Price: $799 MSRP
The Colubris Networks CN1050 Wireless
Access Point (which is really a router for getting Internet access) is 802.11b-capable
using a Proxim ORiNOCO radio network card. The CN1050 package came with everything
needed to set it up, including a power adaptor, Ethernet cable, installation
CD, and even mounting screws.
The CN1050 focuses heavily on security
and is specifically designed to give enterprise businesses and government agencies
confidence when installing wireless LANs in data-sensitive areas. Promoted as
Colubris Networks’ most secure product, the CN1050 provides an integrated virtual
private network (VPN) server, RADIUS authentication,
authorization and accounting (AAA) support, token-based authentication, and
a host of other security mechanisms such as 3DES and RC4 encryption.
Installation of the CN1050 is much the same as any other access point router.
The CN1050 has three ports: for connecting to the Internet port, LAN, and electrical
power. All you have to do is attach the CN1050 through the Internet port to
a cable or DSL modem, connect the LAN port to an external switch, and then plug
in the power cord.
A Quickstart Guide is included with the CN1050, as well as a more in-depth,
easy to use Administrator’s Guide CD-ROM. The only problem I came across during
the installation was the fact that the Quickstart Guide told refers to a Quick
Connect button that was not present on the product set up screen. Colubris told
me that the Quick Connect has been removed from the product and had not yet
been deleted from the documentation. This is not a big issue, though, because
everything ran smoothly without using the Quick Connect option. The configuration
screens for the CN1050 were very efficient to use.
The built-in VPN server in the wireless
router significantly reduces the possibility of man-in the-middle attacks and
improves performance over the network. The CN1050 pushes the VPN functions out
to the edge of the network to reduce overhead. This is an important strategy
when supporting a growing number of both wired and wireless applications over
a common infrastructure.
The CN1050 is capable of switching to "rogue detector" mode at specific
times. When in this mode, it scans for other access point beacons and reports
the MAC address and channel of other wireless LANs or unusual RF activities.
This is certainly a valuable tool for combating rogue access
points, a problem that keeps network managers awake at night.
The unit is one of the only wireless
LAN products on the market that qualifies for Federal Information Processing
Standard (FIPS) certification. FIPS defines requirements for commercial cryptographic
products that may be bought by U.S and Canadian Federal agencies. This makes
the CN1050 ideal for not only Government applications but also other environments
where security is of great concern.
The CN1050 only has one LAN port, which must be connected to an external switch
in order to support multiple wired devices, such as printers and PCs. This requires
the user to spend extra money on a switch, making it a more expensive solution
for smaller office settings. In larger enterprise scenarios, there’s probably
already a significant wired infrastructure that makes use of external switches.
The current version of the CN1050 does not support subnet roaming. As a result,
users can not roam from one subnet to another without reconfiguring their IP
address. This could be detrimental in an enterprise setting, where there may
be many different subnets assigned to the wireless LAN. Subnet roaming is not
generally available in other wireless LAN routers, however, but it is a growing
trend that should be addressed in future versions of the product.
Jim Geier provides independent consulting services to companies
developing and deploying wireless network solutions. He is the
author of the book, Wireless
LANs and offers workshops
on deploying wireless LANs.
Join Jim for discussions as he answers questions in the 802.11 Planet Forums.