NEWS

WIRES

OTHER

Airespace Hardens Perimeter Security for Wireless LANS

Partnerships With InfoExpress and the Zone Labs Division of Check Point Deliver New Integrated WLAN Security Features

Airespace, Inc.®, today announced the expansion of its award winning Wireless LAN (WLAN) System to include new Network Access Control security features that protect all aspects of wireless networking, from client to core. Through partnerships with both InfoExpress and Zone Labs®, a Check Point® company , Airespace has extended its best-in-class wireless security capabilities to include client integrity checking and application-based Network Access Control (NAC). The Airespace WLAN System is a market leader in WLAN security with support for -- and innovation to -- the recently ratified IEEE 802.11i specification (see today's release, "Airespace Accelerate 802.11i for Real-Time Applications"), in addition to other common authentication and encryption standards.

The Airespace Wireless Enterprise Platform provides the most complete solution for the detection and protection against RF-related attacks, including the recently publicized Denial of Service attack discovered by the Australian Computer Emergency Response Team (AusCERT). These features build upon Airespace's already robust Wireless Protection System (WPS) to deliver a complete arsenal for the prevention of unauthorized wireless activity and the protection of business critical applications running over an enterprise wireless network.

Bullet-Proofing the Edge of WLANs

WLAN security demands proactive monitoring of wireless clients, including real-time Network Access Control to eliminate security threats and to clamp down on undesirable wireless user activity. Airespace enhances these capabilities with InfoExpress' CyberGatekeeper product and Integrity from Check Point's Zone Labs division. Airespace is working with these partners to integrate this functionality into the Airespace Wireless Enterprise Platform via a robust set of Application Programming Interfaces (APIs). This integration ensures that only wireless users running up-to-date security software (such as current anti-virus software, latest OS security patches, personal firewalls, VPNs, etc.) are allowed to access the wireless network. Client devices that violate IT security policies, or are detected with a security threat while attempting to authenticate to the WLAN (e.g., an email-borne attack, virus, Trojan, web browser vulnerability, or unsanctioned application) can be "quarantined" until appropriate remediation can take place.

"Airespace developed a rich set of APIs to ensure easy interaction with complementary, state-of-the-art software applications," said Alan Cohen, vice president of marketing at Airespace. "In the case of WLAN security, these APIs have created a unique strategic advantage for Airespace, enabling us to provide network access control regardless of the authentication method used by the wireless client. Unlike other WLAN systems that are tied to a single authentication method, such as 802.1X, Airespace can seamlessly be integrated into any enterprise environment."

"Integrity protects wireless networks at the most vulnerable point -- the client machine," said Paul Weinstein, vice president of strategic alliances at Check Point's Zone Labs division. "By working with Airespace, we are able to extend WLAN security from the core of the wireless network all the way out to the very edge, managing all layers of WLAN security so that IT staff can deploy business applications over wireless networks."

"CyberGatekeeper quarantines non-compliant endpoints before they connect to the network," said Todd Nakano, EVP of sales and marketing at InfoExpress. "By teaming with Airespace, InfoExpress extends network integrity to wireless environments to stop harmful endpoints in their tracks, remediate misconfigured systems, and provide seamless access for systems that are policy compliant."

Doveryay, No Proveryay (Trust But Verify)

In addition to client security threats, the Airespace WLAN System can detect a multitude of intrusion detection events that are specific to wireless networking and take proactive measure to prevent them from harming network security. Some of the attacks detected by Airespace include FAKE AP, Rogue Access Points, ad-hoc networks, Man in the Middle (MiM), AP impersonation, Netstumbler, Wellenreiter, Airjack, Honeypot AP, and asleap. Most recently, Airespace also delivered support for the Denial of Service (DoS) attack publicized by the Australian Computer Emergency Response Team (AusCERT). With its unique real-time RF management capabilities, Airespace is the only WLAN system that can dynamically detect the AusCERT attack and automatically move all nearby APs to a safe channel to ensure that WLAN performance remains unaffected.

Other features that distinguish Airespace's security capabilities from alternative WLAN infrastructure solutions include:

--  The only WLAN System that can provides real-time monitoring for
    security threats in conjunction with simultaneous traffic delivery -- no
    separate air monitors or overlay equipment are required.  This enables
    enterprises to keep hardware costs to a minimum while ensuring 100% network
    coverage -- i.e. avoiding "hidden nodes" that cannot be detected by overlay
    devices that are responsible for protecting multiple APs simultaneously.
--  Complete rogue security, covering everything from rogue AP (and ad-
    hoc) detection, accurate device location, containment of numerous devices
    simultaneously, and detailed trend reporting.
--  Support for up to 16 distinct SSIDs per AP, each with its own security
    policy.  Airespace supports various standard security protocols, including
    WEP, WPA, 802.1X, Web Authentication, and IPsec.
--  Support for the recently ratified 802.11i standard (also known as
    WPA2) specification, including extensions to support Proactive Key Caching
    (for more information, see today's accompanying release entitled,
    "Airespace Accelerates 802.11i for Real-Time Applications").  No hardware
    upgrades are required to enable this new protocol in an Airespace wireless
    network.
--  Follow Me VPNs -- Airespace supports mobile IPsec and L2TP sessions
    that follow users as they roam.
--  The only next generation WLAN system to complete FIPS 140-2 level 2
    certification, a security requirement for deployment in U.S. and Canadian
    government installations.
    

"Wireless enterprises require an end-to-end security solution that is tightly integrated with applications and the network infrastructure being used to support them," said David Willis, Vice President Technology Research Services at Meta Group. "Airespace is helping to address this requirement through solid technology partnerships, industry standards, and a solid understanding of RF technology."

About Airespace, Inc.

Airespace designs and develops intelligent wireless networking platforms that support business-critical applications. The company has set the standard for enterprise Wireless LANs, having earned CMP LLC's "Best of Interop Award," Network Computing's "Editor's Choice Award" and "Well Connected Product of the Year," Network World's "World Class Award" and "Best of the Test Award," IDG's Network Award 2004, Internet Telephony's "Product of the Year," eWeek's "Annual Excellence Award," and nomination as one of the "Best Wireless Products of 2003" in InfoWorld's "Reader's Choice" Awards. With dynamic RF management, air-tight security, seamless mobility, and support for real-time applications such as voice, Airespace helps enterprises implement secure and manageable Wireless LAN networks worldwide.

For more information on Airespace and its products, visit www.airespace.com or call (+1) 408-635-2000.

Airespace is a registered trademark of Airespace, Inc.

Product or service names mentioned herein are the trademarks of their respective owners.

About InfoExpress

InfoExpress is a leader in network integrity enforcement solutions. The company's CyberGatekeeper product family uses the network edge to enforce configurations, quarantine Trojans and worms, and block unauthorized endpoints. The privately held company is headquartered in Mountain View, CA. For more information, visit www.infoexpress.com.

About Check Point Software

Check Point Software Technologies www.checkpoint.com)"> is the worldwide leader in securing the Internet. It is the confirmed market leader of both the worldwide VPN and firewall markets. Through its Next Generation product line, the company delivers a broad range of intelligent Perimeter, Internal and Web security solutions that protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company's Zone Labs www.zonelabs.com)"> division is one of the most trusted brands in Internet security, creating award-winning endpoint security solutions that protect millions of PCs from hackers, spyware and data theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from over 350 leading companies. Check Point solutions are sold, integrated and serviced by a network of more than 2,300 Check Point partners in 92 countries.

Editor's Notes: © 2004 Zone Labs. IMsecure, TrueVector, ZoneAlarm and Zone Labs are registered trademarks of Zone Labs. The Zone Labs logo, Zone Labs Integrity and Cooperative Enforcement are trademarks of Zone Labs L.L.C. Zone Labs Integrity protected under U.S. Patent No. 5,987,611. Reg. U.S. Pat. & TM Off. Check Point is a trademark of Check Point Software Technologies Ltd. All other trademarks are the property of their respective owners. v.07.18.03

©2004 Check Point Software Technologies Ltd. Check Point, Application Intelligence, Check Point Express, the Check Point logo, ClusterXL, ConnectControl, Connectra, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FireWall-1 XL, FloodGate-1, INSPECT, INSPECT XL, InterSpect, IQ Engine, Open Security Extension, OPSEC, Provider-1, Safe@Office, SecureKnowledge, SecurePlatform, SecureXL, SiteManager-1, SmartCenter, SmartCenter Pro, SmartDashboard, SmartDefense, SmartLSM, SmartMap, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SSL Network Extender, UAM, User-to-Address Mapping, UserAuthority, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 VSX, Web Intelligence, TrueVector, ZoneAlarm, Zone Alarm Pro, Zone Labs, the Zone Labs logo, AlertAdvisor, Cooperative Enforcement, IMsecure, Policy Lifecycle Management, Zone Labs Integrity and Smarter Security are trade marks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726 and 6,496,935 and may be protected by other U.S. Patents, foreign patents, or pending applications.