Symbol Erects the WirelessWall

By Eric Griffith

September 25, 2002

Symbol is adding AES encryption and FIPS 140-2 certification to its MobiusGuard WLAN Security Portfolio by licensing technology from Cranite Systems.

Cranite Systems of San Jose, CA, a maker of wireless LAN security solutions, is licensing its WirelessWall Software Suite of products to Symbol Technologies for inclusion in Symbol's MobiusGuard wireless security portfolio.

MobiusGuard, part of the Mobius Wireless System recently announced by Symbol, already has a staggering number of security measures: WEP, the KeyGuard implementation of TKIP, authentication (with Kerberos, EAP-TLS, 802.1X or RADIUS), AirBEAM Safe VPN, virtual LAN support, et al. -- but Symbol wanted more.

"Wired LANS are traditional pretty secure," says Scott Lucas, VP Marketing at Cranite. Since LANs traditionally forced users to stay put, that helped, but it's the movement of users that has changed things.

"Instead of having a single location, they move around, and that's disruptive to the network plan of many administrators. This is what constitutes a big paradigm shift -- mobility was not planned for."

That's where WirelessWall comes in. The software suite consists of a policy server for creating policies to control wireless connections based on the company directory, access controller to enforce polices and provide mobility services, and client software (for Windows 98/2000/XP, with plans for PocketPC, Mac, and Linux). The mobility services allow users to roam from one subnet on the network to another without losing a connection.

"We operate at Layer 2 on the network," says Lucas. "For every piece of info on the network, we're encrypting the full packet. We also hide things people don't always worry about, such as the DHCP request."

Security wise, Lucas says Symbol wanted Advanced Encryption Standard (AES) encryption for government and Department of Defense customers. That meant getting something with FIPS 140-2 certification, which WirelessWall will have soon. FIPS is short for Federal Information Processing Standards; the 140 cryptographic standard was created by the National Institute of Standards and Technology (NIST). The standard has four levels of security - Level 1, Level 2, Level 3, and Level 4 -- that increase in quality as they go up. FIPS 140-1, the first level, only supports DES and 3DES encryption.

Cranite doesn't resell WirelessWall direct, but sells to channel partners that do installation and configuration of the product for customers. Lucas says the company has tested the software on "all the major access point vendors out there. We've done some very large installations at some brand name companies, in high speed environments. The protocol and vendor don't matter. The access point... becomes a transport mechanism."

Cranite will also be involved in sales of WirelessWall with Symbol MobiusGuard. Lucas calls it a "joint process" where sales people from both companies talk to enterprises.

Eric Griffith is the managing editor of 802.11 Planet.

802.11 Planet Conference Worried about your own WLAN's security?? Join us at the 802.11 Planet Conference & Expo, Dec. 3-5 in Santa Clara, CA. One of our workshops will be a full WLAN Security Tutorial.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.