Peter Stephenson,CeRNS,

Red-M's Red-Alert Pro is a wireless intrusion detection probe that senses 802.11 a, b, g, and even Bluetooth activity simultaneously. It logs security threats and feeds the details to a Red Detect server if run in managed mode, or stores it if run standalone. Red-Alert Pro keeps track of connections between known and unknown devices, making an alert whenever a new unknown device is present and informing you of which device(s) the unknown entity is communicating with. If run in standalone mode, the security logs can be accessed via a convenient and intuitive web interface. If run in managed mode, the Red Detect server handles the logs.

This is a flexible, robust, very scalable and multi-purpose wireless security solution. It provides rogue detection, troubleshooting, vulnerability assessment, intrusion detection, performance management and usage accounting. It has a standard Windows GUI with an open source Firebird database that includes a secure, password-protected interface, and can be easily configured both for a small business or a large enterprise.

Computer Associates' Wireless Site Management 4.0 is a fully featured WLAN security and management suite. The software is mainly aimed at larger organizations, but it could be implemented for any company running a wireless network.

AirDefense Enterprise is one of those wireless-security products that integrates into the enterprise as an integral part of the overall network management scheme.

BlueSecure from Bluesocket is a leader in its field. Why? Because while most wireless security products are not able to detect anyone walking up with a wireless capable computer and connecting to their network, BlueSecure detects computers, access points, or any other type of wireless connection device.

This complete software offering can be installed on almost any system in the organization to capture data from the system's internal wireless card. But check the compatibility chart before ordering, as only a specific set of wireless cards are supported.

The CryptoCard package came with neatly and securely packaged hardware and software. The documentation was complete and very well presented, including useful screenshots. Installation was a breeze and the installation procedure very clear. We encountered no errors during installation.

GemSafe Logon is intended for the individual computer. It is self-contained, but with an administrative twist. Access policies are set up centrally by an administrator who creates a configuration file for the individual smartcards and distributes it to users. This is practical for smaller installations but perhaps not for large, distributed enterprises.

This is an easy two-factor system that a new administrator can implement to boost an existing system.

WikID systems has a strong offering for the medium-to-large business with this two-factor authentication system.

The Authenex ASAS system is a very robust system designed for large companies. It requires a standalone server running Windows 2000 with SP4 or Windows 2003. It must also have a Radius or SQL server on the system to allow for use of the integrated database of A-Key tokens supplied with the system.

ActivCard AAA Server has been designed for industrial or large-scale implementation. Its separate administrative console allows for delegation of multiple administrator roles if the situation calls for it. Installation of the software only requires a system large enough to hold Windows Server 2003 running as a Domain Controller.

Every now and then you find a product that has major warts but which really, under the warts, is a pretty good product. Then you wish the vendor would get its act together, because you would really like to buy and use the product.

Documentation was also available on CD. The steps were laid out and neatly organized. Pictures of an actual installation were included for reference and there were even instructions for rack-mounting the IPS server. The content was easy to understand and did not assume a high level of expertise.

Two quick-reference cards were provided making it easy for operators to bypass all the major settings and quickly configure a running system. For those wishing to read in detail, the complete actual manual has over 300 pages distributed among 14 chapters. Compared to the other IPS products we tested, ISS's documentation appeared to be very thorough and complete.

Technical support was not required and a test call resulted in a satisfactory response.

There were no difficulties with the basic installation of the IPS. However, it did require third-party software and hardware, specifically, a Windows 2000 Server and Microsoft SQL2000. We see no problem with the option of using an external third-party database, but believe that all required software should be supplied.

We reluctantly rank the ISS Proventia at three stars due to its requirement for third-party software and an additional server. The ISS device is not the most expensive product we tested, but its value for money rating is impacted severely by the requirement for third-party software and hardware.