Cyber Security Institute

Wednesday, April 20, 2005

Microsoft, VeriSign Team on Wi-Fi Security Architecture

Citing the increased risk posed by mobile workers and wireless networking technology, Microsoft Corp. and VeriSign Inc. said that they are teaming up to help organizations secure Wi-Fi networks.

The two companies will collaborate to create a Wi-Fi security architecture based on Microsoft’s NAP (Network Access Protection) and VeriSign’s Unified Authentication platforms.

The new architecture will help system administrators crack down on Wi-Fi-enabled computers that do not adhere to corporate security policies and facilitate use of multifactor authentication for accessing Wi-Fi networks, according to a statement.

“Evil Twin” and other wireless spoofing attacks provide a rich set of tools for identity thieves and corporate espionage agents.

Microsoft’s NAP combines client/server technology with a new set of policy validation and enforcement APIs that allow administrators to quarantine client machines if they fail basic “health” tests, such as having up-to-date anti-virus definitions or operating system patches.

VeriSign Unified Authentication is a technology platform for deploying and provisioning multifactor authentication technology such as smart cards, secure USB (Universal Serial Bus) tokens and one-time passwords.

VeriSign said it will work with Microsoft so that networks using VeriSign Unified Authentication can issue health certificates to Windows desktop clients so that they can access NAP-protected networks, the companies said.  VeriSign will also integrate its Unified Authentication platform with Microsoft’s Active Directory user directory technology and Internet Authentication Servers.

Better integration will make management of user and device authentication credentials for Windows clients easier on Wi-Fi networks, the companies said.

http://www.eweek.com/article2/0,1759,1788375,00.asp?kc=EWRSS03119TX1K0000594