Latis rolls out wireless LAN protection

Latis Networks Inc. has introduced an 802.11 wireless LAN security gateway that enforces user authentication and continuously scans the wireless network to block computer worms and Web attacks.

Installed between wireless access points and wired LAN, the StillSecure Border Guard Wireless appliance controls wireless LAN access for users. It competes against similar wireless LAN gateways from Bluesocket Inc., Cranite Systems Inc. and ReefEdge Inc. But unlike these vendors, Latis focuses on providing intrusion detection and some content filtering for the 802.11 access points.

“It can filter out pornography and content based on keywords. It also lets you see the devices on the wireless network,” says Al Maxey, a network engineer for MDA Technologies, a contractor installing the Latis wireless LAN gateway at Potomac Hospital in Woodbridge, Va., which uses a mix of wireless LAN access points from Cisco Systems Inc., Linksys Group Inc. and SMC Networks Inc.

This network-discovery feature of the StillSecure Border Guard Wireless appliance is intended to flexibly meet demands for wireless access, says Mitchell Ashley, vice president of engineering and CIO at Latis. “By scanning the network to keep track of all the authorized access points and users, you can set a policy defined as either ‘no access’ or ‘Internet-only’ access,” he says.

The Internet-only control would let a visitor in a conference room, for example, gain access to the organization’s wireless LAN network, but prevent the visitor from accessing anything except the Internet. The gateway’s control also would let restrictions be placed on a subset of the LAN.

The Latis intrusion-detection engine for the wireless LAN gateway can check for about 1,800 signature-based attacks, such as Nimda or Bugbear worms, but it’s not a substitute for running antivirus software, Ashley acknowledged. The StillSecure Border Guard Wireless product, which costs US$10,000, also can be purchased as software to be installed on any Intel Corp.-based platform. It comes with a Web-based management console for administration of the wireless security policy to multiple StillSecure Border Guard gateways.