The First WPA Products Arrive
April 29, 2003
Chipmakers Atheros, Broadcom and Intersil have received Wi-Fi Protected Access interoperability certification from the Wi-Fi Alliance, as have some select products.
The Wi-Fi Alliance created Wi-Fi Protected Access (WPA) in October of 2002 as a stepping stone between the sullied Wired Equivalent Privacy (WEP) encryption that has long been part of the 802.11 specifications, and the upcoming 802.11i standard that will bring IEEE endorsed security to WLANs. At the time, they said WPA products should appear in Wi-Fi Certified products by the first quarter.
As the saying goes, better late than never.
Today, the Alliance announced the first certified products with WPA. Of the nine products, six are specific to chip manufacturers, using designs they can pass on to customers to ensure the end-user products will also likely get fast certification.
The chips used in the certified references designs are Atheros's AR5001X+ in a CardBus card and the AR5001AP in an access point, both of which support 802.11a/b/g; Broadcom's 802.11g-based AirForce BCM94306-GAP for access point and BCM94306CB for CardBus card, and finally Intersil's 802.11b-based PRISM 2.5 ISL37300P reference for PC Cards and the PRISM 2 ISL36356A access point development kit.
The Atheros multi-mode chips are relatively new compared to the others that have been out for a while, but have already landed many a customer. They are going into use by enterprise equipment companies for typical use by companies like 3com and Intermec, and in what seems to be the majority of the new WLAN switches from companies like Airespace, Aruba, Chantry, Nortel, Trapeze, Proxim, and Symbol.Broadcom and Atheros's chips include support for the Advanced Encryption Standard (AES), which will be required by 802.11i. In WPA, encryption can by handled with either Temporal Key Integrity Protocol (TKIP) -- which is an improvement over WEP's encryption protocol -- or AES.
"Network managers are looking forward to implementing AES as part of a complete security deployment," says Jeff Abramowitz, senior director of marketing for Broadcom's wireless LAN products. "Having it today means when they turn it on, they won't have to replace the WLAN card and they won't take a performance hit."
The vendors who buy chipsets can get software or firmware upgrades to provide WPA on their products, which they can then customize for end user.
For example, just as they did with their support for Broadcom's 802.11g chips, Buffalo Technology is among the first to announce support for WPA, first in the Buffalo AirStation 54Mbps Wireless Broadband Base Station (WBR-G54) and in the brand new AirStationTM G54 Wireless Notebook Adapter (WLI-CB-G54A). The latter is a CardBus PC Card.
These Buffalo products are not yet Wi-Fi Certified for WPA. However, the first round of WPA certification does include a Cisco Aironet Access Point (AIR-AP1230B), the Intel PRO/Wireless 2100, and Symbol's Wireless Networker CompactFlash WLAN Adapter (Model LA-4137).
Other products announced this week with WPA support include 802.1X implementations: Funk Software's Odyssey Client version 2.1 is WPA capable version for Windows and PocketPC that also adds full support for both the Microsoft and Cisco versions of the PEAP authentication method. Meetinghouse is putting WPA support into its AEGIS API Suite, a programming tool to help customers create their own 802.1X clients, now with WPA support. Interlink Networks has proclaimed that its entire line of products, including the Secure.XS authentication server software, will comply with WPA.
In March, Microsoft announced that Windows XP users would get automatic WPA support with a download from its Windows Update site.
Do you have doubts that WPA will solve your security woes? Join us at the 802.11 Planet Conference & Expo, June 25 - 27, 2003 at the World Trade Center Boston in Boston, MA. Join the experts from companies like Meetinghouse as they answer the question Does WPA Close The Wi-Fi Security Gap?