Cisco to share WLan security technology

Makers of 802.11 wireless Lan clients can now make their products support special security features offered in Cisco Systems...

Makers of 802.11 wireless Lan clients can now make their products support special security features offered in Cisco Systems wireless networks under Cisco Compatible Extensions (CCX), a licensing and testing programme announced yesterday.

Cisco will not charge client silicon makers to license the technology for supporting enhanced security capabilities it has developed for enterprise wireless Lans. The security features, some of which Cisco already includes in its products, complement rather than replace industry standards, the company said.

Enterprises are facing "a hefty grassroots push" for wireless Lan deployment and need to be able to manage and secure any wireless Lans on their premises, said Chris Kozup, an analyst at Meta Group.

The security mechanisms built in to the 802.11 wireless Lan standard have come under fire for not being safe enough, and Cisco already offers additional security features for its range.

Cisco also said it will focus its wireless Lan silicon development on access points, the devices at the hubs of wireless Lans, and move away from being a client hardware vendor. It will continue selling Cisco-branded clients to companies that want to use Cisco as a one-stop shop.

With wireless capability at the centre of many different devices, such as handheld computers, mobile phones and notebook computers, Cisco is leaving it up to others to develop wireless silicon for them, said Bill Rossi, vice-president of Cisco's wireless networking unit. Makers of devices and PCs that want Cisco's enterprise-class security in their wireless-enabled products will now have more component sources to choose from, he added.

"They used to have to buy a Cisco solution and embed it in their devices. Now they have a choice. They are not being driven to a particular vendor's solution as they were in the past," Rossi said.

The security capabilities will be integrated initially into client adapters and eventually into mobile devices. In most cases, adapting current client products to support CCX will require only a firmware upgrade, Rossi said. After testing for interoperability with the Cisco wireless Lan infrastructure, Cisco will certify the product as compliant with the specifications.

Cisco has already developed a CCX specification that includes the company's implementations of strong user authentication and encryption, Rossi said. CCX Version 1 includes compliance with the Cisco Wireless Security Suite, compatibility with Cisco's mechanism for assigning wireless Lan clients to virtual Lans, and full Wi-Fi and 802.11 standards compliance.

CCX Version 2 will add support for the IEEE 802.1x authentication type Protected Extensible Authentication Protocol and compliance with Wi-Fi Protected Access when using various 802.1x authentication types. It also will have some Cisco wireless Lan capabilities that improve roaming and wireless Lan management.

CCX Version 2 will be released to partners in the next two months.

Read more on Wireless networking