SUNNYVALE, Calif.--(BUSINESS WIRE)--Meru Networks has introduced a security gateway appliance designed to meet the exacting demands of FIPS (Federal Information Processing Standard) 140-2 Level 3 security for U.S. and Canadian government agencies and other security-conscious organizations as they broadly adopt wireless LANs.
The Meru SG1000 Security Gateway has been formally recommended for validation at FIPS 140-2 Level 3, the highest security level thus far sought by any WLAN vendor. Unlike Level 2, which provides evidence of a breach only long after one has occurred and requires constant on-premises crypto-officer supervision, Level 3 provides physical tamper-proof security mechanisms, including a hard epoxy enclosure, as well as strong identity-based authentication.
Upon certification, Meru's enterprise customers will be able to ensure full FIPS 140-2 compliance of their wireless networks simply by adding an SG1000 to an existing deployment.
While most WLAN vendors implement FIPS security in their controller software, Meru's FIPS security resides in a distinct network appliance. This gives Meru customers the flexibility to upgrade their controller-based System Director software whenever a new version becomes available, so they can quickly gain access to new features and functionality without having to wait for revalidation of the controller.
"As wireless becomes an increasingly important component of federal, defense and other government networks, users at these agencies need the same assurances of security that they have in their wired networks," said Sivaram Nayudu, Meru product line director. "The SG1000 will give federal customers these assurances while allowing them to take advantage of Meru's advanced virtualized wireless LAN architecture, which optimizes RF resources for efficient utilization and reliability, and offers the industry's easiest deployment and management."
Developed by the U. S. National Institute of Standards and Technology (NIST) and Canada's Communications Security Establishment (CSE), the FIPS 140-2 standard is an information technology security accreditation program that enables private-sector vendors to have their products validated for use by government departments and other industries that collect and disseminate sensitive but unclassified information. Currently in review by NIST, the SG1000 was recommended for validation under NIST procedures by InfoGard Laboratories, the premier independent, accredited IT security laboratory in the United States, and accredited by NIST as a Cryptographic Module testing laboratory.
The SG1000 supports AES (Advanced Encryption Standard) 128, 192 and 256 encryption, a secure management interface, tamper-proof labels, and the IEEE 802.1x standard for port-based network access control with EAPoL (Extensible Authentication Protocol over LAN). It meets Department of Defense Directive 8100.2 for the use of commercial wireless devices, services and technologies in the DoD Global Information Grid.
Pricing and Availability
The Meru SG1000 Security Gateway, available immediately, is priced starting at $19,000. Because it resides behind the wireless LAN, one SG1000 typically can support a large network with multiple controllers.