Vernier's Latest: All Security, All the Time

By Ed Sutherland

February 13, 2004

The gateway vendor's latest software release adds new features designed for a highly-secure, centrally managed WLAN.

Wi-Fi has become like electricity -- employees expect to flip on the switch and have anytime network access. WLAN security and management vendor Vernier Networks is updating its network system suite of tools to version 4.0 to address the maturing enterprise wireless network.

The new software for Vernier's gateway equipment is designed as a new security platform for mobile users in the office. Vernier makes a distributed system with central control, much like the various "switch" vendors, though they company doesn't call what it has a switch.

"We centralize everything to the control servers to handle mobility and security," says Dominic Wilde, director of product marketing at Vernier. "The access managers at the edge of the network enforce policy and security, and provide a bunch of other functions as well.

This fourth generation software is the company's first total re-engineering of the product since launching in 2001.

Feisal Mosleh, a Vernier vice-president of marketing, says enterprises are now requiring WLAN management products go beyond the usual laundry-list of authentication and security.

You need only read the headlines to see the changing face of wireless security. Customer credit cards are being snatched from insecure WLANs. Corporate espionage is an increasingly common business tactic and the MyDoom e-mail virus overflows your in-box.

The vendor's latest offering screens wireless traffic for illegal file-sharing, pornography and e-mail hazards.

Preventing lawsuits over improper use of corporate wireless networks "is a large topic," says Mosleh. Vernier points to the "increased risk of corporate liability such as regulatory penalties, espionage and malicious hackers."

"IT is risk-averse," says Mosleh. To overcome the concern, Vernier is adding features such as Pirate Watch to avoid the RIAA from suing over workplace file trading. A "parental control" option controls which Web addresses can and cannot be accessed. Other features guard against fake network identifications and unauthorized access points.

"We give the ability to authenticate everybody," says Wilde. "You have to authenticate, we force it. We take your user ID -- your real name which you supply, which makes you a real human being to us -- and tie it to the MAC address and IP address . The system know who, where and when you are, and with that defines what you can do."

The Vernier system does this, he points out, at Layers 3 and 4 of the OSI model, while most vendors work only in Layer 2.

E-mail always leads any conversation with enterprise customers, says Mosleh. A trial version of the company's worm containment feature was installed at Berkeley University just in time for the school to handle a recent e-mail borne virus.

Although wireless security is seen as the major stumbling block to greater enterprise adoption of Wi-Fi, Mosleh believes WLANs are now more secure than traditional wired networks. Vernier "has gone out of its way" to show WLANs are secure by including network tracking and forensics.

What began as tentative wireless trials have turned to large-scale deployments, says Moseh. Enterprises "now have experience in WLANs," he says.

Vernier claims wireless products must now include enterprise-class features to attract enterprise customer. Enterprises have changed their expectations on what wireless gear should deliver, says Julie Ask, senior analyst at Jupiter Research.

According to a 2003 Datamonitor, vendors with the best chances of cracking the wireless enterprise market will be those shops helping companies ease the migration to WLANs and "develop effective security and network management solutions."

Eric Griffith contributed to this story.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.