The BlueSecure Controller acts as a firewall between the wireless LAN access points and the wired LAN, and requires no changes to existing wired LAN hardware or user client software. Additional BlueSecure Controllers can be connected to provide hot failover capability, as well as scalability and subnet mobility across the enterprise.

Bluesocket offers a wide range of scalable Controllers to support your enterprise WLAN deployments from the network edge to the core. The BlueSecure supports branch and regional offices, and workgroups of up to 50 concurrent users; while the BlueSecure 1100 can support entire office floors of up to 100 users; for medium to large enterprises, the BlueSecure 2100 supports up to 400 users while providing hardware-based encryption acceleration. For larger enterprises requiring higher throughput and centralized WLAN management and control, the BlueSecure 5000 provides a core infrastructure platform supporting up to 1000 users.

Open Systems Interoperability
Bluesocket’s "standards agnostic” approach is optimized to support wireless devices and access points from all major vendors, and support for current and future 802.11 versions. This open systems approach means you won’t be locked into a specific technology or vendor, thereby ensuring interoperability with your current and future WLAN infrastructure.

Secure Mobility^® Adds New Meaning to Wireless LAN Security
Bluesocket’s patent-pending Secure Mobility technology gives users of laptops, PDAs and other mobile devices wireless access to corporate networks and the Internet while moving across subnets. Secure Mobility gives users freedom to work where they choose—letting them roam seamlessly across networks, even while using IPSec tunneling, without the need to re-authenticate. Secure Mobility technology is compatible with, and enhances current WLAN security standards such as 802.1x, WPA and 802.11i without requiring additional or proprietary client software.

Flexible Role-Based Access Control and Policy Enforcement
Bluesocket’s unique role-based approach provides convenient management of privileges for different categories of users. BlueSecure Controllers match user permissions to your organizational structure. IT Administrators can define destinations (such as a finance server, router or IP address subnet), services (such as HTTP, FTP, POP3), user locations, time/date schedules, and available bandwidth to control which users have access to each resource. Multiple service and destination groups simplify policy creation and reduce the complexity and cost of administration of large-scale networks.

Universal WLAN Authentication
The BlueSecure Controller provides comprehensive authentication options utilizing username/password combinations or digital certificates, with the authentication database held locally or centrally in RADIUS, LDAP, NT Domain servers, or Windows Active Directories. Users can log into a Windows Domain and authenticate to the WLAN seamlessly with Bluesocket’s unique "Transparent Windows Domain Login.” Where AP-based WPA/802.11i authentication is required, Bluesocket complements the login process transparently, allowing appropriate access for the WLAN user. Where browser-based, secure (SSL) login is required (e.g. Hot Spots, Universities, Guests/Visitors), Bluesocket supports a customizable web-login page that allows end-user branding and an ability to upload third-party SSL certificates. Where "non-intelligent” devices need WLAN access, MAC-based authentication and role/VLAN assignment is supported, providing true wireless fire-walling capabilities.

Strong Data Encryption
With the BlueSecure Controller, you can bring the highest level of security directly to the user’s mobile device. All BlueSecure Controllers support IPSec, typically used in high-end VPN and firewall products. Microsoft’s native L2TP/IPSec client implementation is also supported, which allows for a single, non-proprietary access to WLAN and existing remote access VPN resources. Other options include using PPTP which is also built into both Windows and Macintosh platforms.

Intrusion Detection, Worm Protection and Clientless Scanning for Trusted Endpoint Security
Unlike signature-based tools or OS-specific scanners, the BlueSecure Controller has implemented real-time monitoring of Wi-Fi users’ data to detect malicious traffic based on the users’ actual behavior without requiring any client-side software. This enables administrators to automatically block network access to hackers or worm infected users even for "zero-day” attacks well before traditional signature-based tools have updates available.

The BlueSecure Controller fully integrates Check Point’s Integrity™ Clientless Security to provide a clientless, maintenance-free way to protect wireless devices of viruses, worms, Trojan Horses, spyware/malware and other threats and anomalies before they are allowed to log-on and gain access to the WLAN. Taking advantage of automated Web-based scanning, Bluesocket is unique in providing trusted end-point security, ensuring the user’s device is free from viruses and worms, and has the required security and OS patches.

Security and QoS for VoIP
802.11 is a shared bandwidth technology, so network contention becomes an issue as the number of users and network traffic increase. Bluesocket overcomes this problem by providing administrators fine grained bandwidth and WLAN prioritization QoS controls to ensure low latency performance for voice and video. Bluesocket’s unique stateful packet inspection allows adminstrators to identify and secure dynamic, real-time voice protocols such as SIP, H232 and SCCP and provides a complete platform for converged voice, video and data over a single WLAN infrastructure.