Meru: Application Aware

By Eric Griffith

March 13, 2007

Updates to the Meru security software will keep a network protected as it traffics in voice, video and more.

Security on a wireless LAN is about more than just encryption. Meru Networks is addressing that with the first update to its AirShield Security Suite. The company says it's all about "application awareness" -- the software recognizes the type of traffic on a network, such as voice communication, and allows it through while continuing to run security services.

"AirShield 1.0 had strong features," says Kamal Anand, senior vice president of marketing and corporate strategy at Meru. "It had all the traditional wireless encryption and authentication." And it still does: WPA2, guest access, a captive portal option, intrusion detection and prevention, and static or dynamic virtual LANs (VLANs).

Version 2.0, which ships later this month, adds a series of new features.

The policy enforcement takes into account not only the application in use, but also the user, and that user's location. "If you have a phone with a VoIP client, I can make policies so it only talks to the SIP server, not the enterprise server or your ERP applications," Anand says. As for location awareness, an example he gives is how anyone tagged as being indoors can get access to the SIP server, but not if they're outside of the building.

"It increases mobility while increasing security," Anand claims.

AirShield can check packet signatures to block or at least isolate certain kinds of traffic; policies can also ensure certain applications get a specific amount of bandwidth (or a limited amount).

Generic routing-encapsulation (GRE) tunneling in large, distributed networks, like in retail, provides a means for a wireless network node to backhaul to the corporate infrastructure. All policies are extended to the branch locations.

AirShield 2.0 will cost $3,495 for a Meru-based 30-access point network.

Meru has deals in place with several network-access control (NAC) vendors  to ensure easy interoperability. They include Microsoft, Juniper Networks, Vernier Networks, and Lockdown Networks.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.