an external antenna outside the perimeter. The system inspects the traffic passing through the access point in real-time and transmits different, 'filler' data using the external antenna. The network data and filler data combine outside the building to form a 'cloak' that disguises legitimate network information from those on the outside, Meru said.

"RF Barrier mounts a strong defence by blocking signals from the designated wireless network from being effectively decoded outside the perimeter," said Meru's senior director of technology, Joe Epstein, in a statement.

The technology is aimed at companies with devices that run effectively obsolete security technologies, such as WEP, as well as networks with more advanced security mechanisms already in place. During 2005 and 2006, the use of WEP was one of the key factors allowing attackers to break into TJ Maxx's network and compromise tens of millions of customer accounts.

The use of directional antennas and selective enforcement means the system does not affect internal signals or clients, Meru said. The system can be turned on and off as needed, allowing external access only at certain times of the day, for instance.

RF Barrier will be available for use with Meru 802.11a/b/g access points beginning in September, priced at $3,595 (£1,809) for a kit that includes four antennas, four access points, cables and software licences.