|
|
TECH NEWS
Get 802.1x Wireless LAN Security
Funk Software's Odyssey provides secure, easy-to-manage access to wireless LANs.
Thinking about providing wireless access to the corporate LAN via 802.1x connectivity? Are you worried about the security implications? Who will have access to your network? How will you control access?
The Funk Software Odyssey 802.1x security product lets users of wireless devices access wireless LANs securely, and helps IT administrators manage that access across an enterprise network.
With Odyssey client and server software, you can use different Extensible Authentication Protocol (EAP) methods for 802.1x security, including the standard EAP Transport Layer Security (EAP-TLS) 802.1x method (used in Windows XP), and EAP Tunneled TLS (EAP-TTLS). The product is easiest to use and manage with the EAP-TTLS technique, says Funk Software. (EAP-TTLS is an IETF draft authored by Funk Software and Certicom. It's designed to provide the security of EAP-TLS, but lets a single user access the network from any machine and provides compatibility with existing authentication databases and infrastructure. You can read the EAP-TTLS specification on the Internet Engineering Task Force Web site.)
Odyssey protects both the authentication and subsequent data connection. For example, when users connect via EAP-TTLS:
- The user's identity and password-based credentials are tunneled during authentication negotiation so they aren't visible in the communications channel. This prevents "dictionary" attacks (in which an attacker runs through a list of possible passwords), "man-in-the-middle" attacks, and hijacked connections by wireless eavesdroppers.
- Odyssey generates dynamic per-session keys to encrypt the wireless connection and protect data privacy. You can configure the software to re-authenticate and therefore re-key at any interval; frequent re-keying helps prevent known attacks against the Wired Equivalent Privacy (WEP) encryption method used in wireless communications.
Several factors work to make Odyssey easy to run across an enterprise network:
- When network managers use EAP-TTLS, they can set up security based only on server-side certificates (rather than both client- and server-side certificates). This strengthens security and cuts the administrative burden, particularly for wireless LANs with hundreds or thousands of users.
- When they use EAP-TTLS, wireless LAN users can be authenticated safely, without the threat of dictionary attacks or other intrusion techniques, against an enterprise's Windows authentication database. This lets network administrators provide wireless LAN access against the security infrastructure they've already set up, and lets wireless LAN users connect safely using the credentials they're accustomed to using, from any PC.
Odyssey costs US$2,500, and includes:
Odyssey Server -- a specialized server that manages connections from wireless LAN clients, ensures that only authorized users can connect, and provides security information to the wireless LAN access point so it can set up a private connection over the wireless link. The server runs on Windows XP and 2000.
25 Odyssey Client licenses -- multi-platform clients that run on wireless LAN devices and let a user securely connect to the wireless LAN. Odyssey Client runs on Windows XP/2000/98/ME. Standalone Client licenses are available for $50 each, with high-volume discounts available.
You can download a beta version of the product from the Funk Software Web site.
ARTICLE INFO
Web Edition: 2002.02.11, Doc #09314
 FREE ACCESS
Keyword Tags: Business Software, Certicom, Funk Software, Funk Software Odyssey, IT Networking, Microsoft Windows, Networking, Office Technology, Security, System Management, Tech Management, Technology Management, Wireless, Wireless LAN (Wi-Fi)
|
|