A More Secure Orinoco

By Eric Griffith

December 12, 2003

The latest firmware for Proxim's enterprise access points adds security and compatibility features to existing products.

Earlier this week, enterprise Wi-Fi product maker Proxim announced it would be releasing a new firmware upgrade for its ORiNOCO AP-2000 and AP-600 access points to add new features for compatibility and security.

The company's flagship access point (AP), the AP-2000 is a "tri-mode" unit with slots for two radios. It can handle 802.11a and g separately to maximize bandwidth, or even handle 802.11g and b separately, so the 11g side doesn't suffer from connecting 11b clients as would happen with standard 11g hardware running in mixed mode. The AP-600 runs a single radio.

The primary security update feature in this firmware release is built in rogue AP detection, says Ken Haase, Proxim's director of product marketing.

The units will proactively scan the network for signals that shouldn't be there and can report it back to central management systems. Proxim's preferred partner here is WaveLink with its Mobile Manager system. AirWave Wireless has also turned on rogue AP detection via the Proxim APs in its management platform.

Greg Murphy, CEO at AirWave, says, "This is big news for thousands of enterprise and education customers because it means that they can use their existing Proxim APs to scan their wireless environment for unauthorized APs."

The interface for managing the Proxim APs will be secured now using SSL and SNMPv3. Haase says Proxim has spent "a year plus working to secure the link from the AP to the client. We think a truly robust deployment also requires securing things over the management interface."

Other features new in the firmware: repeater functions on all the 802.11 standards using WDS so the access point can bridge longer distances than before; a dual image feature used during firmware upgrades so that a disruption when downloading doesn't eradicate previous settings (original settings are kept until the new firmware image is checked out); and adaptive power control for creating different cell sizes for each access point.

"If you have an office area with [multiple APs] the cell sizes have to be reduced so there's no overlapping channels," says Haase, adding that power control reduction can also prevent leakage of signals outside the building.

This is not a dynamic power control feature like the AutoCell technology from Propagate Networks that's being used by Netgear and others. Haase says Proxim's power control is just a first step toward dynamic capabilities, but adds that dynamic might not be the future: "We want to get adaptive power control into the hands of the IT managers ... what's happening today might not be the right way to do it."

The Proxim firmware upgrades are available for download at the Proxim site now.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.