Securing WLANs for SMB

Symbol, Cisco each readying security upgrades and features designed to help smaller companies secure their WLANs.

Securing the wireless networks of growing small and midsize businesses is the focus of several top providers such as Symbol Technologies Inc. and Cisco Systems Inc., each of which is readying security upgrades and features.

Symbol Technologies plans to release this week its WS 2000, a switch thats designed for offices and that works in wired and wireless capacities.

The WS 2000 switch includes four power-over-Ethernet ports, two Fast Ethernet ports, one WAN uplink and a CompactFlash storage slot, in addition to 64MB of onboard memory.

The WS 2000 has routing functions and supports outbound traffic policies and firewalls among up to six subnets, said Symbol officials in Holtsville, N.Y. Pricing is expected to start at around $1,000.

In addition to supporting iterations of the 802.11 WLAN (wireless LAN) protocol, the WS 2000 will support such security protocols as 802.1x/EAP (Extensible Authentication Protocol) and WPA (Wi-Fi Protected Access). It will support 802.11i, pending ratification. Symbol will also extend its security support to the WS 5000, its main enterprise wireless switch. In June, for example, Symbol plans to announce VPN support for it, officials said.

However, some IT administrators and wireless developers said WLAN security protocols have matured enough to make VPNs unnecessary. "We no longer use VPN with our wireless network," said John Halamka, CIO of CareGroup Healthcare Systems, in Boston. "VPNs are a nightmare to administrate, and we are confident that new security protocols will reduce the use of VPNs."

Also on the small-business front, WLAN switch startup Trapeze Networks Inc. is readying a branch-office switch with a projected release within the year, said company officials in Pleasanton, Calif. Trapeze next month will introduce Version 2.0 of its Mobility System access points and management software. New features will focus on ease of deployment, management and quality of service for voice support.

Meanwhile, Cisco, of San Jose, Calif., last week submitted to the Internet Engineering Task Force EAP-FAST (flexible authentication secure tunneling). EAP-FAST is a compromise between Lightweight Extensible Authentication Protocol and Protected Extensible Authentication Protocol. The technology sets up a secure tunnel without requiring public-key infrastructure. EAP-FAST support will appear in Cisco adapters by the third quarter.

Companies subscribing to Ciscos Cisco Compatible Extensions security licensing scheme will also have access to EAP-FAST, and many plan to include it in hardware by fall, said Cisco officials.