Security partnerships and technology advances are making it increasingly safer to keep corporate data up in the air.
To better fight the threat of wireless network subterfuge, Cisco Systems Inc. is bolstering its WLAN (wireless LAN) security offerings through partnerships with third-party security companies, while Symbol Technologies Inc. is beefing up its branch-office WLAN switch with encryption support and a firewall.
Cisco, of San Jose, Calif., is teaming up with AirDefense Inc., of Atlanta, to integrate a comprehensive IDS (intrusion detection system) into Ciscos WLAN framework. The incorporation of APIs from Ciscos CiscoWorks WLSE (Wireless LAN Solutions Engine) into AirDefenses Wireless IDS Forensic Server Appliance will give IT managers a correlated view of wired and wireless data, officials said.
Furthermore, Cisco access points will act as rogue access-point sensors. The integration should be done by March, officials said. "Security is still most important when one is considering a wireless LAN," said Ron Seide, senior product line manager at Cisco.
Keeping wireless data safe isnt cheap. The new Cisco access points wont work in detection mode and data transfer mode at the same time. As a result, more of the pricey units would be needed to gain enhanced functionality and security.
Last week, Cisco unveiled two access points that support 802.11a/b/g simultaneously. The Aironet 1130AG, due by months end, and the 1230AG, due next month, will cost $699 and $999, respectively. 802.11a upgrade kits for Aironet 1200 access points will cost $299.
But customers said the integration and the security boost justify the expense. "You have to put that against the cost of the AirDefense sensors that you wont have to install," said J.D. Fluckiger, computer protection program manager at Pacific Northwest National Laboratory, in Richland, Wash. "We probably wont use them now that we can use Cisco access points as sensors."
Beyond the IDS integration, Cisco is exploring an open API program for other WLAN security companies. Officials at AirMagnet Inc., in Sunnyvale, Calif., said integration with WLSE should be complete by March.
On the client side, Cisco last week announced Version 3.0 of its CCX (Cisco Compatible Extensions) program, through which Cisco licenses proprietary technology to silicon makers to ensure that notebook computers and other client devices are able to take advantage of the proprietary protocols in Aironet devices.
In Version 3.0 of CCX, Cisco adds support for EAP-FAST (Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling), which uses protected access credentials to establish an authenticated tunnel between a client and a server. Intel Corp. plans to support CCX 3.0 in its future Centrino chip sets.
Ciscos future security plans likely include acquisitions, although AirDefense officials declined to say whether their partnership might lead to a Cisco buyout. "We continue to use acquisitions as a way to augment our strategy," said Cisco Chief Technology Officer Charlie Giancarlo. "I would expect that security remains an area with a lot of innovation and a lot of specialized skills. Security is still somewhat of a black art, so that could be an area wed target."
Meanwhile, Symbol, also of San Jose, this week will introduce a new version of its WS2000 WLAN switch, with security enhancements. The WS2000 Version 1.5 has an IP Security VPN that supports as many as 20 VPN tunnels and AES (Advanced Encryption Standard), said officials. Version 1.5 has a firewall that lets IT block Web proxying and URLs based on extensions. The switch supports the AP300, an 802.11a/b/g thin access point that Symbol will also unveil this week. WS2000 Version 1.5 has a list price of $999. The AP300 costs $349.
Check out eWEEK.coms for the latest news, reviews and analysis on mobile and wireless computing.