Cisco to share WLAN security technology

Cisco to share WLAN security technology

Makers of 802.11 wireless LAN clients now can make their products support special security features offered in Cisco Systems wireless networks under the recently announced licensing and testing program, Cisco Compatible Extensions (CCX).

Cisco will license technology free of charge to client silicon makers for supporting enhanced security capabilities Cisco has developed for enterprise wireless LANs, the company said. Initial partners include Intel, IBM and wireless silicon vendor Atheros Communications.

The security features, some of which Cisco already included in its gear, complemented rather than replaced industry standards, the companies said.

Enterprises were facing "a hefty grassroots push" for wireless LAN deployment and needed to be able to manage and secure any wireless LANs on their premises, said Chris Kozup, an analyst at Meta Group.

The security mechanisms built in to the 802.11 wireless LAN standard have come under fire as not safe enough, and Cisco already offers additional security features for its gear, which primarily is aimed at enterprises.

Cisco also said it would focus its wireless LAN silicon development on access points, the devices at the hubs of wireless LANs, and move away from being a client hardware vendor. It would continue selling Cisco-branded clients to companies that wanted to use Cisco as a one-stop shop.

With wireless capability going into the guts of many different devices, such as handheld computers, mobile phones and notebook computers, Cisco was leaving it up to others to develop wireless silicon for them, vice-president of Cisco's wireless networking unit, Bill Rossi, said.

Makers of devices and PCs that wanted Cisco's enterprise-class security in their wireless-enabled products now had more component sources to choose from, he said.

"It used to be they had to buy a Cisco solution and embed it in their devices. ... Now they have a choice. They're not being driven to a particular vendor's solution as they were in the past," Rossi said.

The new security capabilities will be integrated initially into client adapters and eventually into mobile devices, according to Cisco. In most cases, adapting current client products to support CCX would require only a firmware upgrade, Rossi said. After testing for interoperability with the Cisco wireless LAN infrastructure, Cisco would certify the product as compliant with the specifications.

Cisco has already developed a CCX specification that includes the company's implementations of strong user authentication and encryption, Rossi said.

CCX Version 1 includes compliance with the Cisco Wireless Security Suite, compatibility with Cisco's mechanism for assigning wireless LAN clients to virtual LANs, and full Wi-Fi and 802.11 standards compliance.

CCX Version 2 will add support for the IEEE 802.1x authentication type PEAP (Protected Extensible Authentication Protocol) and compliance with WPA (Wi-Fi Protected Access) when using various 802.1x authentication types. It also will have some new Cisco wireless LAN capabilities that improve roaming and wireless LAN management.

WPA is a specification developed by the Wi-Fi Alliance industry group.

CCX Version 2 will be released to partners in the next 30 to 60 days, Cisco said.

Atheros announced that its multimode 802.11a/b PC Card design based on its AR5001X chipset had been certified under CCX 1.0. The company supplies wireless LAN components to several large notebook PC vendors.

Other current CCX partners include Hewlett-Packard, Texas Instruments, Intersil, Atmel, Agere Systems and Marvell Semiconductor.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments