Securing Wireless Networks

Sidestepping protocol overhauls, Columbitech and Symbol offer their own ways to beef up security.

As committees and working groups scramble to overhaul the various wireless standards to provide better security, some vendors are jumping into the fray with products designed to deliver enhanced security and mobility using existing protocols.

Two companies, Columbitech AB and Symbol Technologies Inc., next month will unveil products that approach the problem of securing wireless networks from different ends but arrive at similar solutions.

Columbitech, a startup that makes wireless communications software, will show its Wireless VPN at the CTIA show in San Diego this month, marking the U.S. debut of the product.

Designed to work in conjunction with a traditional IP Security-based virtual private network, Columbitechs software uses WTLS (Wireless Transport Layer Security), which has a session-resume function, enabling users to pick up lost sessions without having to reauthenticate.

With support for numerous wireless standards, including 802.11b, GSM (Global System for Mobile Communications), GPRS (General Packet Radio Service) and Bluetooth, Wireless VPN is meant to give users the freedom to roam among various networks without worrying about security or compatibility.

"You lose sessions a lot in wireless, so we wanted something that would allow for session resumption," said Pontus Bergdahl, CEO of Columbitech, which is based in Stockholm, Sweden. "We dont add complexity; we add the convenience of going between networks without stopping your session."

The product will be available at the end of the month.

Symbol, meanwhile, has developed a new Kerberos-based version of its Spectrum24 wireless LAN gear at the NetWorld+Interop show in Atlanta this month. The authentication scheme will be included on both the access points and the clients and gives users the advantage of being able to roam among different access points.

Symbol chose Kerberos to augment the security of its wireless LAN products because of its roaming ability and because it enables mutual authentication. Most authentication schemes, such as Remote Authentication Dial-In User Service, simply verify the users credentials; Kerberos also verifies for the user that he or she is logging on to the correct network—no small consideration, given the amount of traffic crossing unsecured wireless LANs.