Wi-Fi Alliance Expands Enterprise Product Certification

By Carol Ellison  |  Posted 2005-04-12 Print this article Print

The Wi-Fi Alliance, which tests and certifies wireless products to assure interoperability, says it will begin using four new security protocols to test products for WPA2/802.11i interoperability.

Enterprise IT managers are likely to see more Wi-Fi products certified for high security entering the market. The Wi-Fi Alliance, which tests and certifies wireless products to assure interoperability, said it will begin using four new authentication protocols to test products for WPA2 (Wi-Fi Protected Access 2)/802.11i interoperability. "We basically had support for EAP-TLS, and now were expanding our support to include four additional EAP types to provide a much broader coverage for enterprise," said WFA (Wi-Fi Alliance) managing director Frank Hanzlik.
The WFA is expanding the number of EAP (Extensible Authentication Protocol) types to include EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC and EAP-SIM. The four were selected based largely on the popularity of their use and their presence in the market.
EAP protocols are used in server-based authentication to enable mutual authentication among wireless devices and to initiate encryption. They are key in the 802.11i security standard, adopted by the IEEE last year and certified by the WFA as WPA2. Hanzlik called the testing of additional protocols "a very positive step for users of managed networks. This is something enterprise users have been asking for," he said. "At the Wi-Fi Alliance, weve been taking a proactive stance relative to security," Hanzlik said. "Were two generations beyond WEP. The addition of these EAP types will round out our support for security. Enterprise customers who want to use different EAP types in their deployments can now ask for them from their manufacturers and include them in their RFPs [requests for proposal]." Do WLAN users lack support? Click here for a story. WEP, the original 802.11 security specification, was found to be vulnerable not long after it was released. The IEEE began working on a new security specification, and the WFA introduced WPA (Wi-Fi Protected Access) to fix the problems of wireless security in the interim. WPA used a subset of technologies specified in the 802.11i spec. Upon its ratification by the IEEE last year, 802.11i became known for product certification purposes as WPA2. Hanzlik said the alliances testing labs in the United States, Taiwan, Japan, Korea and Europe will begin testing the protocols on April 15. The move, which is expected to raise the number of enterprise-certified products in the market, is also likely to bring down the cost of certification testing for vendors. Hanzlik said the vendors cost for certification dropped by 40 percent last year, due to the increased volume of testing enabled by the opening of new labs. Making additional products available for testing through this move, he said, is likely to further reduce that cost. Testing fees for certification, he said, are "typically in the low thousands to ten thousands, depending on the type and number of products youre including." Additionally, the alliance will add supplicants and authentication servers from Devicescape Software and Meetinghouse to the Funk Software and Microsoft products now being used in the programs test bed. Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing.
Carol Ellison is editor of eWEEK.com's Mobile & Wireless Topic Center. She has authored whitepapers on wireless computing (two on network security–,Securing Wi-Fi Wireless Networks with Today's Technologies, Wi-Fi Protected Access: Strong, Standards-based Interoperable Security for Today's Wi-Fi Networks, and Wi-Fi Public Access: Enabling the future with public wireless networks.

Ms. Ellison served in senior and executive editorial positions for Ziff Davis Media and CMP Media. As an executive editor at Ziff Davis Media, she launched the networking track of The IT Insider Series, a newsletter/conference/Web site offering targeted to chief information officers and corporate directors of information technology. As senior editor at CMP Media's VARBusiness, she launched the Web site, VARBusiness University, an online professional resource center for value-added resellers of information technology.

Ms. Ellison has chaired numerous industry panels and has been quoted as a networking and educational technology expert in The New York Times, Newsday, The Los Angeles Times and The Wall Street Journal, National Public Radio's All Things Considered, CNN Headline News, WNBC and CNN/FN, as well as local and regional Comcast and Cablevision reports. Her articles have appeared in most major hi-tech publications and numerous newspapers and magazines, including The Washington Post and The Christian Science Monitor.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel