Vendors offer tools to control, secure WLANs

Newbury Networks and ActivCard respectively this week will roll out tools to let customers better manage and secure their wireless networks.

Newbury Networks and ActivCard respectively this week will roll out tools to let customers better manage and secure their wireless networks.

Newbury builds on its current location-based security product to create a new product, called WiFi Workplace, for administering wireless LANs (WLAN). ActivCard has added support for WLANs to its RADIUS server, a move that lets the company’s smart card authentication tokens be used to access an enterprise wireless network. The announcements are expected to be made at the Wi-Fi Planet conference in Baltimore.

WiFi Workplace incorporates the location algorithms and other server software from the current WiFi Watchdog product, along with the hardware radio sensors that are spread over a site to monitor signals and pinpoint a client device or access point location to within a few feet.

Engineers at Newbury crafted new Java code to add WLAN management features for WiFi Workplace. The sensors still collect 802.11 packet data, and the location algorithms still associate that data with the physical location of wireless clients and access points. But that data now can be stored in a bundled MySQL database or an existing Oracle database, and collated and analyzed via a new management GUI.

A map shows administrators the locations of all access points and clients, and which clients are associating with which access points. Clicking on icons and selecting sub-menus shows details such as channel assignments, bandwidth use and signal strength.

Also new is support for virtual LAN (VLAN) tagging. Once WiFi Workplace identifies a user’s location and the user is authenticated, it can pass to the relevant access point the appropriate VLAN tag for that user, keeping the user on a given VLAN. So VLAN assignments now can be based on a user’s location and identity.

The location awareness also lets WiFi Workplace restrict a user to access points. If a user moves to a new location, he can be blocked from roaming to the access points there.

Shipment is scheduled for September. Pricing starts at $19,000, for 10 sensors and the Workplace software, a package that covers about 20,000 to 50,000 square feet, according to Newbury executives.

ActivCard is best known for the software that it bundles with smart cards, USB keys or other security tokens. Users carry the token to create what’s called strong authentication: using two or three elements to prove and confirm their identity to the network, such as a combination of token, password and fingerprint.

With its smart card products, the company also offers a RADIUS server for password authentication. To this server, it has aded new code to support 802.1x-based WLAN authentication via the Extensible Authentication Protocol (EAP). The software supports several EAP variations: Transport Layer Security, for client and server digital certificates, as part of public-key infrastructure, but also Cisco’s Lightweight EAP (LEAP); and both the Microsoft and Cisco versions of Protected EAP (PEAP), which only require a username-password combination.

Today, for WLAN security, corporations might have to deploy several third-party products and a RADIUS server if they don’t have one already. ActivCard executives say their software lets one server handle various authentication techniques for all VPN, WLAN and remote-access users. The ActivCard software links directly with enterprise directories such as Microsoft Active Directory or SunOne Directory.

Pricing for the ActivCard server software is $50 per user for 100 users. To activate the new WLAN authentication features, customers pay an additional $5,000.