To strengthen known weaknesses in the Wired Equivalent Privacy (WEP) protocol used in the 802.11b wireless network standard, Fortress Technologies has released a new Layer 2 protocol called Wireless Link Layer Security (wLLS). The new protocol provides secure frame and packet transmissions by automating critical security operations, including encryption, authentication, data integrity-checking, key exchange, and data compression. Fortress based wLLS on techniques it uses in its patented Secure Packet Shield (SPS) technology.
WEP provides basic security mechanisms to help protect data as it travels across the radio waves. The protocol also provides authentication to help prevent unauthorized access to the network from rogue wireless devices. In February 2001, we reported that scientists at the University of California, Berkeley, released a report detailing several security problems in the WEP protocol. In April 2001, we also reported that researchers at the University of Maryland's Department of Computer Science had discovered three more security risks in the protocol. Fortress' new wLLS protocol resolves all of the WEP-related vulnerability issues reported to date and could help prevent similar risks in the future.
In March 2001, Microsoft announced that Windows XP will support the new 802.1x wireless network standard (see our report Windows XP to Support 802.1x Wireless Network Standard, Windows IT Security News, March 27, 2001). The 802.1x standard defines port-based network access control for wireless networks. John Dow, vice president of marketing and corporate development for Fortress Technologies, said that wLLS complements 802.1x and that Fortress intends to work with Microsoft to ensure seamless integration of the two technologies. "We are excited to introduce our solution to wireless equipment providers and, based on initial feedback, we are confident that they recognize the immediate benefit wLLS would offer their customers." Fortress will license the wLLS protocol to wireless LAN equipment makers.