Re: Does "Military Grade Security" exist for WLANS

flugel_1 · ‎03-26-2002

After reading about all the vulnarabilities of WLANS I am unsure if any are good enough. The latest is dynamic WEP, Temporal key integrity protocol, and Message integrity check. Are any of these good enough to use in a military application. Is EAP good enough.

pelford · ‎03-29-2002

This depands on what cyrptographic standards are required by the military application. For most highly classified applications the military requires its own non-commercial "type-1" cryptography to be used. There are specialist companies looking at integrating this technology into WLANs - contact your Cisco rep for details. For less highly classified material, most military applications require the use of an "approved" encryption algorthim. In Australia and the US, RC4 (the basis for WEP) is not approved for military use. The solution is to use IPSec, which uses DES, an approved algorithm, on top of WLANs ro provide the necessary confidentiality, authenticty and integrity. Typical deployment sceanrios include IOS/IPSec on routers for point-to-point links and the VPN3000 for client to base-station links.

flugel_1 · ‎04-01-2002

How do the new encryption methods MIC, TKIP and EAP compare? Are these methods enough for military contractors that need security but do not qualify for Type 1 encryption?

tschmitz · ‎04-08-2002

Any moment now, all DoD WLAN deployments will require 3DES. You need to get a copy of the DoD Directive Overarching Wireless Policy working draft V4.2b dated 4/1/02. This explains it all. We are looking at the Cisco 3000 series VPN and the Fortress Technologies solutions.