contents

hardware
 
Meru Networks' Security Gateway for Government Wireless LANs

Meru Networks has introduced a security gateway appliance designed to meet the exacting demands of FIPS (Federal Information Processing Standard) 140-2 Level 3 security for U.S. and Canadian government agencies and other security-conscious organizations as they broadly adopt wireless LANs.

The Meru SG1000 Security Gateway has been formally recommended for validation at FIPS 140-2 Level 3, the highest security level thus far sought by any WLAN vendor. Unlike Level 2, which provides evidence of a breach only long after one has occurred and requires constant on-premises crypto-officer supervision, Level 3 provides physical tamper-proof security mechanisms, including a hard epoxy enclosure, as well as strong identity-based authentication.

Upon certification, Meru's enterprise customers will be able to ensure full FIPS 140-2 compliance of their wireless networks simply by adding an SG1000 to an existing deployment.

While most WLAN vendors implement FIPS security in their controller software, Meru's FIPS security resides in a distinct network appliance. This gives Meru customers the flexibility to upgrade their controller-based System Director software whenever a new version becomes available, so they can quickly gain access to new features and functionality without having to wait for revalidation of the controller.

Developed by the U. S. National Institute of Standards and Technology (NIST) and Canada's Communications Security Establishment (CSE), the FIPS 140-2 standard is an information technology security accreditation program that enables private-sector vendors to have their products validated for use by government departments and other industries that collect and disseminate sensitive but unclassified information. Currently in review by NIST, the SG1000 was recommended for validation under NIST procedures by InfoGard Laboratories, the premier independent, accredited IT security laboratory in the United States, and accredited by NIST as a Cryptographic Module testing laboratory.

The SG1000 supports AES (Advanced Encryption Standard) 128, 192 and 256 encryption, a secure management interface, tamper-proof labels, and the IEEE 802.1x standard for port-based network access control with EAPoL (Extensible Authentication Protocol over LAN). It meets Department of Defense Directive 8100.2 for the use of commercial wireless devices, services and technologies in the DoD Global Information Grid.



write your comments about the article :: 2009 Computing News :: home page