has introduced a security gateway appliance designed to meet the exacting demands of FIPS (Federal Information Processing Standard)
140-2 Level 3 security for U.S. and Canadian government agencies and other security-conscious organizations as they broadly adopt wireless LANs.
The Meru SG1000 Security Gateway has been formally recommended for validation at FIPS 140-2 Level 3, the highest security level thus far sought by any WLAN vendor. Unlike Level 2, which provides evidence of a breach only long after one has occurred and requires constant on-premises crypto-officer supervision, Level 3 provides physical tamper-proof security mechanisms, including a hard epoxy enclosure, as well as strong identity-based authentication.
Upon certification, Meru's enterprise customers will be able to ensure full FIPS 140-2 compliance of their wireless networks simply by adding an SG1000 to an existing deployment.
While most WLAN vendors implement FIPS security in their controller software, Meru's FIPS security resides in a distinct network appliance. This gives Meru customers the flexibility to upgrade their controller-based System Director software whenever a new version becomes available, so they can quickly gain access to new features and functionality without having to wait for revalidation of the controller.
"As wireless becomes an increasingly important component of federal, defense and other government networks, users at these agencies need the same assurances of security that they have in their wired networks," said Sivaram Nayudu, Meru product line director. "The SG1000 will give federal customers these assurances while allowing them to take advantage of Meru's advanced virtualized wireless LAN architecture, which optimizes RF resources for efficient utilization and reliability, and offers the industry's easiest deployment and management."
Developed by the U. S. National Institute of Standards and Technology (NIST) and Canada's Communications Security Establishment (CSE), the FIPS 140-2 standard is an information technology security accreditation program that enables private-sector vendors to have their products validated for use by government departments and other industries that collect and disseminate sensitive but unclassified information. Currently in review by NIST, the SG1000 was recommended for validation under NIST procedures by InfoGard Laboratories, the premier independent, accredited IT security laboratory in the United States, and accredited by NIST as a Cryptographic Module testing laboratory.
The SG1000 supports AES (Advanced Encryption Standard) 128, 192 and 256 encryption, a secure management interface, tamper-proof labels, and the IEEE 802.1x standard for port-based network access control with EAPoL (Extensible Authentication Protocol over LAN). It meets Department of Defense Directive 8100.2 for the use of commercial wireless devices, services and technologies in the DoD Global Information Grid.
The Meru SG1000 Security Gateway, available immediately, is priced starting at $19,000. Because it resides behind the wireless LAN, one SG1000 typically can support a large network with multiple controllers.
In Meru's virtualized WLAN architecture, a single channel is selected for use by all access points, creating an enterprise-wide "virtual cell," and a dedicated "virtual port" is assigned to each client device. This allows an optimization of RF resources that raises WLAN performance and reliability to wireline levels while reducing the cost of wireless to a fraction of its wired equivalent. In contrast, legacy WLAN systems use a "micro cell" approach, which assigns different radio channels to adjacent APs, requires precise and time-consuming channel planning and AP power adjustments and limiting future expansion.
Meru provides comprehensive security across all four major areas subject to active wireless threats: perimeter defense, connection defense, network defense and remote threat defense. In addition to the FIPS 140-2 Level 3 security announced today, Meru security incorporates online and wireless rogue detection and prevention; AirFirewall technology that eliminates rogue APs and "evil twin" attackers; policy enforcement based on user identity, location and/or application use; policy enforcement on peer-to-peer applications such as voice over wireless phones; comprehensive security for traffic-intensive applications such as voice and video; and secure remote access points which extend security policies and network access to telecommuters at home and employees in hotels.
Founded in 2002, Meru Networks develops and markets wireless LAN infrastructure solutions that use virtualization to deliver pervasive, high-fidelity wireless service for business-critical voice, video and data applications. The company first introduced its award-winning virtual cell wireless architecture in 2003, and Meru products embody a complete departure from typical hub-based WLAN approaches, offering a wireless solution with levels of performance, reliability, security and cost-effectiveness previously found only in wired networking environments. Meru's solutions have been adopted in all major industry vertical markets, including Fortune 500 enterprises, healthcare, education, retail, manufacturing, hospitality and government. Meru is headquartered in Sunnyvale, Calif., and has operations in the Americas, Europe, the Middle East and Asia Pacific.