Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Wi-Fi security still faces standards war

Microsoft and Cisco are falling out.

Article comments

Even if the 802.11i security extension to the 802.11 wireless set of standards turns out well this year, there are other simmering WLAN security issues that show no signs of cooling down.

Over a year ago Cisco and Microsoft teamed up on a client/server-based authentication protocol called PEAP. The goal was to include PEAP in WLAN gear as well as client software, authentication servers and online directories where an end-to-end authentication protocol was needed to approve user access to a WLAN. Microsoft and Cisco submitted the work done on PEAP to the Internet Engineering Task Force, hoping it would become a standard.

However, Cisco and Microsoft are now sharply split on what PEAP is supposed to be, with each supporting separate versions but confusing customers by still calling their own implementations PEAP.

"There are two flavours since Cisco and Microsoft PEAP haven't come together," says Kevin Walsh, director of product management at Funk Software, which has endeavoured to support multiple WLAN security methods in its client/server authentication products. "The Cisco [PEAP] client can't be authenticated by the Microsoft server and vice versa."

"PEAP: when it first came out, everyone said 'This is it!'" Cisco's Bollinger says. "PEAP was defined in a fairly flexible way. It works much like your browser when you go to a Web page. PEAP uses Secure Sockets Layer under the covers, and you can encrypt from the client to the server and then authenticate."

But the flexibility in the model allowed for variants that have split Cisco and Microsoft. Microsoft has supported its version of PEAP in Windows XP, Windows 2003 and Active Directory in a way that Cisco terms a "lock-in."

"It works great for Active Directory and NT domains, but doesn't work with [Lightweight Directory Access Protocol], Novell Directory, SecurID or one-time passwords," Bollinger says. "It works great for Microsoft databases and nothing else."

Cisco's version is broader, according to Bollinger. With its Microsoft alliance foundering, Cisco has turned to Funk, Intel, MeetingHouse Communications and others to ensure its version of PEAP is supported in client software. Cisco also still supports an older proprietary protocol, Lightweight Extensible Authentication Protocol, specific to its own WAP and authentication server.

Microsoft declined to provide a spokesman on the issue of PEAP, but did answer questions via e-mail.

"Both companies support PEAP, but each with different methods of authentication," Microsoft wrote. "In comparing Microsoft's version and Cisco's version, we believe our implementation offers several important advantages." Among these would be a feature Microsoft calls "fast reconnect", supposedly a speedier method of authentication.

Microsoft's e-mail also said: "The Cisco approach is not an open standard and is available only from Cisco partners, potentially limiting future network infrastructure choices and potentially leading to higher long-term deployment costs."

Meanwhile, both versions of PEAP languish in the IETF without making any progress as a common standard.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *