A new product announced today will enable businesses to secure wireless LANs using smart cards or tokens in addition...
to username and password identification, offering wireless networks the same viable, stringent security that has long been available for wired networks.
ActivCard Corp., a Fremont, Calif.-based security company, has announced its ActivCard AAA Server that enables businesses to use a range of methods -- tokens, USB keys or smart cards -- to provide a second means of identification for those attempting to log into a wireless LAN.
"Almost all Fortune 500 companies are investing in strong authentication for remote access," said Andy Smith, marketing manager with ActivCard. "Just requiring a password is not good enough."
The product requires a server on the back end and client software on each device. While some customers might shy away from the complication of managing a client, Smith said that techniques such as automatic updating make clients easier to manage.
The server is compliant with the recently released 802.1x wireless LAN security standard, as well as Remote Authentication Dial-In User Service (RADIUS) authentication protocols, and it integrates with Lightweight Directory Access Protocol (LDAP).
While ActivCard is not the first company to bring such two-factor authentication to wireless devices -- Nokia and others have tried using SIM cards for wireless LAN authentication -- it may well be the first to provide such a broad range of approaches in a single offering, said Michael Disabato, service director with Midvale, Utah-based Burton Group.
Such flexibility may appeal to companies compelled to adopt this type of authentication because of new government regulations or adoption by partners. Defense contractors, for example, may require one form of authentication, while those in the automotive industry may choose a different approach, Disabato said.
Businesses need to decide if such authentication makes sense, but that should be part of an overall security analysis, Disabato said. Two-factor authentication should not be viewed as something simply for wireless networks.
Craig Mathias, founder of FarPoint Group, an Ashland, Mass.-based advisory and systems-integration firm, expects a number of similar products to go to market over time, as wireless becomes more popular and more integrated into the network.
"I encourage companies not to think about wireless security, but instead to think about network security," he said.
The ActivCard AAA Server costs approximately $60 per user (based on 100 users). The client software costs $15 per device, and there is a $5,000 activation fee.