N+I - Security Products Focus On Wireless, Web Services

A host of new products promising to secure wireless networks and Web services deployments will be on prominent display in Las Vegas this week as the NetWorld+Interop 2003 (N+I) show kicks off.

N+I highlights networking technologies for enterprises and runs from April 27 through May 2 at the Las Vegas Convention Center, bringing together many of the world's biggest technology vendors with representatives from industry, government and military, according to Key3Media Group, which runs the show.

With the rapid adoption of wireless LAN technology in homes and enterprises, a number of companies are exhibiting products that strengthen the security of wireless LANs, a top concern for attendees at this year's show, according to Key3Media.

In an announcement with a significant impact on the burgeoning wireless technology industry, the Wi-Fi Alliance said on Thursday that it would use the N+I show in Las Vegas to unveil its latest certification for wireless LAN devices, WPA (Wi-Fi Protected Access).

WPA is intended to replace the widely deployed WEP (Wired Equivalent Privacy) security technology, which was found to have weaknesses that made products using WEP vulnerable to attack. WPA is a specification covering security features that increase data protection and access control on wireless LANs while ensuring interoperability among different wireless hardware and software, according to the Wi-Fi Alliance. It includes technology borrowed from the as-yet unreleased 802.11i wireless security standard and will be able to run on existing 802.11a and 802.11b hardware as a software upgrade, according to the Alliance.

The group will announce on Tuesday the first products it has certified as WPA-compliant. The first WPA products will be available in May, it said.

Security is a key element of several next-generation wireless LAN offerings at the show, including an integrated firewall, wireless access point and Ethernet switch from NetGear Inc.

The ProSafe Dual-Band Wireless VPN Firewall features a WAN (wide-area network) firewall that supports two VPN (virtual private network) tunnels. It also has an intrusion detection system that can log, report and send e-mail alerts on attacks. Included in the device is a four-port wired Ethernet switch as well as access points for 802.11a and 802.11b and prestandard 802.11g.

One vendor squarely focused on content security, Fortinet of Santa Clara, California, says its products also have something to offer network administrators considering WLAN deployment, according to Richard Kagan, vice president of marketing at Fortinet.

At N+I, Fortinet will be announcing two new network security appliances.

The FortiGate 60 is a hardware appliance for small and medium-sized businesses that combines VPN, firewall and content filtering capabilities with antivirus protection, according to Fortinet.

The device also comes with two USB (Universal Serial Bus) ports that support USB-enabled wireless LAN access points. Network administrators can plug their access points directly into the FortiGate 60, then use the device's policy management features to set user-level authentication for specific resources or protocols, Kagan said.

The FortiGate 60 starts at $US995 with a 10-user license and goes up to $US1495 with unlimited licenses for shipments in the U.S.

Fortinet will also announce a new "entry level" 1G-bps (bit-per-second) security and antivirus device, the FortiGate 1000.

Priced starting at $US12,995 for shipments in the US, the FortiGate 1000 offers features of the FortiGate 60 but is designed for enterprises that need 1G-bps capacity. At the same time, it doesn't require the "huge premium" that most vendors put on gigabit-speed hardware appliances, he said.

The FortiGate 1000 complements Fortinet's two other gigabit offerings, the FortiGate 3000 and 3600. Like those devices, the 1000 offers gigabit throughput and high availability deployments, when clustered with other FortiGate 1000s, Kagan said.

Unlike the higher end models, the 1000 is a slim 1U device offering only a single 1G-bps interface and without the redundant hardware such as power supplies and fans offered in the 3000 and 3600 models, he said.

Wireless technology aside, the growing interest in Web services among enterprises has spurred a market for network security products that are capable of protecting content shared within and between enterprises.

Forum Systems Inc. plans to unveil version 2.0 of its Forum Sentry 1500 XML security appliance, an enterprise-class device designed to provide a platform for the deployment of security for Web services.

The hardware appliance includes new functionality supporting a variety of Web services security standards such as SAML (Security Assertion Markup Language), XML Digital Signatures and XML Encryption and adds features for configuration and security policy management, encryption key management and transaction auditing and exception handling, according to Forum.

The Forum Sentry 1500 XML version 2.0 will be available for purchase May 15 starting at $35,000, Forum said.

Also in the Web services security market, Tarari will introduce processing components for handling antivirus functions and parsing XML traffic for threats.

N+I attendees also will find new security service offerings at the show.

Internap Network Services Corp. will announce a managed firewall service based on a Cisco Systems Inc. 1700 or 2600 router located on site at a small or medium-sized enterprise. The Atlanta-based Internet service provider, which currently offers Internet access with "guaranteed" quality anywhere in the world, will configure and manage a Cisco IOS (Internetwork Operating System) software firewall on the router and monitor it from the Internap network operations center, said Keao Caindec, executive director of alliance at Internap.

Internap provides guaranteed Internet quality with technology that lets it monitor all the major Internet backbones, Caindec said. That technology also lets it watch out for traffic patterns that may be anomalies, which helps Internap work with backbone providers to respond to Internet-borne attacks.

For most small and medium-size enterprises, the managed firewall service will cost less than $US 500 per month, according to Internap.

F-Secure will introduce its hosted security services to Internet service providers (ISPs) in the US after finding success with them in Europe.

F-Secure PersonalExpress enables ISPs to hand off management of a variety of security services such as antivirus and firewall protection to F-Secure.

The service is offered as a revenue sharing plan, with ISPs offering the PersonalExpress security features to their customers — small businesses and consumers — as a co-branded premium service, while the actual technology resides at F-Secure hosting centers.

Virus and software updates are managed by the Helsinki, Finland company, removing the administrative headache from overburdened ISP technical staff, according to F-Secure.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Dan Verton

Latest Videos

More videos

Blog Posts