|
Wireless Security More and more organizations are adopting wireless technology to enable employees and business partners to access the Internet and corporate resources. An increase in network attacks - especially attacks on wireless networks - creates the need for a cost-effective, reliable wireless Internet security solution that can be centrally managed and will remain effective to protect your valuable resources at all times. Embedded NG wireless security appliances support a comprehensive suite of wireless security capabilities, including: -
Seperate WLAN Segment: Embedded NG wireless security appliances host wireless clients in a seperate, physically isolated network. Firewall rules can be used to define exactly which resources wireless clients are permitted to access. By segmenting your network into seperate sub-networks, the risk of attacks propagating from the wireless LAN to your wired networks is greatly reduced.
Embedded NGX 6.5 wireless appliances also support segmenting the wireless network (WLAN) into separate, isolated zones, with different security policies. Each zone is called a virtual access point (VAP) and can have its own SSID, security settings, IP network segment, and quality of service (QoS) settings. -
IPSec over WiFi: Our recommended wireless security solution, based on our IPSEC VPN technology. Works with bundled SecuRemote VPN client software that supports both PCs and PDAs. Using the included SecuRemote software , you can enjoy a secure connection from anywhere—in your wireless network or on the road—without changing any settings. The standard is completely transparent and allows you to access company resources the same way, whether you are sitting at your desk or anywhere else. Firewall rules can be used to specify exactly which resources can be accessed by SecuRemote users. More Information -
WPA / WPA-PSK (WiFi Protected Access): The latest 802.11 security standard. WPA can be used in parallel to IPSec. Embedded NG supports either pre-shared secret (WPA-PSK) or RADIUS-based authentication. WPA2 (802.11i) is supported in the upcoming Embedded NG 6.0 release. -
802.1X: An authentication standard for verifying the identity of end points. -
WEP (64-bit, 128-bit, 152-bit): A security protocol defined in IEEE’s wireless LAN specification 802.11b (commonly called Wi-Fi, Wireless Fidelity). While WEP includes authentication and encryption that limits access to information and the corporate network, recent studies have found that WEP is vulnerable to simple attacks and is not strong enough to provide proper confidentiality or authentication. Users of Wi-Fi should utilize VPN and firewall technologies to more fully secure their wireless networks. Embedded NG still includes WEP support for customers with old wireless adapters that do not support the newer standards. -
MAC address filtering: Allows defining network objects and filtering end points based on MAC addresses. It is not recommended to use MAC address filtering as the sole security measure. -
SSID hiding: Allows using the access point in stealth mode, requiring all users to know the SSID in order to connect. It is not recommended to use SSID hiding as the sole security measure.
|
