RSA Moves to Protect WLANs
PEAP is designed to solve many of the security issues associated with WLANs, most of which have to do with user authentication and access point authentication. Most WLAN implementations employ simple username and password authenticationoften with static passwordsfor network access. And because WLAN transmissions are quite easy to intercept and are often sent in unencrypted form, crackers find it trivial to steal authentication information and gain access to networks.
RSAs SecurID system relies on a secret PIN and a token, which can be either hardware- or software-based. The user must have both the token and the PIN in order to access the WLAN.
RSA, of Bedford, Mass., has already tested the SecurID solution with two vendors: Proxim Inc., which sells access points, and Funk Software Inc., which sells WLAN security products.
Many enterprise IT managers have deployed VPNs to help secure their WLAN implementations, and RSA is counting on those companies to create some demand for this new functionality. The SecurID solution can be used to authenticate both the end user and the access point, helping to prevent unauthorized users from hijacking an authenticated VPN session.