Proceed to WirelessDevNet Home Page
Publications, e-books, and more! Community Tutorials Store Downloads, tools, & Freebies! IT Career Center News Home
newnav.gif
Newsletters
EMail Address:
   Content
  - Articles
  - Columns
  - Training
  - Library
  - Glossary
 
   Career Center
  - Career Center Home
  - View Jobs
  - Post A Job
  - Resumes/CVs
  - Resource Center
 
   Marketplace
  - Marketplace Home
  - Software Products
  - Wireless Market Data
  - Technical Books
 
   News
  - Daily News
  - Submit News
  - Events Calendar
  - Unsubscribe
  - Delivery Options
 
   Community
  - Discussion Boards
  - Mailing List
  - Mailing List Archives
 
   About Us
  - About WirelessDevNet
  - Wireless Source Disks
  - Partners
  - About MindSites Group
  - Advertising Information
 

Wireless Developer Network - Daily News

Visit the WirelessDevNet Symbian DevZone

Today's News | Yesterday's News | Submit News | News-"wireless" Top Stories! | Around-The-Web | Wireless DevZones!

Funk Software Announces Odyssey™, First Complete 802.1x Security Solution for Wireless LANs


Cambridge, MA, January 28, 2002 Funk Software, the leading commercial developer of RADIUS solutions, today announced Odyssey, the first end-to-end 802.1x security solution that not only permits users to securely access wireless LANs (WLANs), but also can be easily and widely deployed and managed across an enterprise network. Odyssey is currently in open beta, available for trial download from www.funk.com, and is scheduled to ship in February.

Odyssey is an end-to-end solution that includes client and server software. Odyssey supports the standard 802.1x security method EAP-TLS included in Windows XP, and introduces support for the equally strong and more easily managed security method, EAP-TTLS.

The strength of EAP-TLS security comes at a high cost. Because EAP-TLS requires that each user have a certificate, organizations that deploy it can look forward to a substantial administrative burden in operating a certificate authority to distribute, revoke, and otherwise manage user certificates.

Plus, the many people who use more than one PC are placed at a distinct disadvantage with EAP-TLS. Such users have a choice of transferring a single personal certificate and private key to each of their machines, or acquiring separate certificates for each machine they operate.

The first option is a headache for the user; the second, a headache for the administrator. EAP-TTLS and EAP-TLS are similar in that both use TLS (Transport Layer Security, the successor to SSL) as the underlying strong cryptography. However, EAP-TTLS differs in that only the RADIUS servers, not the users, are required to have certificates. The user is authenticated to the network using ordinary password-based credentials, whose use is made proof against active and passive attack by enclosing it in the TLS security wrapper.

The operation of EAP-TTLS is comparable to that of secure web sites that handle online credit card transactions. The web server proves its authenticity to the user by providing its certificate; the user is then able to encrypt credit card information to the server. Online commerce doesn't require user certificates for maximum security; neither should wireless LAN access.

EAP-TTLS is an IETF draft jointly authored by Funk Software and Certicom, and is a working document of the PPP Extensions group. The purpose of the protocol is to allow users to be authenticated onto WLANs with their existing password credentials, and, using strong public/private key cryptography, to protect those password credentials against eavesdropping and other attacks that are suddenly made possible by the advent of wireless communications. The result is a protocol that is the equal of EAP-TLS in security, that can easily be utilized by a single user from any machine, and that is compatible with existing authentication databases and infrastructure, thus putting secure WLAN authentication within any organization's reach.

“We believe network administrators won’t want to manage complicated certificate infrastructures for WLAN security, and would welcome a secure alternative,” said Joe Ryan, vice president of Funk Software. “We’ve delivered that alternative with Odyssey. Odyssey’s end-to-end architecture allowed us to implement EAP-TTLS and advance the state-of-the-art in WLAN security management. That, coupled with our RADIUS expertise, has positioned us well to deliver a strong 802.1x security solution that will be widely adopted.”

About Funk Software

Based in Cambridge, Massachusetts, Funk Software develops Odyssey, an end-to-end 802.1x WLAN security solution that can be easily and widely deployed on enterprise networks. It is also the leading provider of commercial AAA solutions for wireless operator, service provider, and enterprise networks. In use on thousands of public and private networks worldwide, the Steel-Belted Radius family of products delivers a AAA solution on the scale required by the largest carriers and service providers, and scales easily to meet the centralized authentication needs of the enterprise. The Steel-Belted Radius family of RADIUS/AAA solutions includes Steel-Belted Radius/Service Provider Edition, Steel-Belted Radius Concurrency Server, Steel-Belted Radius Port Allocation System, Steel-Belted Radius Mobile IP Module, and Steel-Belted Radius/Enterprise Edition. For more information, visit www.funk.com.



Sponsors

Search

Eliminate irrelevant hits with our industry-specific search engine!





Wireless Developer Network - A MindSites Group Trade Community
Copyright© 2000-2010 MindSites Group / Privacy Policy
Send Comments to:
feedback@wirelessdevnet.com