In-Depth

OpenSEA Alliance Sets Sights on LAN Security

A new nonprofit industry group works to push IEEE 802.1x as the basis for open source client-side security.

Another front in the open source community's efforts to free up code has been launched. This time the objective is to push for a client-side open-source security solution based on the IEEE 802.1x standard for security in LANs.

Six companies that produce networking and security products have founded a nonprofit organization called the OpenSEA Alliance for this purpose. The founding companies are Extreme Networks, Identity Engines, Infoblox, Symantec Corporation, TippingPoint, and Trapeze Networks.

OpenSEA stands for "Open Secure Edge Access," and one of the prime directives of the Alliance is to develop a "cross-platform open source 802.1x supplicant," according to an announcement issued by the group. The Alliance already has an existing open source security solution on hand for this development effort called "Xsupplicant," which arose from efforts at the Open1X Project.

A supplicant is the client-side device's security protocol involved in a handshake with an authenticator, which is located on the server side. Both devices exchange authentication credentials via the Extensible Authentication Protocol (EAP), such as PEAP, EAP-TLS and EAP-TTLS. The authenticator, which is typically an Ethernet switch or wireless access point, uses the RADIUS protocol to forward the credentials on to an authentication server.

The 802.1x standard has been used mostly for wireless LANs and is used as part of a commonly accepted industry solution for securing wireless transmissions. However, 802.1x is also used in wired Ethernet environments.

The OpenSEA Alliance intends to bring greater stability to 802.1x solutions and push for an enterprise-class open source supplicant. It is applying its efforts to 802.1x because other methods, such as IPsec and SSL VPN, are more developed than 802.1x, according to information posted at the organization's Web site.

Commercial supplicants currently exist from Cisco, Juniper and Microsoft, and the Alliance intends for its Xsupplicant solution to be interoperable with all of them.

The Alliance's founding companies are also working with UKERNA (United Kingdom Education and Research Networking Association) on the project. UKERNA manages an educational and research network that connects with the larger Internet called JANET.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Must Read Articles