Security news focuses on wireless, Web services

A host of new products promising to secure wireless networks and Web services deployments will be on prominent display in Las Vegas this week as the NetWorld+Interop 2003 (N+I) show kicks off.

N+I highlights networking technologies for enterprises and runs through May 2 at the Las Vegas Convention Center, bringing together many of the world's biggest technology vendors with representatives from industry, government and military, according to Key3Media Group Inc., which runs the show.

With the rapid adoption of wireless LAN technology in homes and enterprises, a number of companies are exhibiting products that strengthen the security of wireless LANs, a top concern for attendees at this year's show, according to Key3Media.

In an announcement with a significant impact on the burgeoning wireless technology industry, the Wi-Fi Alliance said on Thursday that it would use the N+I show in Las Vegas to unveil its latest certification for wireless LAN devices, WPA (Wi-Fi Protected Access).

WPA is intended to replace the widely deployed WEP (Wired Equivalent Privacy) security technology, which was found to have weaknesses that made products using WEP vulnerable to attack. WPA is a specification covering security features that increase data protection and access control on wireless LANs while ensuring interoperability among different wireless hardware and software, according to the Wi-Fi Alliance. It includes technology borrowed from the as-yet unreleased 802.11i wireless security standard and will be able to run on existing 802.11a and 802.11b hardware as a software upgrade, according to the Alliance.

The group will announce on Tuesday the first products it has certified as WPA-compliant. The first WPA products will be available in May, it said.

Security is a key element of several next-generation wireless LAN offerings at the show, including an integrated firewall, wireless access point and Ethernet switch from NetGear Inc.

The ProSafe Dual-Band Wireless VPN Firewall features a WAN (wide-area network) firewall that supports two VPN (virtual private network) tunnels. It also has an intrusion detection system that can log, report and send e-mail alerts on attacks. Included in the device is a four-port wired Ethernet switch as well as access points for 802.11a and 802.11b and prestandard 802.11g.

One vendor squarely focused on content security, Fortinet Inc. of Santa Clara, California, says its products also have something to offer network administrators considering WLAN deployment, according to Richard Kagan, vice president of marketing at Fortinet Inc.

At N+I, Fortinet will be announcing two new network security appliances.

The FortiGate 60 is a hardware appliance for small and medium-sized businesses that combines VPN, firewall and content filtering capabilities with antivirus protection, according to Fortinet.

The device also comes with two USB (Universal Serial Bus) ports that support USB-enabled wireless LAN access points. Network administrators can plug their access points directly into the FortiGate 60, then use the device's policy management features to set user-level authentication for specific resources or protocols, Kagan said.

The FortiGate 60 starts at US$995 with a 10-user license and goes up to US$1,495 with unlimited licenses for shipments in the U.S.

Fortinet will also announce a new "entry level" 1G-bps (bit-per-second) security and antivirus device, the FortiGate 1000.

Priced starting at US$12,995 for shipments in the U.S., the FortiGate 1000 offers features of the FortiGate 60 but is designed for enterprises that need 1G-bps capacity. At the same time, it doesn't require the "huge premium" that most vendors put on gigabit-speed hardware appliances, he said.

The FortiGate 1000 complements Fortinet's two other gigabit offerings, the FortiGate 3000 and 3600. Like those devices, the 1000 offers gigabit throughput and high availability deployments, when clustered with other FortiGate 1000s, Kagan said.

Unlike the higher end models, the 1000 is a slim 1U device offering only a single 1G-bps interface and without the redundant hardware such as power supplies and fans offered in the 3000 and 3600 models, he said.

Wireless technology aside, the growing interest in Web services among enterprises has spurred a market for network security products that are capable of protecting content shared within and between enterprises.

Forum Systems Inc. plans to unveil version 2.0 of its Forum Sentry 1500 XML security appliance, an enterprise-class device designed to provide a platform for the deployment of security for Web services.

The hardware appliance includes new functionality supporting a variety of Web services security standards such as SAML (Security Assertion Markup Language), XML Digital Signatures and XML Encryption and adds features for configuration and security policy management, encryption key management and transaction auditing and exception handling, according to Forum.

The Forum Sentry 1500 XML version 2.0 will be available for purchase May 15 starting at US$35,000, Forum said.

Also in the Web services security market, Tarari Inc. will introduce processing components for handling antivirus functions and parsing XML traffic for threats.

N+I attendees also will find new security service offerings at the show.

Internap Network Services Corp. will announce a managed firewall service based on a Cisco Systems Inc. 1700 or 2600 router located on site at a small or medium-sized enterprise. The Atlanta-based Internet service provider, which currently offers Internet access with "guaranteed" quality anywhere in the world, will configure and manage a Cisco IOS (Internetwork Operating System) software firewall on the router and monitor it from the Internap network operations center, said Keao Caindec, executive director of alliance at Internap.

Internap provides guaranteed Internet quality with technology that lets it monitor all the major Internet backbones, Caindec said. That technology also lets it watch out for traffic patterns that may be anomalies, which helps Internap work with backbone providers to respond to Internet-borne attacks.

For most small and medium-size enterprises, the managed firewall service will cost less than US$500 per month, according to Internap.

F-Secure Corp. will introduce its hosted security services to Internet service providers (ISPs) in the U.S. after finding success with them in Europe.

F-Secure PersonalExpress enables ISPs to hand off management of a variety of security services such as antivirus and firewall protection to F-Secure.

The service is offered as a revenue sharing plan, with ISPs offering the PersonalExpress security features to their customers -- small businesses and consumers -- as a co-branded premium service, while the actual technology resides at F-Secure hosting centers.

Virus and software updates are managed by the Helsinki, Finland company, removing the administrative headache from overburdened ISP technical staff, according to F-Secure.

Join the newsletter!

Error: Please check your email address.

More about CiscoForum SystemsF-SecureInternap Network ServicesInteropKey3Media GroupNetgear Australia

Show Comments