News Stay informed about the latest enterprise technology news and product updates.

Wireless LAN security: SonicWall joins crowded WLAN market

With very little fanfare, network security vendor SonicWall has entered a very crowded wireless LAN market with firewall controlled access points that give wireless LAN security a new twist.

With very little fanfare, SonicWall, a vendor best known for its network security products, has entered the very crowded wireless LAN market.

SonicWall is touting wireless LAN security and policy management along with simplified management as the chief value propositions for the product line.

The company has been in the wireless market for several years, according to Patrick Sweeney, SonicWall's vice president of network security. In years past, it has integrated an access point into its low-end firewall gateway devices, providing wireless LAN access to enterprise branches and small offices.

But in the last year, the company has introduced its own line of wireless LAN access points, known as SonicPoints, taking a unique "controller-less" approach to WLAN. Instead of building a separate wireless access point controller to manage the access points centrally, the company has integrated the controller function into its high-end Unified Threat Management (UTM) firewalls.

"Our view is that there are different types of connectivity, whether it be wireless or wired or WAN-side connectivity or LAN connectivity," Sweeney said. "The more natural way to build infrastructure is to assign to each port or interface or zone a type of connectivity. And from that type of connectivity, share logical objects, whether that be address objects or security objects, and assign rules for those objects."

By integrating the controller directly into the firewall, all flows from the SonicPoint access points are subject to security policies on the network. Everything is encrypted, but the firewall-based controller goes beyond that. It can identify flows by application type and user, and assign security and usage policies.

"We can not only clean the wireless flows of what's coming through, but we can subjugate the connectivity to bandwidth throttling," Sweeney said. "If we see a user on the wireless segment connecting into a network and utilizing YouTube, we can identify not just what port and protocol it is using, but we can identify the specific application. We can differentiate and apply different bandwidth management policies to those applications."

More on wireless LAN security and implementation

Best practices for securing your wireless LAN

Enterprise wireless LAN security: 802.11n and seamless wireless roaming

New PCI compliance rules ban WEP, tighten wireless LAN security

Solid 802.11n deployment prepares medical center for future demands

Beamforming, RF management key to 802.11n wireless LAN success

Stephen Kolbe, president of Baltimore-based SonicWall channel partner Analysys, said he has been using two SonicPoint access points to provide wireless LAN connectivity in his two 2,500-square-foot offices since January.

"The thing I like about it is, because we're a SonicWall shop for our UTM and email security, this is one more product we can keep under the SonicWall brand," Kolbe said. "Second, because SonicWall's technology has two separate radios, we can provide 802.11n coverage as well as legacy support."

Abner Germanow, research director for IDC, said embedding a wireless LAN controller into another device isn't necessarily new. Cisco Systems offers controller functionality in its Integrated Services Router (ISR). And Aruba Networks has innovated recently with its Virtual Branch Network portfolio, which is basically an "access point as a branch office."

"The way to look at them is, if you look at the WAN gateway fairly holistically, what sorts of applications and functions are flowing into the WAN gateway?" Germanow said. "Obviously there are a bunch of security applications and performance applications, and in fairly small offices there is the access technology as well. Wireless LAN is obviously one of the primary access technologies in many small offices. And they have a fairly nice solution for providing a single box for a branch office or small office."

But SonicWall offers more than that. Sweeney said a single UTM firewall can control up to 256 access points, which could provide secure wireless LAN access to a fairly large company or a highly geographically dispersed company.

"It depends on the geographic structure of the enterprise," Germanow said. "If you're a hospital doing hardcore locationing and high-performance monitoring, this is probably not for you. But if you're rolling out 3,000 retail stores and you want wireless LAN in all of them and want a small footprint that deals with all security issues, then they're on your shortlist."

Forrester Research analyst Chris Silva was less impressed with SonicWall's wireless LAN offering.

"I'm struggling to see what the value-add of the SonicWall solution is," Silva said. "I see the value of having the separate controller going away, but I think the controller is getting virtualized anyway. A lot of these guys are taking their control plane and virtualizing it on another piece of gear."

Silva said he would be more impressed if SonicWall partnered with a firm in the voice space so that a company could do security, call control and wireless LAN management all in a single box.

Let us know what you think about the story; email: Shamus McGillicuddy, News Editor

Dig Deeper on Wireless LAN (WLAN)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.