McAfee Protects Home WLANs
August 15, 2005
Its new software product will provide rotating encryption keys for routers and computers.
Setting up encryption on wireless home networks: everyone does it, right?
It comes as no surprise to anyone that, no, they don't. Even when the configuration is made somewhat simple, such as when users have all their Wi-Fi equipment from the same vendor, it still tends to be too difficult for most to bother with. Companies like Buffalo Technology, Broadcom, Atheros and others are trying to jumpstart various methods for one-button security setups, whether it's done with a physical button on the hardware or in software wizards. Until work by the Wi-Fi Alliance moves up a notch (see below), it will still be limited to single-vendor networks.
So what does someone with a multi-vendor home networkfor example, a Linksys router, a Centrino laptop, and a D-Link USB adapter on the desktopdo to set up security without hassle? McAfee hopes they'll buy the company's new Wireless Home Network Security software.
This software, which should be made available this week via the McAfee.com Web site, costs $50 for five computers. It will integrate directly with most routers from big-name vendors (Linksys, D-Link, Netgear, Belkin and others). It's basically a dumbed-down version of the SMB-targeted WSC Guard product that McAfee acquired earlier this year, without the hosted RADIUS/802.1X authentication, but leaving in the ability to rotate encryption keys for equipment supporting either the older wired equivalent privacy (WEP) or the more advanced Wi-Fi Protected Access (WPA) and WPA2/802.11i.
Our feeling is, to have true wireless security, you need to have encryption turned on, says Stu Elefant, senior product manager for McAfee's wireless initiatives. Most normal people, they buy equipment, bring it home, turn it on, they get to Google, that's all they do.
Elefant says the McAfee software will provide always-on protection. The software uses notification messages to the clients and router to figure out new keys automatically and rotate them at the proper times. Even a system that's been out of contact with the network for an extended period of time will be able to fall back into the key rotation when it returns home. And new clients can't just join the network: they have to be granted permission by a client already on the network.
The software will work with what Elefant calls headless devices as well: those Wi-Fi products that are not able to run Windows software, which in this case could include anything from a Mac or Linux box to a game console adapter to a print server. Unfortunately, this means putting the software into a suspend mode that stops the key rotation. But with it off, the software will read you the keys so you can enter it into security settings for the headless devices.
The software will be running on a subscription model, so expect to pony up that $50 each year. The company plans to add new features over the course of time, and will be constantly adding new profiles for wireless hardware.
The future for the software could include incorporating services like hosted virtual private network tunnels for use at hotspots, like those offered by companies like WiTopia.net and HotspotVPN. Elefant says McAfee is very friendly with JiWire, the online hotspot directory, which recently launched such a service through its SpotLock client software.
McAfee is a member of the Wi-Fi Alliance working group for Simple Configuration to create an industry-wide interoperable way to do simple security setup for a home or SMB network. The Alliance says the group is currently evaluating a variety of proposed solutions for both security and ease of use, and we are still tracking toward launch of a program during the first half of 2006.