|
Strong, Layered WLAN Security Architecture Protects Users, Data, Network
3Com® and Fortress Technology's end-to-end security architecture is designed for U.S. government wireless networks. Fortress' FIPS 140-2 validated products are considered the strongest commercially available wireless security products on the market today. The architecture protects at the user, device, and network level and covers all facets of security including encryption, authentication, and access control.
Encryption — Securing the Data
"Always-on" encryption offers selectable 128/192/256-bit AES, DES, or 3DES algorithms that work in ad hoc peer-to-peer or infrastructure modes. Strong protection features offer three significant advantages over the competition:
- Encrypts all Ethernet data from the first packet, including user authorization credentials, broadcasts, and data
- Protects internal network addresses from being exposed over the air
- Ensures network availability by defeating denial-of-service (DoS) attacks
Authentication — Securing the Devices and the Network
A three-factor process repels attacks and intrusions by employing three independent deterrents: an access ID, a unique, non-spoofable wireless device ID, and a username and password (or Smart Card or token). Mutual authentication requires that the device be authenticated by the network infrastructure, and the network infrastructure be authenticated by the device, which provides several key benefits:
- Multi-layered authentication ensures that even weak passwords do not expose the network
- Delivers strong, uniform authentication architecture for the broadest range of devices
- Prevents traffic hijacking and ad hoc attacks
Access Control — Securing the Users and the Devices
The Fortress Access Control Server provides detailed device and user control over the entire WLAN from a central administration interface. It integrates with enterprise authentication and directory services such as RADIUS, NT Domain, Active Directory, and LDAP, to work seamlessly in any network environment.
- A single server scales with the growth of the wireless network regardless of the number of access points, gateways, or devices
- Centralized monitoring, reporting, and policy management enables administrators to efficiently administer large wireless networks
Beyond FIPS
In addition to 8100.2 DoD Wireless Directive with end-to-end FIPS 140-2 Certification (April 2004), Fortress products have undergone rigorous third-party testing, validation, and certification:
- NIST, NIAP, NSA FIPS 140-2 Certification #231,#358
- SPOCK Testing Report
- Department of Homeland Security- TISCOM (U.S. Coast Guard)
- U.S. Air Force AFCA Approved, I-TRM
- DoD Medical - DMLSS
- U.S. Navy - SPAWAR
|
|
RELATED INFO