Click here to return to PROSOFT's Homepage!Click here to return to PROSOFT's Homepage!
Secure Wireless
PROSOFT designed, developed, implemented, installed, administers and maintains a very secure Sensitive but Unclassified Wireless LAN for our United States Joint Forces Command (USJFCOM) Joint Experimentation Directorate (J9) customer. PROSOFT built J9's WLAN with a Defense-In-Depth strategy: five layers of security to protect information that travels over J9's wireless and wired networks. PROSOFT WLAN team evaluated several Commercial-Off-The-Shelf (COTS) products for securing its WLAN. Those technologies make up five layers of protection:
  • Layer One: Separation. The wireless network is kept completely isolated from the wired network through a series of separate Cisco Catalyst 3550 Power-over-Ethernet switches connected to Cisco Aironet 1200 access points.
  • Layer Two: Encryption. PROSOFT/J9 network uses Layer 2 encryption gateways from Fortress Technologies Inc. of Oldsmar, Fla., to protect data links and mitigate the risks of broadcasting information. When it started out with WiFi, J9 found its IPSec virtual private network was broadcasting too much unencrypted data, including IP addresses, NetBIOS traffic, domain names and more. Thus the added encryption.
  • Layer Three: Authentication. Access to the wired infrastructure is controlled by wireless gateways from Bluesocket Inc. of Burlington, Mass. The Bluesocket WG-2100 gateways handle authentication and role-based access control.
  • Layer Four: Intrusion detection. PROSOFT has employed several wireless intrusion detection sensors from AirDefense. The WID sensors monitor airwaves for attacks or rogue access points. The upcoming DOD wireless policy, which J9 and PROSOFT was consulted on, is expected to require WIDS for WLAN deployments.
  • Layer Five: Security management. PROSOFT recently implemented wireless management software from AirWave Wireless Inc. of San Mateo, Calif., to further enhance security by automating configuration management, monitoring access points and client statistics, among other things.

Today, PROSOFT's WLAN supports more than 400 J9 users in three buildings. Roughly 270 of those users have adopted tablet PCs as their sole computing platform. The new model, allows users to be more productive because they can access the network from anywhere. Our WLAN has been a money-saver to USJFCOM's J9 Directorate, despite the multiple layers of technology involved. Through our WLAN development and implementation we helped the J9 directorate save 50 percent over the cost of running wires to every desktop. J9's new Bridgeway building is 100 percent wireless, and should J9 ever leave the building, the WLAN can go with it. With the secure WLAN in place, J9 has been able to use the technology in other ways. J9's new Foundry facility is a small-lab environment that supports multiple projects. PROSOFT has set up the Foundry's WLAN infrastructure so it can be dynamically partitioned into multiple small, medium or large networks that support 70 or more users, depending on need. PROSOFT also launched the secure voice-over-WLAN system for intra- and inter-building communications. Our voice-over-WLAN system currently supports about 45 users, and we are currently expanding it to the 75-person maximum allowed by its licensing agreement.

Back to top

 
PROSOFT
780 Lynnhaven Parkway : Suite 350 : Virginia Beach, VA 23452 : Office: (757) 431-2400 : Fax: (757) 463-1071
Email: info@prosoft.us.com
© 2006 Professional Software Engineering, Inc. (PROSOFT) ALL RIGHTS RESERVED
Click here to view PROSOFT's ISO Certificate!