Much Ado About Where 2.0 - LBACBy CWNP On 06/24/2009 - 16 Comments
Dang it's nice to be right every once in while. If you didn't read my 1.0 version (dated 10-NOV-08) . I'm referring to that last paragraph about RTLS being the end-game. I believed it then, and I believe it now. Let's talk about what's changed since my 1.0 post. This time... Trapeze brought a gun to a knife fight. They came up with the coolest new authentication technology since PPSK/DPSK. It's generically called Location Based Access Control (LBAC). It's the first cousin of, and best friend to Role Based Access Control (RBAC). RBAC rocks, but with RBAC/LBAC, it's a whole new ballgame. Welcome to the big leagues folks.
You can read the 1.0 post here.
Everyone has been busy trying to get their RTLS to work, to be more accurate, and to be more user-friendly. Trapeze has, with the acquisition of Newbury Networks, engineered a new system (the LA-200E) that has remarkable precision. They certainly didn't stop there, but took it a step further by weaving this amazing location technology into their authentication mechanisms. No longer is your ID good enough. Now, you must be in an authorized location in order to access the wireless network. With an initial and occassional (in the event of a major network or physical environment changes) calibrations, their system has pinpoint accuracy. You can draw lines on a floor plan specifying authorized use locations, and voila, users are "virtually" boxed in. With the marriage of RTLS and authentication, a new era where wireless is more secure than wired has begun. This day should be remembered. :-)
Trapeze was just issued United States Patent 7,551,574 for their RF Firewall, which is their marketing feature name for LBAC. In a nutshell, this means they own it, and it sucks to be anyone else...especially those who are also working on developing this same technology. If this doesn't put Trapeze squarely in Gartner's 2009 "visionary" quadrant, somebody must be asleep at the wheel at Gartner. :-)
A very cool thing here is that you can throw all kinds of attacks at the system - even a stolen username/password pair - and if you're not in a place where that authorized user should be while using the Wi-Fi system, too bad, so sad, no access for you. Dang that's cool. My gut says that the military will be all over this new technology.
I love game-changing technology, and Trapeze's RF Firewall certainly qualifies. We'll be putting it to the test soon. They're sending us their newest gear to see if it'll withstand the BatCave's finest putting it through its paces. Nice work guys.