Review: Wireless security without the pain
- By Patrick Marshall
- Nov 20, 2005
The best burglar alarm system in the world is no protection if the homeowner can't figure out how to turn it on. Bluesocket clearly knows this. With its BlueSecure line of wireless gateways, the company has emphasized simplicity of setup and configuration.
Make no mistake, BlueSecure Controllers offer a powerful set of tools to secure your wireless network while providing protected access to your wired systems. And some of the tools require expertise to implement. But basic configurations are surprisingly simple to get up and running.
To achieve connectivity, all we had to do was set up appropriate IP addresses with the BSC 400's easy-to-use Web interface. Unfortunately, when we tried to access the gateway across a Juniper Networks Netscreen router on our protected network, the Web interface was extremely slow. However, when we made a direct connection, access was quite snappy.
The BSC 400 supports as many as 50 concurrent users and offers encrypted throughput of 50 megabits/sec. The BlueSecure line scales up to the BSC 5000, which supports as many as 1,000 concurrent users and offers a throughput of 1 gigabit/sec.
In the simplest deployments, BlueSecure Controllers sit between the wireless access points and wired network, protecting the latter primarily through Network Address Translation and the former through the use of wired local-area network security standards, such as Wi-Fi Protected Access.
The BSC 400 offers a single serial port on the front of the unit for command-line console connections and five Ethernet ports -- one for connecting to the wired network and four for connecting to wireless access points.
Beyond bare-bones security, BlueSecure Controllers offer tools for delivering strong role-based access control. Using the Web interface, administrators can define which destinations and services are available to given users or groups of users. For example, they might allow a specified group of users access only to the e-mail server on the wired network, while allowing another group access to file servers and print servers, too. In addition, they can specify which services -- such as HTTP, FTP and Post Office Protocol Version 3 -- individuals and groups can use. They can even dole out variable bandwidth to user groups.
Bluesocket offers broad support for digital certificates and user authentication, including user names and passwords. The system works with Remote Authentication Dial-In User Service, Lightweight Directory Access Protocol and Microsoft's Active Directory, or administrators can set up local user databases on the BlueSecure Controller.
What's more, Bluesocket has packed the BlueSecure Controllers with tools to secure communications. For starters, the devices support IPSec, Point-to-Point Tunneling Protocol and Layer 2 Tunneling Protocol/IPSec virtual private network tunnels. And just as good firewalls do, BlueSecure Controllers monitor network traffic for suspicious activity in real time.
Pricing for the BSC 400 starts at $2,500.
The bottom line: Bluesocket's BlueSecure Controllers pack powerful features into a package that's easy to launch and manage. We are impressed.
Patrick Marshall is a freelance technology writer for GCN.