By CWNP On 03/12/2010 - 21 Comments

Way back in the days before 802.11i, Wi-Fi security was immature. WEP was the best the industry had to offer and WLAN education was in its infancy. Features like SSID hiding and MAC filtering became popular, and Wi-Fi inherited a reputation like the nervous kid in high school: insecure. As we all know, Wi-Fi uses a shared and openly accessible medium, so it has some inherent security needs, but thankfully there are more than adequate answers to the problem. In fact, many WLANs are more secure than wired LANs due to the extra diligence taken to protect them. No less, Wi-Fi security is always a hot topic and it will continue to be a hot topic… for-ever, for-ever… (ever seen The Sandlot?).

Since security is a big ticket consideration for any network, it is no surprise that security-focused companies are jumping into the game. Case in point, Aerohive’s current management team is largely a who’s who from Netscreen, which was a firewall company sold to Juniper in 2004 (I believe). Anyway, since hyper-awareness to security sells things like dedicated WIPS solutions, it should come as no surprise that Fortinet is jumping into the Wi-Fi game as well. Yep, that’s right… Fortinet. They’ve announced new FortiAP controller-based APs that will be managed by existing FortiGate firewall appliances. Since the FortiGate appliances are already deployed in production networks, Fortinet is providing software upgrades to turn them into multi-purpose firewalls/WLAN controllers.

No less, the big sell is that Wi-Fi is insecure. For that reason, they will say, you should push all wireless data through a firewall and perform top-to-bottom inspection. This looks a bit like Aruba’s heavy filtering approach, no? Of course, they should have a jump start on the security piece of the puzzle, as this is their specialty. I know processor, memory, and purpose-built ASIC capabilities are pretty stout these days, but I’m still eager to see their real-world throughput numbers when they’re pushing all data through thorough inspection like this. It makes me think of a cavity search team at an airport. If everyone is getting thorough inspection, traffic will slow up some, right?

As for the APs, they’re starting off simple with 2 models, the 210 and 220. They’re both 2x2:2. The 210 is single radio, dual band and the 220 is dual radio, dual band. I presume that the highly security conscious customers—Fortinet’s target audience—will opt for the 220 to include dedicated WIPS scanning with the second radio. I’m sure everyone’s excited by now, but you’ll have to wait until Q3 for product shipment. In the meantime, it’s good to know what’s in the hopper. Welcome to Wi-Fi, Fortinet.

Fortinet's Press Release

Tagged with: aruba, Aerohive, fortigate, firewall, Fortinet

Blog Disclaimer: The opinions expressed within these blog posts are solely the author’s and do not reflect the opinions and beliefs of the Certitrek, CWNP or its affiliates.

0 Responses to Wi-Forti-Fi

Subscribe by Email
There are no comments yet.
<< prev - comments page 1 of 1 - next >>

Leave a Reply

Please login or sign-up to add your comment.
Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.

Read More

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.

Read More

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.

Read More