Linux Today: Linux News On Internet Time.

ZDNet: Worried about wireless security? Here's a solution [ Linux-based wireless gateway ]

Feb 13, 2002, 08:01 (1 Talkback[s])
(Other stories by Lee Schlesinger)

[ Readers with triggers or news preferences may be interested to note we've added 'networking' as a category beginning with this item. -ed ]

"I met recently with a company that makes a hardware box that addresses the need for better wireless security. Bluesocket Inc.'s $6,000 WG-1000 Wireless Gateway sits on a LAN between wireless access points and the rest of the corporate network. It acts as an authorization and VPN server. Any wireless data traffic can reach the device, but unauthorized users can't get past it. Authorized packets pass across the internal network (which is presumably secure), unencrypted. That lets any devices you installed to implement network QoS do the job they were designed for.

There are a lot of potential pitfalls with a device like this, but Bluesocket's architects seem to have avoided most of them. You can have multiple wireless gateways on the network, each one handling about 100 simultaneous users. (Your mileage may vary.) Two boxes can be designated as hot failover units for each other. All gateways on the network can be managed simultaneously from a single browser-based console using a master/slave hierarchy. Permissions are granted and denied according to user information defined in repositories like LDAP or Active Directory; you don't have to duplicate all your existing user information. And you can set access policies on a user or role basis.

TODAY, THE ENCRYPTION/decryption algorithms within the box (which is powered by an 866MHz Pentium III processor and a hardened version of Linux) run in software. That can impose a slight performance penalty on highly trafficked networks, where the bandwidth exceeds 30Mbps."

Complete Story

Related Stories: