Certicom Corp. on Tuesday announced the availability of the latest version of its MovianVPN product, which now includes support for devices using the 802.11b wireless LAN protocol.
The product arrives at a time when WLANs are proliferating at a pace outstripped only by the rate at which crackers are finding new holes in the protocol and its underlying security framework. In the last eight months, researchers have found numerous flaws in the WEP (wired equivalent privacy) encryption scheme used in WLANs as well as the implementation of the RC4 cipher WEP employs.
And consultants at Cigital Corp. this week uncovered a new class of attacks on WLANs that can be used to manipulate and monitor traffic and compromise roaming wireless clients. "[WLAN] networks are poised to become the de facto standard for wireless Internet connection for the mobile workforce," said Robert Williams, senior vice president of product development at Certicom in Hayward, Calif. "However there have been concerns about the inherent security of the networks."
Security experts have long recommended that WLAN users augment the security of their networks with a VPN (virtual private network), but few have done so. Now Certicom hopes to remedy that with MovianVPN 2.0.
The new release, which is available now, is interoperable with 802.11b devices from several manufacturers, including Cisco Systems Inc., Hewlett-Packard Co., Intel Corp. and Lucent Technologies Inc. It also is compatible with Palm Inc.s Palm OS and Microsoft Corp.s new Pocket PC 2002 devices.
MovianVPN uses Certicoms elliptic curve cryptography, which is designed for small wireless devices that have limited processing power and bandwidth. MovianVPN starts at $29.95 per seat annually.