Cisco’s Wireless Security Goes Beyond PCI Compliance

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved,

Cisco has launched wireless security that exceeds current, and possibly future, PCI-DSS requirements

Cisco is looking to bolster wireless security with an eye towards going above and beyond compliance with Payment Card Industry (PCI) requirements.

Part of that starts with the addition of new PCI compliance reporting capabilities for the Cisco Wireless Control (WCS). On top of its previous PCI reporting functionality, WCS now offers a PCI summary report and the ability to filter and focus on individual locations or devices.

But the growing prevalence of mobile payment options means establishing high levels of wireless security for consumers, retailers and banks alike, the company contends.

Using Access Points As RF Monitors

Along these lines, Cisco introduced today a new software capability called Enhanced Local Mode (ELM) for its adaptive Wireless Intrusion Prevention System (WIPS).

“With this new feature, retail businesses will be able to use the same access points they’re already using for data, voice and video to also monitor their radio frequency (RF) spectrum for unauthorised attacks over their wireless network,” blogged Ben Stricker, public relations manager of wireless networking for Cisco. “Previously, these same retailers had to use a separate overlay network for data, voice and video in addition to a network for intrusion prevention.”

According to Cisco, ELM reduces capital investment by running the WIPS product on the same access points as the wireless data network. Previously, two access points were required – one to manage scanning and one for data access. Additionally, the software removes the need for overlay, third-party wireless IPS products, the company said.

“Essentially, this means retail businesses are able to converge what was previously two wireless networks, one for data access and one for wireless scanning, into one network with similar features of a dedicated Cisco wireless IPS solution,” Stricker wrote.

In a recent Cisco-commissioned survey of 500 IT decision makers, researchers found that more than two-thirds of those polled expect their spending on PCI compliance-related initiatives to increase this year. Wireless intrusion prevention and intrusion detection (IPS/IDS) products are being used by 58 percent of the respondents to protect against rogue wireless access points.

PCI compliance is more than checking a box to ensure customer security, Stricker blogged.

“This is where Cisco comes in – this new Enhanced Local Mode innovation lowers the cost of securing the wireless network by integrating full adaptive wireless IPS scanning into access points without reducing performance or compromising on security,” he wrote. “On top of that, Cisco is also announcing new updates to its Wireless Control System (WCS) that will provide internal security reporting and audits that help businesses stay up to date with PCI compliance requirements. These improvements combined can effectively reduce both CapEx (for wireless network infrastructure investment) and OpEx by simplifying processes for security monitoring and audit preparation.”