Meetinghouse has announced client software that utilizes 802.1x for advanced network security; the AEGIS Client 2.2 for Windows XP/2000 and AEGIS Client for PPC 2002/2003.

Features of AEGIS Client 2.0 for Pocket PC include:

• IEEE 802.1X authentication support for enterprises and OEMs on the Pocket PC (2002, 2003) and CE. NET (4.1. 4.2) operating systems for handheld devices.
• Supports the WPA (Wi-Fi Protected Access) standard.
• Adds Radio Management features to the AEGIS client for hand held devices, including: Network Access Point selection, configuration matching, WEP settings and WPA settings.
• Supports multiple authentication profiles to permit automatic presentation of the correct credentials as the user moves between networks.

AEGIS Client 2.0 for PPC will be available on February 23 with the AEGIS Client 2.2 for laptops and desktops on February 29, 2004. Beta versions of both products are available now for downloading.

The hacking of T-Mobile Hotspots brought security into sharper focus. Most Community LANs don’t require a special client. Instead, they often use “captive portal” software to redirect a nearby web surfer to a “splash” page for free access. Now Nomadix is claiming patent rights to that technology.

“Mutual authentication” of client and server, part of the 802.1x standard, can ensure that users are connecting to a legal network, preventing man-in-the-middle attacks. PCTel, iPass, Funk and Padcom have software available that WISPs could license and distribute to users of practically all major platforms. Possibile solutions might include:

• Meetinghouse, has secure 802.1x client software for Windows, Linux, Solaris, Mac, Pocket PC 2002, as well as Palm OS.
• iPass, used by enterprises and public hotspots like McDonalds, uses the iPassConnect client to establish a secure, 802.1x connection.
• PCTel’s Segue client can work with the centralized Segue Controller which provides user identification and billing solution for carriers and their subscribers. It integrates a network of Segue Hot Spot gateways with the backend systems for roaming support from other authorized providers.
• Funk’s Radius software and Odyssey Client for Pocket PC lets you set up a highly secure end-to-end connection.
• Colubris Access Points, including the CN1050 and CN1054, are the first APs to be awarded Federal Information Processing Standard (FIPS) 140-2 certification.
• The ZyAIR B-3000 features 802.1x authentication, 256-bit WEP encryption, Wi-Fi Protected Access (WPA) directly without a back-end RADIUS server.
• Code Red Systems has an AirBlock 802.11 Wireless Security application that automatically changes WEP keys every 10 minutes and configures both wireless cards and access points to accept encrypted data only.

The 802.1x standard is a framework for secure, mutual authentication between a network and end-users. Many enterprises currently support 802.1x to protect their wireless networks because it requires interrogation by the server.

Posted by Sam Churchill on Wednesday, January 28th, 2004 at 6:05 am.