Air Secure Access Point (ASAP) (617)
ASAP is a set of wireless access point software components that extends secure wireless capabilities to embedded devices. With ASAP, a networked embedded device can join wireless clients to a wired Ethernet network, other wireless access points, and mesh network topologies.
Complete secure managed Wi-Fi access point functionality:
- Support for WEP, WPA, WPA2 / 802.11i
- CCMP, TKIP + MIChael, WEP-40 and WEP-104 bit cipher support
- Dynamic WEP re-keying for non-WPA STAs with 802.1X
- WPA and WPA2/802.11i Key management
- WPA-Personal (PSK) and WPA Enterprise (802.1X) modes
- Simultaneous support for non-WPA and WPA/802.11i supplicants
- Built-in RADIUS client
- 802.11 a/b/g/h framework with QoS (802.11e) and reference drivers
- FIPS-certified common crypto framework (Krypto-Lite), along with a suite of encryption and integrity components to secure and manage access point traffic
- Support for PowerPC, MIPS, X86, and ARM/XScale CPU architectures, and big-endian or little-endian systems
- Royalty-free full source distribution built for VxWorks and Embedded Linux
Some examples of where ASAP can create significant new growth in the use of embedded device servers for wireless infrastructure, connected industrial devices, machine-to-machine (M2M) wireless networks, and the Internet include:
- Wi-Fi accessible Printer, including public access and shared MFPs (multi-function printing devices)
- Conference room projectors or other shared devices that process data
- Industrial devices gathering data from sensors and other industrial devices
- Any kind of embedded device in hard-to-reach places requiring local management without physical connections (e.g. a free space optic or radio link hardware mounted on a high pole)
- Network attached storage devices serving up data wirelessly
- VOIP based phone systems (base unit)
- Network access points requiring custom enhanced features such as control over VLAN domains, separate attributes for traffic from different wireless clients
- IEEE 802.11 a/b/g
- IEEE 802.11d
- IEEE 802.11e / WMM
- IEEE 802.11i
- SSecure Family: Security protocols (SSL, SSH,IPsec/IKE)
- AuthAgents: Authentication agents (Kerberos,RADIUS, X.509)
- INSECTS: Firewall, NAT and QoS disciplines
Air Secure Access Point (ASAP) is a comprehensive, secure, managed embedded access point (AP) software package. It integrates the latest wireless security technologies with a flexible driver framework that works with a variety of 802.11 wireless local area network (WLAN) devices. Besides providing full-featured managed AP functionality, ASAP concurrently supports the many different generations of 802.11 security technology found in wireless networks, from WEP through WPA, up to WPA2 / 802.11i, in either Personal (Pre-shared Key) or Enterprise (802.1X) mode.
ASAP supports IEEE 802.11, a set of physical and data link layer standards for radio frequency communication. ASAP implements the "infrastructure" mode of 802.11 operation which enables a device connected to a wired LAN to act as an access point, allowing wireless stations (STAs) to communicate with it. ASAP includes an optimized 802.11 a/b/g reference driver for the air interface and an 802.11 framework to ease the development of device drivers for new Wi-Fi chips. In addition, ASAP features an 802.11 MIB, QoS control using 802.11e / WMM and support for multiple radios and SSIDs. Remote configuration and provisioning can be done using a web-interface, or a CLI. Fine-grain control for ASAP functionality is also available through developer APIs for use in diagnostics development and custom embedded applications that require programmatic control of the AP.
With the introduction of ASAP, the embedded designer can now leverage the significant benefits offered by wireless communication to networked devices without the security problems that would otherwise result from the use of difficult-to-protect airwaves with no well-defined physical boundary. Compromised security on a WLAN could take the shape of unauthorized clients or even unauthorized access points (inadvertent or deliberate "evil twin" APs) that join the network. ASAPs ability to turn off SSID broadcast, features for rogue AP detection, and MAC address based filtering thwart many of these spoofing attacks. Further, data interception and monitoring attacks such as session-hijacking can be thwarted using ASAPs security features.
ASAP offers 802.1X for enterprise mode authentication and includes a full implementation of the Port-based Network Access Control state machine defined by IEEE 802.1X. In 802.1X mode, ASAP allows the AP to act as an authenticator to the network, while using its built-in RADIUS client functionality to authenticate Wi-Fi clients with the Extensible Authentication Protocol (EAP). When in non-enterprise mode, ASAP also allows the use of pre-shared keys in environments where RADIUS servers are not available.
ASAP accelerates the addition of optimized and secure embedded wireless services by taking advantage of the unique features presented by each of the operating systems supported. ASAP is available with optimized editions for both the latest and other popular versions of VxWorks and Linux, with support for the native network driver model, and enhanced memory management. Designed specifically with embedded constraints in mind, programming interfaces suitable for the embedded developer, and with an emphasis on strong security and leading-edge standards support, ASAP can be the building block to add secure wireless AP capabilities to any embedded device.
If you are interested in more information on how Wind River partners with this company, click here.