Two product announcements have put 802.1X security in reach of any enterprise
Meetinghouse Data Communications of Portsmouth,
NH, is actively beta testing AEGIS Server and AEGIS Client, with the full product
to ship on May 30, 2002. Funk Software of
Cambridge, MA, has meanwhile announced the release of Odyssey, its own 802.1X
security client/server solution for Wireless LANs.
Both products support data protection and user authentication using the Extensible
Authentication Protocol – Tunneled Transport Layer Security (EAP-TTLS) protocol,
which only requires a password from the end user for authentication.
EAP-TTLS, an extension of EAP-TLS, saves on the administration overhead of
issuing certificates. Instead, standard user passwords checked against an authentication
database are enough for logging in securely. Login information stays encrypted
in a tunnel in the communications channel the entire time. Data is kept private
by dynamically issuing per-session keys to encrypt wireless traffic and re-authenticating
with a new key at regular intervals.
"[EAP-TTLS] resolves the problems with today’s implementation of WEP,"
said Meetinghouse Vice President of Sales and Marketing Anthony Delli Colli.
"Dealing with client side certificates are a key nightmare for administrators."
Both product sets support the multiple certificate EAP-TLS 802.1X authentication,
which comes with Windows XP, as well as Cisco’s LEAP, PAP, MS-CHAP, and MS-CHAP
V2 authentication types.
Meetinghouse Data’s AEGIS Client can run on Windows 98/ME/NT/2000/XP and Linux,
with Mac OS X and Solaris versions expected in the third quarter of 2002. The
server is currently only available for Linux, with Solaris and Windows 2000/XP
versions shipping in the third quarter. The price starts at $2500 for 50 AEGIS
Client licenses and one AEGIS Server.
Funk’s Odyssey 1.0 consists of a Client that runs on a Windows system (98/ME/2000/XP)
with an 802.1x adapter card and Server for Windows 2000/XP that interoperates
with the WLAN access point. It costs $2500 for a 25 Odyssey Client licenses
and one Odyssey Server.
Both companies will be participating at Networld+Interop 2002 in Las Vegas
from May 7 -11, 2002, as part of the InteropNet Labs WLAN Security Initiative.