Instant RADIUS for SMBs

By Eric Griffith

June 07, 2004

802.1X/RADIUS server maker Interlink -- a company usually tackling enterprise-wide wireless security -- has a new offering with the same level of security for small businesses.

BALTIMORE -- RADIUS server maker Interlink Networks -- a company usually tackling enterprise-wide wireless and even carrier-level authentication -- has a new offering promising the same level of security for small-to-medium businesses (SMBs).

The company says its new LucidLink Wireless Security is as easy to set up as a consumer product and will let even SMBs without any IT staff set up almost instant 802.1X authentication for their wireless users. The program "plugs a hole we've seen for SMBs," according to Mike Klein, president and CEO of Interlink.

The product follows on the company's announcement last year that it would offer similar functionality to original equipment manufacturers (OEMs) and original design manufacturers (ODMs) of home and SOHO WLAN products to be incorporated into their products. LucidLink bypasses the equipment guys and goes right to the office of the SMB.

"The problem for small and medium businesses is that they have no IT or they have a very general IT person who is extremely time-limited," says Klein. "The real challenge is: how do I set up and secure things without being an expert in Wi-Fi or security?"

The trick: the software actually includes the RADIUS server -- it doesn't reside on a separate piece of hardware, it runs right on the system used by the SMB's de facto IT person. (The downside is, no turning off that PC.)

"When we're talking to small businesses about RADIUS, their eyes glaze over. They just want something simple. We've gotten rid of the references to RADIUS [with this product], but that's what it is," says Klein. LucidLink will use the Extensible Authentication Protocol with Transport Layer Security (EAP-TLS). For businesses with over 250 wireless users and need for other EAP-types, the company suggests moving up to its full RADIUS solutions.

Here's how LucidLink operates: It includes a supplicant/client for each PC that lets users connect to the wireless network of their choice. At the same time, the user name pops up on the network administrator's Windows 2000 or XP-based system -- the instant Lucid Server. The admin can use this interface to authorize the user for the network, okay a guest, limit users to a specific amount of time, etc. Once given the okay, the client can connect to the wireless LAN as needed.

The Lucid RADIUS Server Administration Module can even be used to configure some access points that are 802.1X/WPA-compatible. Right now, that's limited to two D-Link APs and one from Linksys. Scripts are written into LucidLink for the control -- they don't make any firmware changes to the hardware.

"We've taken the first few steps of configuring an AP, and dropped them down by as much as 70% -- without even looking at security," says Wayne Burkan, vice president of marketing at Interlink. He added that LucidLink is not limited to working with the three APs that it can automatically manage -- it will also work with any AP that supports 802.1X. The company has a compatibility matrix online that shows combinations of APs and wireless NICs that work with LucidLink. The software is limited to clients with Windows XP.

Interlink says even a non-IT person could give the okay for temporary access to a guest in the office -- perfect for the receptionist, for example, who gets all the complaints.

"It's like programming a garage door opener," says Klein. "Press the button on the old remote and the new remote. They exchange information... push the button the client, another on the server to accept, and all the security is set up." There's no need for manually entering any security keys to get the client up and running.

Such instant security is becoming a popular concept for home networks. Buffalo Technology's AirStation One-Touch Secure System (AOSS), currently found only in Buffalo's own products, allows for instant security synchronization between an AP and a client by pushing buttons on the hardware. Chipmaker Broadcom has announced software called Secure EZ Setup that it hopes its OEM customers will start using; it syncs security settings between the client and the WLAN infrastructure products through software.

SMB networks have seen some new security solutions also using RADIUS, but in a form where the "server" is actually a hosted service connected to over the Internet. Wireless Security Corp. (WSC) offers one, which Linksys is licensing for use on at least one product. Full Mesh Networks provides a similar service.

LucidLink keeps this 802.1X/RADIUS solution all in house, which might also keep the cost down over time. The software will start to sell on June 25, with a 10-user package going for $449. The more users added, the lower the price, down to $36 per user.

Wi-Fi Planet Conference Want a closer look at LucidLink?

Join us at the Wi-Fi Planet Conference & Expo, June 8-10, 2004 at the Baltimore Convention Center in Baltimore, MD. Interlink Networks will be on one of the over 60 vendors displaying products and services on the Expo floor.
Originally published on .

Comment and Contribute
(Maximum characters: 1200). You have
characters left.