SMB Authentication Goes Back to 98

It may not be the first market most security companies think about, but a select group of vendors, trying to bring the quality of authentication and encryption found in the enterprise to small-to-medium businesses (SMBs) and even small-office/home-office (SOHO) businesses, are starting a game of one-upmanship that seems centered on new features in client software.

On the heels of the launch of a new hosted service, WiTopia, that doesn’t require its own client, older players like LucidLink and Wireless Security Corporation (WSC) have responded by expanding the features of end user software.

LucidLink, which sells software that can be installed on almost any office PC to turn it into an 802.1X/RADIUS server, is just starting to offer client software. Its free supplicant utility is limited to Windows XP and 2000 users. Unlike the built-in 802.1X support in those operating systems, LucidLink’s client software will automatically detect network settings and — unlike Windows — won’t connect to a network with the same name but different settings. The client will come with version 2.2 of LucidLink.

Not to be outdone, the competition at WSC is upgrading its hosted service, WSC Guard. The subscriber-based service authenticates users over the Internet before allowing them full access to the wireless network.

“It’s easy to host RADIUS on the Internet,” says Ulrich Wiedmann, WSC’s vice president of engineering, “but a challenge we faced was the client software with cards — some were great; others weren’t. Our client patches up the hiccups with wireless that happen now and then.”

WSC did supply client software, but until this week it was also limited to XP/2000. The new version will go back even farther, and will let Windows 98/Me users get access.

“According to some reports we’ve read, Windows 98 and Me are still 12 to 13 percent of the operating systems out there,” says Stu Elefant, vice president of marketing at WSC. What’s more, he said the majority of WSC’s customers had heterogeneous OSes (translation: lots of old computers).

“They only upgrade when they absolutely need to,” says Elefant. “They don’t have a mandate saying everyone is on XP.”

Luckily for WSC and the competition, they also found that businesses using even older operating systems like Windows 95 or (heaven forbid) 3.1 were not using wireless.

The client software for WSC is, of course, made to work with WSC’s service, but will also serve as a Wi-Fi Protected Access with Preshared Key (WPA/PSK). The software can be downloaded and used by anyone using WPA with PSK that wants to get older Win98/Me systems on the encrypted wireless network. Microsoft doesn’t support WPA on 98/Me at all. Users don’t even have to be using WSC Guard to use WPA/PSK in the free client.

The new client software will also handle management of connection profiles like the new client from LucidLink. The end user would, in theory, not have to use or know any other software (such as the drivers with their wireless card, or the built-in Windows configuration screen in XP) to get online.

In WSC Guard, network administrators can now also create fast and easy guest accounts that are limited in duration—after 48 hours, the guest account is automatically deleted. Currently, the service can’t do what they call a “fine-grain access control list,” meaning that guests over WSC Guard get full access to the wireless network and its facilities—they’re not limited to, say, one printer and the Internet. It’s all or nothing at this point. Tighter integration with equipment from wireless hardware vendors would be needed to get tighter control over where guests can go. Elefant says customer demand for it has not been overwhelming.

WSC works with channel partners like iPass, IBM and Linksys (which bundles a branded version of WSC Guard with select hardware). All will have instant access to the latest version of WSC Guard, and can offer the client software for free download.

More features are good, but cost is always an issue. LucidLink charges a one-time $450 fee for ten users; Corriente Networks’ Elektron (a local software solution like LucidLink) costs $300 but works with Macintosh as well as Windows; the WiTopia hosted service charges only $34 for 10 users per year (that price can scale up when more than one access point is used for connections); and WSC Guard costs around $40 for 10 users per month, or $400 per year, making it the most expensive of the small-scale 802.1X solutions.

News Around the Web