Search This Blog

Wednesday, June 22, 2005

Balancing Wi-Fi access and security

NETWORK WORLD NEWSLETTER: JOANIE WEXLER ON WIRELESS IN THE
ENTERPRISE
06/22/05
Today's focus: Balancing Wi-Fi access and security

Dear security.world@gmail.com,

In this issue:

* Aruba protects against foreign client infections
* Links related to Wireless in the Enterprise
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Colubris Networks
MultiService WLANs Improve Price/Performance.

The next generation network in WLANs is all about service
mobility and access to business productivity applications
anytime, anywhere. Unified wired and wireless networks promise
to deliver multiservice applications and services for
unprecedented mobility, operational savings, price/performance
and security. For more on the Unified Services Network visit
http://www.fattail.com/redir/redirect.asp?CID=106847
_______________________________________________________________
COMPLIMENTARY NETWORK WORLD PRINT SUBSCRIPTIONS

Managing networks and systems can be a lot easier if you stay
aware of the latest developments in tools and technologies
designed to help. Network World will ensure that you don't miss
a beat. We would like to offer you the leading source of
dependable, accurate, timely information you can rely on to make
the best decisions for your corporate network. SUBSCRIBE TODAY
AT:
http://www.fattail.com/redir/redirect.asp?CID=106875
_______________________________________________________________

Today's focus: Balancing Wi-Fi access and security

By Joanie Wexler

Industry endpoint security initiatives such as Cisco Network
Admission Control and Microsoft Network Access Protection are
helping enterprises keep the client devices that they provision
and manage free of infection before they access the corporate
network.

But what about mobile endpoints that are unmanaged? By
"unmanaged," I mean devices that might need temporary access to
your network, such as those that belong to a contractor,
consultant or supplier, and are not provisioned and managed by
your IT organization.

Aruba Wireless Networks recently announced its approach to
balancing the security and access issues surrounding foreign
clients. Other Wi-Fi systems vendors, too, are at least thinking
about endpoint security. After all, a wireless access point or
wireless LAN switch might be the very first point of corporate
network contact for a mobile device that has been exposed to
Internet infections before attempting to reconnect.

In November 2004, Aruba said it was teaming with security
companies Sygate and Fortinet to integrate the stateful firewall
in Aruba's WLAN switch/controller with the other companies'
client software and firewall technologies, respectively. Earlier
this month, the fruit of the Sygate partnership emerged in the
form of Client Integrity Module software for Aruba appliances.

With it, Aruba appliances can determine if the client attempting
to connect is an unmanaged device. If it is, it will download to
the client a Java applet that performs a host integrity check
for up-to-date anti-virus software, personal firewalls, software
patches and updates - whatever your security policy dictates.
Similarly, policy will determine whether the state of the device
means it is kept off the network, allowed on, quarantined,
remediated for limited access, or redirected and brought into
compliance.

While a Wi-Fi device is not in compliance, it is also blocked
from communicating with other Wi-Fi clients in peer-to-peer
fashion, notes Jon Green, Aruba product manager.

Perhaps most interesting is the virtual desktop feature. Since
most people don't really care for IT departments in other
companies fooling with the software on their own PCs, the
virtual desktop leaves everything already on the PC alone and
creates a policy-compliant, encrypted virtual session for
temporary use that users can erase after the fact or retain for
future use when they return, Green explains.

What are other Wi-Fi vendors doing about evil lurking on mobile
devices?

Competitor Trapeze Networks deals separately with managed
devices and guest devices. For managed devices, an 802.1X-based
feature called Bonded Auth, which works in Windows environments,
authenticates both the user and the machine, so a trusted user
cannot attach to the network using an untrusted device. For
temporary users, Trapeze offers a feature called GuestPass, a
guest provisioning application that places guest traffic on a
separate VLAN and gives them Internet access only.

Symbol Technologies says that Wi-Fi endpoint security "is on its
roadmap," and Meru Networks says it is pursuing a "best of breed
partnership approach" to meet customer WLAN edge security
requirements. In March 2004, Meru announced a partnership with
iPolicy, a maker of intrusion prevention firewalls, to integrate
iPolicy security capabilities into its controllers, but we
haven't heard any further developments on that relationship (or
on the Aruba-Fortinet relationship, for that matter).

RELATED EDITORIAL LINKS

Aruba corrals foreign wireless LAN clients
Network World, 06/06/05
http://www.networkworld.com/nlwir2427

IPolicy blocks worms, viruses across 802.11 nets
Network World, 09/06/04
http://www.networkworld.com/nlwir2746

Vendors tout vulnerability mgmt. wares
Network World, 06/06/05
http://www.networkworld.com/nlwir2747

Users eye wireless voice/data unification
Network World, 06/20/05
http://www.networkworld.com/news/2005/062005-vowi-fi.html?rl

Users offer RFID reality check
Network World, 06/20/05
http://www.networkworld.com/news/2005/062005rfid.html?rl

Start-up uses Wi-Fi signals to pinpoint location
Network World, 06/20/05
http://www.networkworld.com/news/2005/062005-skyhook.html?rl
_______________________________________________________________
To contact: Joanie Wexler

Joanie Wexler is an independent networking technology
writer/editor in California's Silicon Valley who has spent most
of her career analyzing trends and news in the computer
networking industry. She welcomes your comments on the articles
published in this newsletter, as well as your ideas for future
article topics. Reach her at <mailto:joanie@jwexler.com>.
_______________________________________________________________
This newsletter is sponsored by Colubris Networks
MultiService WLANs Improve Price/Performance.

The next generation network in WLANs is all about service
mobility and access to business productivity applications
anytime, anywhere. Unified wired and wireless networks promise
to deliver multiservice applications and services for
unprecedented mobility, operational savings, price/performance
and security. For more on the Unified Services Network visit
http://www.fattail.com/redir/redirect.asp?CID=106846
_______________________________________________________________
ARCHIVE LINKS

Archive of the Wireless in the Enterprise newsletter:
http://www.networkworld.com/newsletters/wireless/index.html

Wireless research center
Latest wireless news, analysis and resource links
http://www.networkworld.com/topics/wireless.html
_______________________________________________________________
Decrease costs, improve efficiency... The new enterprise web
tier delivers

Organizations recognize that highly available web applications
equates to increased employee productivity and improved business
efficiency. This webcast reveals how a new architecture tier is
crucial to success.
http://www.fattail.com/redir/redirect.asp?CID=106989
_______________________________________________________________
FEATURED READER RESOURCE
CALL FOR ENTRIES: 2005 ENTERPRISE ALL-STAR AWARDS

Network World is looking for entries for its inaugural
Enterprise All-Star Awards program. The Enterprise All-Star
Awards will honor user organizations that demonstrate
exceptional use of network technology to further business
objectives. Network World will honor dozens of user
organizations from a wide variety of industries, based on a
technology category. Deadline: July 8. Enter today:
<http://www.networkworld.com/survey/easform.html?net>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments: