802.1X Clients and Servers Released
April 30, 2002
For those in need of true end-to-end 802.1X security for their corporate or campus WLAN, there are two new products in play, both utilizing the new EAP-TTLS protocol for secure handshaking.
Two product announcements have put 802.1X security in reach of any enterprise wireless LAN.
Meetinghouse Data Communications of Portsmouth, NH, is actively beta testing AEGIS Server and AEGIS Client, with the full product to ship on May 30, 2002. Funk Software of Cambridge, MA, has meanwhile announced the release of Odyssey, its own 802.1X security client/server solution for Wireless LANs.
Both products support data protection and user authentication using the Extensible Authentication Protocol - Tunneled Transport Layer Security (EAP-TTLS) protocol, which only requires a password from the end user for authentication.
EAP-TTLS, an extension of EAP-TLS, saves on the administration overhead of issuing certificates. Instead, standard user passwords checked against an authentication database are enough for logging in securely. Login information stays encrypted in a tunnel in the communications channel the entire time. Data is kept private by dynamically issuing per-session keys to encrypt wireless traffic and re-authenticating with a new key at regular intervals.
"[EAP-TTLS] resolves the problems with today's implementation of WEP," said Meetinghouse Vice President of Sales and Marketing Anthony Delli Colli. "Dealing with client side certificates are a key nightmare for administrators."
Both product sets support the multiple certificate EAP-TLS 802.1X authentication, which comes with Windows XP, as well as Cisco's LEAP, PAP, MS-CHAP, and MS-CHAP V2 authentication types.
Meetinghouse Data's AEGIS Client can run on Windows 98/ME/NT/2000/XP and Linux, with Mac OS X and Solaris versions expected in the third quarter of 2002. The server is currently only available for Linux, with Solaris and Windows 2000/XP versions shipping in the third quarter. The price starts at $2500 for 50 AEGIS Client licenses and one AEGIS Server.
Funk's Odyssey 1.0 consists of a Client that runs on a Windows system (98/ME/2000/XP) with an 802.1x adapter card and Server for Windows 2000/XP that interoperates with the WLAN access point. It costs $2500 for a 25 Odyssey Client licenses and one Odyssey Server.
Both companies will be participating at Networld+Interop 2002 in Las Vegas from May 7 -11, 2002, as part of the InteropNet Labs WLAN Security Initiative.