 
NS-2You've got the Key to business productivity and
security
Plug-in, Authenticate, Work. Only the KoolSpan SecurEdge Solution
provides automatic security, authentication and remote access. Plug in
your KoolSpan Key and you're connected to your office or home network
wherever you are. No need to change your configuration or run a VPN
Client when you're out having coffee or closing a deal. Lost or stolen
passwords and hackers don't enter the equation. Whether wired or
Wi-Fi, wherever you are, wherever you go or need to work, KoolSpan
enables a deadbolt secure network with our patent-pending Smart Card
solution.
KoolSpan is an immediate asset to a wide range of businesses,
industries and institutions including; medical, legal, financial,
government, transportation and more. Any business that needs to
connect its users seamlessly and securely to its network from any
point on the Internet can benefit from the technology. KoolSpan gives
you Frictionless Connectivity (sm)
KoolSpan gives your business the Edge
KoolSpan SecurEdge is automatic. It supports all flavors of Wi-Fi
hardware (802.11 a, b and g) and bypasses weaknesses in Wired
Equivalent Privacy (WEP) and Wi-FI Protected Access (WPA). KoolSpan
works with your existing hardware today. KoolSpan eliminates the need
to install any additional servers or network appliances. KoolSpan's
solution is simple to setup and maintain and requires virtually no
support or maintenance.
The KoolSpan Solution includes software (KoolSpan SecurEdge
Manager) to manage distribution of KoolSpan SecurEdge Keys on the
network. SecurEdge Manager comes with a Master Key that is required to
access the SecurEdge User Database. The KoolSpan SecurEdge User
Database contains the credentials and permissions for all the users on
a single network, which is uploaded securely to each SecurEdge Lock on
the network. After initial setup, the KoolSpan SecurEdge Manager
software is only run when a change to any of the user permissions
needs to take place.
KoolSpan's SecurEdge configuration is a patent-pending Lock and Key
solution that establishes authentication and security at the edge of
the network. It's here that the implementation of authentication and
security is most effective. KoolSpan provides 256-bit AES security and
two-factor Smart Card authentication. KoolSpan's SecurEdge "Lock and
Keys" works with existing Wi-Fi hardware; no need to change what you
currently are using. KoolSpan works in the office, remote locations or
home, providing VPN-like access and security. No other approach offers
the feature set and cost advantages of KoolSpan. Forget about
expensive and technically complex solutions. KoolSpan technology
comprises a simple-to-use system that addresses the problems of
identity verification, privacy and network interoperability. It
requires no back-end server, and creates the first open software
platform enabling innovative distributed applications for whatever
kind of network you operate.
Authentication beyond Question
Computers don't hack networks, people do. Do you really know who's
logged into your network? Most networks today rely on account names
and passwords for authentication. This approach is vulnerable to
multiple users accessing the network with the same account name and
password, often at the same time. The physical identity of a user
can't be determined by an account name and password.
KoolSpan solves this problem simply. Each user is provided a
unique, secure and tamper-resistant physical "KoolSpan SecurEdge Key".
To gain access to the network, the user must have the KoolSpan
SecurEdge Key and know its eight-digit PIN number. Enter the PIN
number incorrectly three times in a row and the key is automatically
blocked. Only authorized users equipped with a physical, identifiable,
and registered key, can access the network. When plugged into the
user's computing device (PDA, laptop, desktop, and others), the small
USB KoolSpan SecurEdge Key automatically supplies the necessary
authentication credentials to the network using virtually no
bandwidth. The KoolSpan SecurEdge Key can hold the keys to scores of
related or remote networks eliminating the need for multiple physical
keys.
We'll help you work Smarter
The KoolSpan SecurEdge Keys contains a Smart Card chip. The Smart
Card is the basis for authentication and security in hundreds of
millions of GSM handsets worldwide. This secure, tamper-resistant
Smart Card provides several functions as part of the KoolSpan
Solution:
- Secure storage of network parameters
- Automatic selection of the proper network credentials
- Two-factor identification of the user (known and stored
information)
- Secure application platform
Access from the Most Remote Locations
Whatever business you're in, KoolSpan let's you do business from
wherever you are. The KoolSpan SecurEdge Lock recognizes a registered
SecurEdge Key. Once the Lock and the Keys are setup, the pair perform
mutual authentication. A user can authenticate to the network and the
network to the user. Once authentication is achieved, the Lock and Key
independently generate a unique 256-bit AES Session Key that is unique
for each user for each session. No keys are exchanged so
"Man-in-the-middle" attacks are impossible with KoolSpan.
How It Works
Operation of the KoolSpan SecurEdge solution uses three simple
elements: a Lock, a Key and a Manager.
KoolSpan SecurEdge Manager - The KoolSpan Manager
is an application that manages key distribution and client permissions
for all users on the network. Using a Master Key the administrator is
able to register new KoolSpan SecurEdge Keys and set/change access
permissions for each user. The Manager uploads the user database to
each KoolSpan SecurEdge Lock on the network. Once uploaded, the
KoolSpan SecurEdge Manager only needs to be run when a change to the
user database is required. The administrator can add, delete, or
change a user's permission at any time. After any change, the
administrator can simply upload the changes securely to the network
Locks.
KoolSpan SecurEdge Lock - The KoolSpan SecurEdge
lock is the "edge-of-network" gatekeeper. Its purpose is to prevent
unauthorized users from accessing the network. It is typically placed
as a "bump-in-the-link" between the Access Point and the network.
Unlike centrally managed authentication systems, such as 802.1x-based
networks, SecurEdge does not rely on authentication servers or other
"heavy iron" network appliances. Each KoolSpan SecurEdge Lock
authenticates the user at the edge of the network eliminating the need
to communicate with a central authentication server each time each
user connects. The KoolSpan SecurEdge Lock contains a database of
registered users securely in flash memory. This encrypted database can
only be accessed using the Lock's internal Smart Card. The KoolSpan
SecurEdge Lock is one half of the mutual authentication technique used
by KoolSpan (the KoolSpan SecurEdge Key being the other half). The
Lock not only authenticates the user but also independently computes
the same AES Session Key as does the KoolSpan SecurEdge Client Key.
KoolSpan SecurEdge Keys - The KoolSpan SecurEdge
Key is a secure, tamper-resistant physical token that has a
laser-etched serial number that cannot be changed. Unlike MAC
addresses, the KoolSpan SecurEdge serial number is unique and cannot
be cloned. The serial number is used to identify itself to the
KoolSpan SecurEdge Lock during authentication. The KoolSpan SecurEdge
Key identifies itself to the KoolSpan SecurEdge Lock and vice-versa
and then generates an AES Session Key used for further communications.
The authentication and security process is fast, efficient and does
not require any other network access. As all functionality is
maintained within the KoolSpan SecurEdge Lock, there is simply no
issue of scale.
For large distributed enterprises as well as small
to medium sized enterprises, KoolSpan SecurEdge is the only SMART
solution:
SECURITY
- Encryption Key Security - There are two types
of encryption keys used in the KoolSpan SecurEdge system. The
KoolSpan SecurEdge Key Smart Cards have embedded 3DES keys that are
used for authentication. The authentication keys are used once to
authenticate the user to the network and to authenticate the network
to the user. The result of this bi-directional authentication allows
each side to independently compute a 256-bit AES Session Key that is
unique per user, per session. The AES Session Key is then used for
all subsequent communications. No encryption key is ever known to
anyone on the network. Even the administrator does not have access
to the Network Keys. They are stored securely on the
tamper-resistant physical token within the KoolSpan SecurEdge Key
and are never transmitted and thus never exposed. Your data and your
information are always deadbolt secure. The KoolSpan Solution is not
susceptible to the "man-in-the-middle" attack or other methods
prevalent in Wi-Fi hacking since no keys are ever transmitted as
part of the authentication process.
- AES Security - The AES Session Key is utilized
for all communications after authentication. All communications are
AES secure and contain both a CRC-32 checksum as well as a Message
Integrity Check (MIC) function to ensure that all communications are
received unaltered. Regardless of the 'flavor' of Wi-Fi hardware you
are using. The KoolSpan SecurEdge maintains a secure AES session
between the Lock and Key.
MOBILITY TO
MULTI-NETWORKS
- Frictionless Operation - The KoolSpan SecurEdge
Key is not limited to storing the access parameters for just one
network. The same KoolSpan SecurEdge Key can hold access keys for
multiple networks each maintained separately by the corresponding
network administrator. Thus, a user can freely move from a KoolSpan-enabled
office network to a KoolSpan-enabled home network to a KoolSpan-enabled
Hot Spot using the same KoolSpan SecurEdge Key with completely
different network parameters, and allowing each network
administrator to maintain total network security and integrity for
their users at all times.
AUTHENTICATION
- KoolSpan SecurEdge Keys - KoolSpan SecurEdge
Keys are distributed to each user. KoolSpan SecurEdge Locks contain
internal KoolSpan SecurEdge Smart Cards. Without these Keys
(protected by a private PIN number), access to any part of the
network is prevented. The authentication process is fast and
utilizes a simple exchange of encrypted random numbers, NOT
encryption keys. KoolSpan's keyless exchange technique avoids most
of the pitfalls of wireless security. This methodology avoids all of
the known WEP vulnerabilities.
REMOTE ACCESS
- Works Anywhere - KoolSpan SecurEdge technology
establishes a secure link between the "Lock" and "Key" regardless of
what's between. A KoolSpan connection is automatically established
locally within the corporate LAN footprint for instance but can also
be established when the user is at a third-party location. Simply
plugging in the KoolSpan SecurEdge Key will establish the secure
connection identically whether inside or outside the network. The
need to run a separate VPN Client when accessing the network from a
remote location is no longer necessary.
TURNKEY OPERATION
- Ease of Use - The KoolSpan Solution
automatically handles bi-directional authentication and security.
There are no parameters to set or any to maintain once the KoolSpan
SecurEdge Keys are distributed. All Wi-Fi settings are standardized
across all KoolSpan-enabled networks so there are no user settings
and no WEP keys to distribute and manage.
|
