Even though wireless local area networks are notoriously susceptible to security breaches, IT professionals recently polled by InternetWeek said they were comfortable deploying wireless LANs if they could add supplemental security. 

Funk Software is one wireless company which is working with WLAN vendors and customers to address WLAN security issues. The Cambridge, MA, company recently released Odyssey, a complete WLAN access control and security solution based on 802.11X, which the company claims to be the only commercial implementation of an enhanced security protocol, EAP-TTLS. 

Odyssey includes: Odyssey Client, a universal 802.11X client that lets users securely connect over a wireless link, and Odyssey Server, a RADIUS server specially designed to handle wireless LAN access. 

Odyssey supports both EAP-TLS, the protocol which runs on 802.11X included in Windows XP, and EAP-TTLS, an equally strong and more easily managed security method, which was jointly authored by Funk and Certicom. To date, many WLAN equipment vendors including Avaya and Enterasys, have endorsed the use of EAP-TTLS with their WLAN access point and wireless adapter cards. 

EAP-TTLS and EAP-TLS are similar in that both use TLS (Transport Layer Security, the successor to SSL) as the underlying strong cryptography. However, EAP-TTLS differs in that only the RADIUS servers, not the users, are required to have certificates. The user is authenticated to the network using ordinary password-based credentials, whose use is made proof against active and passive attack by enclosing it in the TLS security wrapper, the company said. 

"With the combination of Funk Software's Odyssey and Enterasys' RoamAbout wireless access points, customers have an additional effective option to aid in deploying highly secure and easy to administer wireless LAN environments," said John Roese, chief technology officer at Enterasys Networks and co-author of the 802.1x standard. 

An American college, Colby Sawyer College, is currently beta testing Funk's Odyssey. The college said Odyssey so far has met its criteria for centralized authentication and multi-vendor interoperability in its wireless LAN security rollout. 

For more information: www.funk.com