Wireless Security Steps Up at West Point, Home

[InfoSec News <isn () c4i org>]

http://eprairie.com/news/viewnews.asp?newsletterID=4540

Spiro Papadopoulos 
ePrairie.com
4/3/2003 

CHICAGO - In last week's column, I blithely mentioned that military 
use of 802.11 isn't ready for prime time due to security gaps in 
current technology. 

While I maintain that a rush to deploy Wi-Fi on highly data-sensitive 
networks in both the private and government sector is still a ways 
away, there is no denying that most organizations that have installed 
or are planning to deploy wireless networks are in desperate need 
(whether they are aware of it or not) of adequately securing their 
networks. 

Maybe we should look to the government for some help. The U.S. 
Military Academy at West Point has recently rolled out a secure 
802.11a wireless network in its classrooms that is allegedly producing 
a much richer classroom experience for a thousand or so cadets. I 
suspect the gravitational pull toward Web surfing during a Monday 
morning physics lecture is quite strong. 

So how did West Point address security? It chose a wireless product 
from Cranite Systems. The product, called the "Wireless Wall Software 
Suite," actually consists of three components: 


1. A policy server that works with an existing directory and supports 
   the characteristics of each wireless connection on the network. 

2. An access controller that encrypts and decrypts authorized traffic 
   and allows users to roam across subnets in the network. 

3. Client software that ensures a secure tunnel to the access 
   controller. 

Marc Sokol, a partner at Chicago-based venture capital firm JK&B 
Capital, says he is impressed with the technology so much so that his 
firm participated in Cranite's most recent third round of funding. He 
says Wireless Wall is unique because "it's a layer 2 software solution 
that enables users to roam between access points seamlessly. A 
solution must be layer 2 [for it to be secure]." 

He's not the only one who thinks highly of the product. Last week, 
Cranite was granted Federal Information Processing Standard (FIPS) 
certification by the U.S. government. The certification is a notable 
milestone because the government mandates this seal of approval for 
its own cryptography-related purchases. 

The approval now opens a big door to government coffers. In fact, 
Cranite is partnering with HP to sell the solution to government 
agencies and is working with other value-added resellers (VARs) and 
system integrators to sell the solution to enterprise businesses. 

While that's great news for those who can afford the protection, what 
about security on home wireless networks? For the most part, users 
still don't have many options beyond traditional wired equivalent 
privacy (WEP) and virtual private networks (VPNs). 

I'm bringing this up as a reminder that WEP is still a good option for 
warding off the casual intruder and should be enabled at your home or 
office in the absence of a more robust security system. Think of it 
like having The Club on your network. Just keep in mind that a 
determined thief will find a way around almost any security measure. 

Speaking of home networks, I'd be remiss if I didn't comment on 
Cisco's recent acquisition of Linksys. In the short term, it's a solid 
and easy deal. With its strong presence in the home and small office 
networking market, Linksys will complement Cisco's dominance at the 
high end of the market. 

Seems simple enough. For now, Cisco has no plans on rebranding Linksys 
products under the Cisco name. Linksys will currently operate as an 
independent entity within Cisco. But for how long? Looking out two 
years from now, the picture of the networked home becomes muddled. 

A Cisco executive has recently said that the home networking market is 
at an inflection point in terms of mass appeal. He is correct. 

My question is whether Cisco is the right company to take advantage of 
the latest must-have home item. In one respect, the answer is yes. 
Since Cisco already sells high-end gear to cable companies, it's in a 
good position to start striking deals with the likes of Comcast and 
begin bundling equipment into people's homes. 

Another part of me says this won't be so easy. Have you ever taken a 
hard look at the industrial design of a Linksys access point? Though 
Louis Sullivan might nod in approval, Steve Jobs must go into 
convulsions when he sees one. 

My point is that up until now, wireless local-area networks (LANs) 
have been the domain of geeks. It has only been a recent phenomena for 
non-techie people to venture out to Best Buy on their own to purchase 
and install wireless LANs. That will change, though, as the systems 
become easier to install. 

So here we are on the cusp of mass appeal for wireless home networks. 
At this point, I refuse to believe that Cisco will be best positioned 
to serve those consumers in the long term. 

If I had to predict a long-term winner in the home networking market 
in five years, I would pick Sony because it has all the pieces to the 
puzzle (gaming, content, PCs and consumer electronics). With a huge 
cash horde and a proven willingness to enter emerging markets, 
Microsoft would be my other pick. 




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.