Strong wireless security for the SOHO network

LucidLink makes it easy to shut out unwelcome guests.

It's likely your home users haven't enabled security on their wireless networks. As the go-to guy, you can configure security settings for them and hope those users don't mess those settings up, or add software that lets users add and remove new and visiting users (as for when your teen's friends come over) without much effort (or calling you on the phone). That's the idea behind Interlink Networks' LucidLink , which provides enterprise-level wireless security simply enough to use on the home network.

The software uses encryption based on Wi-Fi Protected Access (WPA ), along with advanced authentication techniques to protect network traffic and initial access. It uses a client/server model to authorize only those clients given specific permission to access the LAN.

WPA provides a higher level of protection than WEP , but it doesn't address user authentication. Granting and revoking access to your wireless network, say, at the beginning and end of a LAN usage cycle, often involves changing the encryption key on every system on the network. LucidLink streamlines this process down to two button clicks.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

It's likely your home users haven't enabled security on their wireless networks. As the go-to guy, you can configure security settings for them and hope those users don't mess those settings up, or add software that lets users add and remove new and visiting users (as for when your teen's friends come over) without much effort (or calling you on the phone). That's the idea behind Interlink Networks' LucidLink , which provides enterprise-level wireless security simply enough to use on the home network.

The software uses encryption based on Wi-Fi Protected Access (WPA ), along with advanced authentication techniques to protect network traffic and initial access. It uses a client/server model to authorize only those clients given specific permission to access the LAN.

WPA provides a higher level of protection than WEP , but it doesn't address user authentication. Granting and revoking access to your wireless network, say, at the beginning and end of a LAN usage cycle, often involves changing the encryption key on every system on the network. LucidLink streamlines this process down to two button clicks.

The software also includes automatic access point configuration, but for only four devices from two vendors. We tested LucidLink Home Office Edition with a D-Link Systems DWL-2100AP access point and DWL-G650 PC Card wireless adapter.

LucidLink Home Office Edition

Price: Three-user, $99; 10-user, $499; 25-user, $895. Installation time: Less than 30 minutes. Ongoing maintenance: Each new user requires access rights to be granted, but this only takes a button-click. Backups of the configuration files also should be performed regularly. Bottom line: Simple installation that hides the complexity of a RADIUS-based authentication server and 128-bit key security.

Click to see:

Setup includes installing server software, client software and an optional remote administration tool. The server requires a wired connection to the LAN via an access point or router, and a static IP address. The static IP tells the client software where to go for authentication. To test this, we configured the D-Link access point to use IP addresses 192.168.1.100 and above for DHCP and picked 192.168.1.40 for the server. We then installed the server software on a Gateway dual 3.06-GHz Xeon server with 2G bytes of RAM and running Windows Server 2003, although LucidLink also works on XP.

The server software includes a RADIUS server program that handles client authentication. After installation, a configuration application launches, which registers information such as access point hardware type and administrator password. You must choose either maximum security or maximum compatibility, and all clients connecting to one access point must use the same authentication/security settings. Maximum security is the best choice, but requires hardware that supports the full Temporal Key Integrity Protocol standard. The best option is to buy supported hardware such as a Linksys access point and a newer adapter card. LucidLink keeps an up-to-date list of compatible hardware on its Web site.