Meru Networks has introduced a security gateway appliance designed to meet the exacting demands of FIPS (Federal Information Processing Standard) 140-2 Level 3 security for U.S. and Canadian government agencies and other security-conscious organizations as they broadly adopt wireless LANs.

The Meru SG1000 Security Gateway has been formally recommended for validation at FIPS 140-2 Level 3, the highest security level thus far sought by any WLAN vendor, providing physical tamper-proof security mechanisms, including a hard epoxy enclosure, as well as strong identity-based authentication.

If granted certification, Meru will be able to ensure their enterprise customers full FIPS 140-2 compliance of their wireless networks by adding an SG1000 to an existing deployment.

While most WLAN vendors implement FIPS security in their controller software, Meru's FIPS security resides in a distinct network appliance. This gives Meru customers the flexibility to upgrade their controller-based System Director software whenever a new version becomes available, allowing them access to new features and functionality without having to wait for revalidation of the controller.

Developed by the U. S. National Institute of Standards and Technology (NIST) and Canada's Communications Security Establishment (CSE), the FIPS 140-2 standard is an information technology security accreditation program that enables private-sector vendors to have their products validated for use by government departments and other industries that collect and disseminate sensitive but unclassified information.

Currently in review by NIST, the SG1000 was recommended for validation under NIST procedures by InfoGard Laboratories, the premier independent, accredited IT security laboratory in the United States, and accredited by NIST as a Cryptographic Module testing laboratory.

The SG1000 supports AES (Advanced Encryption Standard) 128, 192 and 256 encryption, a secure management interface, tamper-proof labels, and the IEEE 802.1x standard for port-based network access control with EAPoL (Extensible Authentication Protocol over LAN).

It meets Department of Defense Directive 8100.2 for the use of commercial wireless devices, services and technologies in the DoD Global Information Grid.