Cisco last week submitted a protocol to the IETF that could serve as an alternative to the proprietary scheme that the company promotes for securing wireless LANs.Cisco last week submitted a protocol to the IETF that could serve as an alternative to the proprietary scheme that the company promotes for securing wireless LANs.The protocol, which Cisco is submitting for consideration as an Internet standard, addresses a security weakness in Cisco’s Lightweight Extensible Authentication Protocol (LEAP). The protocol, which creates an encrypted connection without the use of complex security mechanisms, is scheduled to be released next month in software upgrades for Cisco’s WLAN adapter cards and its Secure Access Control Server product.The protocol is called Extensible Authentication Protocol Flexible Authentication via Secure Tunneling (EAP FAST). All EAP types, as they’re known, are designed to work as part of the IEEE 802.1x authentication framework, which is finding its initial adoption in WLANs. Cisco still recommends LEAP for wireless networks that don’t need higher levels of security.Last summer, Cisco acknowledged that an attacker could break into LEAP with a dictionary attack, which uses a protocol sniffer to capture part of a LEAP authentication session and then tries to guess the session password with a database of commonly used and easily remembered character sets. At first, Cisco recommended that customers either use hard-to-guess passwords or use another authentication type, such as Protected EAP (PEAP). Jointly developed by Cisco, Microsoft and RSA Security, PEAP sets up an encrypted connection or tunnel, where every bit of data is scrambled. But these other EAP types require the use of a complex digital certificate infrastructure to set up a secure tunnel between two ends of a network connection.With EAP FAST, Cisco has drafted a mechanism that looks and behaves like LEAP, but creates a PEAP-like tunnel without the use of certificates, says Chris Bolinger, manager of product marketing for Cisco’s wireless networking business unit. Instead, the new protocol makes use of what Cisco calls a “credential” which is automatically downloaded to the client from a trusted network source.EAP FAST also is being included in the Cisco Compatability Extensions 3.0 specification, which Cisco makes available to v hardware vendors. These vendors use the spec to write drivers to talk to features in Cisco’s IOS software. The new protocol is expected to appear in these products by fall, Bolinger says. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions Industry news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe