Cisco, Microsoft team on wireless security

Cisco will implement the draft security standard, called 802.1x, on its Cisco Aironet 350 series of 802.11b-compliant WLAN (wireless local area networking) products, the company said in a statement Monday. Microsoft, Cisco, and a group of other companies have teamed up on what Cisco is calling the first enterprise authentication and security architecture based on the draft 802.1x and EAP (Extensible Authentication Protocol) standard, published by the Institute of Electrical and Electronics Engineers (IEEE).

The new standard is meant to address security holes raised by the popular 802.11b, or Wi-Fi, wireless network standard. Researchers at the University of California, Berkeley, recently identified weaknesses that could potentially make Wi-Fi networks vulnerable to hackers. In the research paper released in February, university researchers concluded that the protocol used to access corporate networks has "major security flaws" and is vulnerable to hackers using easily to obtain equipment. The protocol is referred to as the Wired Equivalent Privacy (WEP) protocol and is used in the IEEE 802.11 international standard for wireless LAN (local area network) communications.

The protocol is vulnerable to attacks that decrypt traffic, according to the members of the Internet Security Applications, Authentication and Cryptography (ISAAC) group in the university's Computer Science Division. Researchers were able to intercept and modify transmissions and access restricted networks. The ISAAC research can be viewed at http://www.isaac.cs.berkeley.edu/.

According to a Cisco white paper, the company said it was aware of the security flaws in the WEP protocol before the company developed its Aironet architecture. Cisco, in its white paper, agreed with Berkeley researchers who cite inherent weaknesses in WEP and that the weaknesses exist regardless of the length of the encryption key used.

In general, the extent of the vulnerability depends on whether static or dynamic WEP is used, according to Cisco. The Cisco Aironet wireless security adds to 802.11b WEP by creating a per-user, per-session, dynamic WEP key tied to the network logon, Cisco said. This addresses the limitations of static WEP keys while providing a deployment that is easy to use for administrators, Cisco said.

For more specifics on the security augmentations made by Cisco, go to http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1281_pp.htm/.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?