Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Case Study: Government lab goes multi-vendor for Wi-Fi security

Military rolls out its own Wi-Fi solution

Article comments

The US Joint Forces Command has taken a multivendor, best-of-breed approach to managing and securing Wi-Fi networks.

A Department of Defense agency, the USJFC researches future engineering trends that will benefit integrated warfighting among military branches. Based on its own testing of Wi-Fi networking, the USJFC recommends a multilayered security and management infrastructure as a best practice to the Army, Navy, Air Force and Marines.

In its own network, for example, it uses separate vendors for access points, encryption, authentication, intrusion detection and network management. It sees a mix of best-of-breed systems as less penetrable from a security standpoint, says Tony Cerri, experiment engineering department head at USJFC.

802.11a for a dense population
The lab runs a wireless LAN supporting 400 users, expected to soon grow to 700. Its Cisco Aironet 1200 access point infrastructure makes heavy use of 802.11a at 5GHz, because its network covers a dense user population in a two-building area and needs the extra channels to avoid interference.

"Having only three non-overlapping channels [in 802.11b and 802.11g at 2.4GHz] just doesn't cut it," Cerri says. 802.11a, on the other hand, supports eight to 24 channels, depending on geography.

Client devices include Fujitsu and Acer tablet PCs, Dell laptops and Vocera 802.11 voice badges.

Security is an overlay
On top of the Cisco connectivity infrastructure is an AirFortress overlay for Advanced Encryption Standard (AES) Layer 2 encryption, a Bluesocket gateway authentication network and an AirDefense sensor network for intrusion detection.

Most recently, the USJFC layered on AirWave centralised configuration and management software to help scale access point deployment. This move happened after attempting to automate access point setup with Cisco's Wireless LAN Solution Engine (WLSE) for two months and finding it "not intuitive," says Derek Krein, wireless engineer.

The AirWave Management Platform also gathers RF statistics for root cause analysis and enables the USJFC to define and deploy security policy and conduct security configuration audits - an important security step currently lacking in many government agencies, according to a May 2005 study by the US Government Accountability Office.

Authentication and roaming
Bluesocket allows pass-through authentication, enabling users to log in with the command's Active Directory and then transparently roam across what appears as a single wireless domain. This appealed to the USJFC, because Krein says the command "isn't comfortable deploying the 802.11i security standard until the problems with 802.1X have been solved."

He was referring to cross-subnet roaming delays associated with two-way, mutual authentication that are particularly problematic with real-time applications such as voice. A new roaming extension to the 802.11 standard, 802.11r, is expected to solve the latency issues, but not until at least 2007.


Share:

More from Techworld

More relevant IT news

Comments




Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *