Home     |     News     |     Press Releases     |     Newsletter Subscription     |     Tell A Friend

· How to Search   · Tips


 Solutions Catalog
 Products & Services
 The Market
 Application Mall
 Business Cases
 Solution Components
 Application Development
 System Design
 Resources & Links
 Professional Services
 Conferences & Events
 Reports & Presentations
 Templates & Aids
 Community Forum

Issue #2003 - 02 (January 2003)
(Updated Jan. 16, 2003)


RSA Security Offers Two-Factor Authentication Solution

RSA Security Enhances Security for Wireless LAN Environments- Organizations now able to protect access to their wireless LANs with market-leading RSA SecurID® two-factor authentication software

Bedford, MA, Monday, December 16, 2002 — RSA Security Inc. (Nasdaq: RSAS), the most trusted name in e-security®, today announced the availability of new functionality for the industry-leading RSA SecurID® two-factor authentication solution that enables enhanced protection in wireless local area network (WLAN) environments. Without the proper security measures in place, wireless connectivity will continue to be a major risk until more robust authentication protocols are adopted. Now, by securing WLANs with the proven solution for two-factor user authentication, organizations can realize the full benefits of WLANs – including cost reduction and productivity enhancement – while reducing the risk of exposing mission-critical data and resources to unauthorized access.

WLAN is viewed as a critical business tool for many organizations because the technology represents an ideal way to link users – of PCs, laptops, PDAs and other mobile devices – to the Internet and internal networks without hard-wired connections. However, with the enhanced mobility of wireless networks also comes serious security threats, because any confidential data that is flowing over these networks – including financial transactions, credit card numbers and proprietary company information – can be easily exposed or compromised if not properly secured. User authentication in a WLAN environment is typically done through the use of weak, static passwords that are particularly vulnerable to hacking. This prevents organizations from using their WLANs for critical business purposes, limiting their effectiveness. With the RSA SecurID solution, organizations can now replace weak passwords with strong, two-factor user authentication, protecting their WLANs environments for more strategic or sensitive applications.

RSA Security has been actively working with leading vendors – such as Funk Software (Odyssey and Steel-Belted Radius solutions) and Proxim (ORiNOCO solution) – who support the 802.1x standard to enable seamless integration between RSA SecurID two-factor user authentication and their WLAN solutions. This advancement allows their respective customers to take advantage of the functionality provided by RSA SecurID software to protect data, resources and business applications. Through the RSA Secured® Partner Program, RSA Security has worked with these vendors to test and certify their WLAN solutions, ensuring interoperability with RSA SecurID two-factor authentication. To ensure customer success, implementation guides are available to provide step-by-step instructions on deploying and configuring these popular WLAN solutions with RSA SecurID software. 

The IEEE 802.1x standard was proposed to solve authentication challenges in wireless LANs. While 802.1x currently provides a way to move beyond the shared secret approach, the standard does not address the serious problems resulting from a lack of access point and end user authentication – leading to the well publicized “man-in-the-middle” and session hijacking attacks. Written by Cisco, Microsoft and RSA Security and approved by the IETF standards board, the new protocol called the Protected Extensible Authentication Protocol (PEAP) standard addresses both of these concerns. It is designed to easily plug into products based on 802.1x to provide both strong user authentication and access point authentication. RSA Security is partnering with many of the key WLAN vendors to enable them to use this protocol, as well as other protocols such as EAP-TTLS, in a way that interoperates with RSA Security’s technologies and products, including RSA SecurID two-factor authentication. 

RSA SecurID two-factor authentication is designed to provide a fast, simple and highly reliable way to verify a user’s identity before granting access to a protected resource. Traditionally used to protect access to networks, Web pages, VPNs, and business applications in a wired environment, RSA SecurID functionality has now been extended to protect access to WLANs. With more than 13 million devices deployed, the RSA SecurID solution is the de facto standard in two-factor authentication. The solution uses patented, time-synchronous technology to provide two-factor user authentication by combining a token or smart card with a secret PIN. RSA Security offers its authenticators in multiple form factors including three hardware styles, software versions that run on PCs, PDAs and mobile phones, and various smart card options.

“Strong security is always the starting point for any wireless business environment, and by securing wireless LAN environments with RSA SecurID user authentication software leveraging new protocols like PEAP, wireless LAN vendors will be able to provide the products that allow businesses to extend a higher level of trust to their wireless business processes without inconveniencing corporate users or IT staff,” said Bill McQuaide, senior vice president of the Authentication division at RSA Security. “RSA Security and its strategic partners are committed to developing these secure technologies and implementing strong user authentication within WLAN infrastructures – a critical requirement for driving profitability and ensuring trust in today’s economy.”

For more information: http://www.rsa./com

MobileInfo Comments and Advisory: RSA has now fixed many of the problems that arose with original WEP access mechanism for wireless LANs that raised a huge hue and cry among security professionals. Rightly so, the industry has now realized the weaknesses of the original solution. More secure authentication is available from a number of vendors. Go to wireless LAn section of our product directory from the home page.

Note: This news release may contain forward-looking statements within the meaning of section 27A of the Securities Act of 1933 and section 21E of Securities Exchange act of 1934 in USA. Similar provisions exist in other countries. There is no assurance that the stipulated plans of vendors will be implemented. MobileInfo does not warrant the authenticity of the information. Readers should take appropriate caution in developing plans utilizing these products, services and technology architectures.  All trademarks used in this summary are the property of their respective owners.

NEWS Options:
> Recent Headlines
> Date
> Category
> Press Releases


     |     News     |     Press Releases     |     Newsletter Subscription     |     Tell A Friend

Copyright © 1999 - 2003.  All Rights Reserved. 
Reproduction of any material from the MobileInfo.com website or its newsletters without written permission is strictly prohibited.