Colubris Networks CN1050 Wireless Access Point
May 06, 2003
This product -- actually a router for providing wireless Internet access to the masses -- lacks a few things bigger businesses might like, but offers up a wealth of security options that should keep most SMB's quite happy.
Price: $799 MSRP
The Colubris Networks CN1050 Wireless Access Point (which is really a router for getting Internet access) is 802.11b-capable using a Proxim ORiNOCO radio network card. The CN1050 package came with everything needed to set it up, including a power adaptor, Ethernet cable, installation CD, and even mounting screws.
The CN1050 focuses heavily on security and is specifically designed to give enterprise businesses and government agencies confidence when installing wireless LANs in data-sensitive areas. Promoted as Colubris Networks' most secure product, the CN1050 provides an integrated virtual private network (VPN) server, RADIUS authentication, authorization and accounting (AAA) support, token-based authentication, and a host of other security mechanisms such as 3DES and RC4 encryption.
Installation of the CN1050 is much the same as any other access point router. The CN1050 has three ports: for connecting to the Internet port, LAN, and electrical power. All you have to do is attach the CN1050 through the Internet port to a cable or DSL modem, connect the LAN port to an external switch, and then plug in the power cord.
A Quickstart Guide is included with the CN1050, as well as a more in-depth, easy to use Administrator's Guide CD-ROM. The only problem I came across during the installation was the fact that the Quickstart Guide told refers to a Quick Connect button that was not present on the product set up screen. Colubris told me that the Quick Connect has been removed from the product and had not yet been deleted from the documentation. This is not a big issue, though, because everything ran smoothly without using the Quick Connect option. The configuration screens for the CN1050 were very efficient to use.
The built-in VPN server in the wireless router significantly reduces the possibility of man-in the-middle attacks and improves performance over the network. The CN1050 pushes the VPN functions out to the edge of the network to reduce overhead. This is an important strategy when supporting a growing number of both wired and wireless applications over a common infrastructure.The CN1050 is capable of switching to "rogue detector" mode at specific times. When in this mode, it scans for other access point beacons and reports the MAC address and channel of other wireless LANs or unusual RF activities. This is certainly a valuable tool for combating rogue access points, a problem that keeps network managers awake at night.
The unit is one of the only wireless LAN products on the market that qualifies for Federal Information Processing Standard (FIPS) certification. FIPS defines requirements for commercial cryptographic products that may be bought by U.S and Canadian Federal agencies. This makes the CN1050 ideal for not only Government applications but also other environments where security is of great concern.
The CN1050 only has one LAN port, which must be connected to an external switch in order to support multiple wired devices, such as printers and PCs. This requires the user to spend extra money on a switch, making it a more expensive solution for smaller office settings. In larger enterprise scenarios, there's probably already a significant wired infrastructure that makes use of external switches.
The current version of the CN1050 does not support subnet roaming. As a result, users can not roam from one subnet to another without reconfiguring their IP address. This could be detrimental in an enterprise setting, where there may be many different subnets assigned to the wireless LAN. Subnet roaming is not generally available in other wireless LAN routers, however, but it is a growing trend that should be addressed in future versions of the product.
Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs and offers workshops on deploying wireless LANs.
Join Jim for discussions as he answers questions in the 802.11 Planet Forums.