Colubris beefs up the security of WLANs

Enterprises experiencing sensitivity to security concerns may want to take a look at the new capabilities Colubris Networks Inc. recently added to its line of wireless LAN routers, says one analyst.

The Laval, Que.-based company added IPSec and L2TP support to its CN1050 wireless LAN routers last month, in order to address the security concerns with the implementation of 802.11b wireless LANs.

Colubris President Pierre Trudeau explained that IPSec, which stands for Internet protocol security, along with L2TP – Layer 2 tunnelling protocol – offer more secure encryption and authentication capabilities.

“We are saying that you have a more secure solution available today by combining virtual private network (VPN) technology along with wireless LAN technology,” Trudeau said. “By supporting IPSec and L2TP, we offer more robust security; the type of security that large enterprise have started to standardize over the last three years.”

The addition of the two protocols into Colubris’s CN1050 range of wireless LAN routers enables the extension of protection of VPN to wireless traffic. IPSec and L2TP keep wireless traffic blocked until an authenticated, encrypted VPN tunnel is established with the Colubris wireless LAN router, the company says.

“It is easy to get access inside the PC,” Trudeau said. “With notebooks that have 20GB hard drives, people tend to keep a lot of confidential information on them. Your PC has a vetted VPN tunnel so you can access the servers and information. If I come in and hack into your PC, there is nothing preventing me from then adding traffic inside the VPN tunnel and viewing the rest of the network the same way your PC does. Adding the VPN server behind the access point and having the access point not knowledgeable about the establishment of that VPN connection leaves you totally exposed.”

He added that because Colubris has the VPN code inside the wireless LAN equipment, enterprises can make certain that any traffic outside of the VPN is blocked.

According to Gemma Paulo, industry analyst with Scottsdale, Ariz.-based research firm Cahners In-Stat, access points without integrated VPN capabilities are seen as creating a security gap.

“Anyone with an 802.11b PC card in their laptop who is within the transmission range of the access point can connect to that access point and hop onto the wireless network,” Paulo said. “The unauthenticated user cannot easily penetrate a corporate backbone secured by a firewall and VPN, but can gain access to the data traversing unsecured access points.”

Paulo refers to Colubris as a speciality vendor in the wireless LAN market on account of its security features. She adds that most vendors would not build as much functionality into the access point – consequently cutting costs – and would then place the 802.11 access point behind the corporate firewall, requiring wireless clients to authenticate to the VPN or firewall using third-party software.

“There is overall much more functionality built into Colubris’s access points,” she said.

The IPSec and L2TP integrated wireless LAN routers are priced at US$1,495 and will ship at the end of this month. Look for Colubris on the Web at