REVIEW: Securing LAN Connections

With HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley and other security requirements, we are constantly running into two questions from our customers: "How do we easily install, secure, manage and grow our wireless networks without losing our current hardware investments?" and "Will we need to invest hoards of cash in training?"

One of our vendor partners, Bluesocket, is already answering these questions with its line of BlueSecure controllers, which act as a firewall, intrusion-detection device and reporting tool securing the connection between wireless LAN access points and the wired LAN.

After not having done much work with Bluesocket over the past few years, we recently revisited the vendor's BlueSecure WLAN product line when building a solution for a client. We chose to take a closer look at the new BlueSecure 5200, which supports 150 access points and up to 4,000 users.

This 2U appliance has a dual-core processor and four manageable Gigabit Ethernet ports (two protected and two managed) with optional fiber ports. It also offers a variety of other capabilities, including authentication, encryption, transparent logins, failover, mobility, Quality of Service (QoS), management, IP addressing, public vs. private access and IDS/IPS.

id
unit-1659132512259
type
Sponsored post

With the growing number of wireless device manufacturers and their various makes and models, we require a vendor-agnostic open-systems solution to manage, monitor and secure the wireless networks we design, manage and install. Further, our needs for data encryption, QoS for VoIP, Active Directory Authentication and policy management have become mandatory. The Bluesocket touts these areas as its sweet spots, a claim we set out to verify.

During our testing process, we integrated the BlueSecure Controller (BSC) 5200 into a Microsoft Windows 2003 Active Directory running on twin Dell PowerEdge 2300 servers with Double-Take software loaded to support disaster recovery and high availability. The 5200 was connected to a Netgear FS 570 T2 48-port switch behind a Netgear Prosafe VPN Firewall 200 with dual WAN ports. We attached two Power over Ethernet BlueSecure 1540 access points and one Linksys access point to the BSC 5200. In addition, we used Fujitsu T4215 Tablet PCs with built-in 802.11a/b/g and older Dell Latitude D600s with built-in wireless.

Our goal was to effortlessly connect the BSC 5200 to the network and seamlessly attach the PCs with very little training necessary at the end-user level. In essence, we wanted to find out how intuitive the GUI is.

Initially, we spent approximately one hour reading the enclosed manuals and reviewing the online support forums, and another two hours getting familiar with the appliance—not bad for setting things up for the first time. The documentation could be a bit more explicit, but we were able to get through it quickly and get the job done.

Next: The Bottom Line Our seasoned systems engineer completed the configuration in little time. When one of our Systems Engineers in Development (SED) tried to duplicate his efforts, he took a bit more time, but with very little assistance was able to successfully install, configure and attach the access points. As a further step, he enabled MAC address filtering and WPA encryption to further secure the network. All PCs connected smoothly as planned. Our SED then successfully connected the 5200 to the Active Directory for authentication.

Once the network was complete, we tested the guest access policy to ensure that guests could access the Internet but not see the secured network. Once again, this was a seamless configuration. We recommend changing the guest password on a frequent basis so there are no permanent guests.

The process for configuring the BSC 5200 is close to plug-and-play but not quite. There are several menus, and it is not always intuitive as to which menu to use. However, once you understand the menu structure, you are good to go. We really like the ability to make granular configurations at just about any level for policies, roles and such.

As there was no need to call for support, we can't really rate this portion. Our only support requirements were a quick check of the online support forums to review factory and password reset procedures. Otherwise, this product is simple to get running once you understand the menu structure.

The primary strength of the BSC 5200 is the simplicity of the configuration. At the same time, the complexity of options coupled with the less-than-complete technical manuals that accompany the product is a weakness. Although minor, it is one of the only weaknesses we could discover. When coupling the online support forums and knowledge base we overcame the weak installation instructions, and then the BSC 5200 was a snap to install. In addition, there are phone support options that probably only need to be used by the very inexperienced engineer.

The BSC 5200 controller carries a list price of $32,995. There are a variety of support options to purchase as well. Channel partners receive 30 percent off list pricing for the device. Support contracts can net from 15 percent to 45 percent off MSRP for the channel partner depending on the contract.

As this is a vendor-agnostic device, there are ample opportunities to place whatever access point, authentication server or devices the channel partner supports. In addition, there are service opportunities through the deployment of more wireless, wired and Bluesocket solutions. We think there are even more opportunities in customizing the login splash pages.

In the end, Bluesocket and the BlueSecure line of appliances answers "yes" to ease of use, security and management and "no" to hoards of cash required to train the users. The BlueSecure 5200 is no doubt a top-notch product line.

Darrel Bowman is CEO, Jason Wilson is systems engineer, and Aric Gerspacher is systems engineer in development at AppTech, a disabled-veteran-owned full-service VAR in Tacoma, Wash.