Enterprise IT managers are likely to see more Wi-Fi products certified for high security entering the market.
The Wi-Fi Alliance, which tests and certifies wireless products to assure interoperability, said it will begin using four new authentication protocols to test products for WPA2 (Wi-Fi Protected Access 2)/802.11i interoperability.
“We basically had support for EAP-TLS, and now were expanding our support to include four additional EAP types to provide a much broader coverage for enterprise,” said WFA (Wi-Fi Alliance) managing director Frank Hanzlik.
The WFA is expanding the number of EAP (Extensible Authentication Protocol) types to include EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC and EAP-SIM. The four were selected based largely on the popularity of their use and their presence in the market.
EAP protocols are used in server-based authentication to enable mutual authentication among wireless devices and to initiate encryption. They are key in the 802.11i security standard, adopted by the IEEE last year and certified by the WFA as WPA2.
Hanzlik called the testing of additional protocols “a very positive step for users of managed networks. This is something enterprise users have been asking for,” he said.
“At the Wi-Fi Alliance, weve been taking a proactive stance relative to security,” Hanzlik said. “Were two generations beyond WEP. The addition of these EAP types will round out our support for security. Enterprise customers who want to use different EAP types in their deployments can now ask for them from their manufacturers and include them in their RFPs [requests for proposal].”
WEP, the original 802.11 security specification, was found to be vulnerable not long after it was released. The IEEE began working on a new security specification, and the WFA introduced WPA (Wi-Fi Protected Access) to fix the problems of wireless security in the interim. WPA used a subset of technologies specified in the 802.11i spec. Upon its ratification by the IEEE last year, 802.11i became known for product certification purposes as WPA2.
Hanzlik said the alliances testing labs in the United States, Taiwan, Japan, Korea and Europe will begin testing the protocols on April 15.
The move, which is expected to raise the number of enterprise-certified products in the market, is also likely to bring down the cost of certification testing for vendors. Hanzlik said the vendors cost for certification dropped by 40 percent last year, due to the increased volume of testing enabled by the opening of new labs.
Making additional products available for testing through this move, he said, is likely to further reduce that cost. Testing fees for certification, he said, are “typically in the low thousands to ten thousands, depending on the type and number of products youre including.”
Additionally, the alliance will add supplicants and authentication servers from Devicescape Software and Meetinghouse to the Funk Software and Microsoft products now being used in the programs test bed.