Yeah it's been a bad week for Cisco but they aren't Microsoft. They won't ignore these problems. You'll see firmware updates to fix the password problem in a week tops (if it isn't already out). I suspect you'll also see an update to address the LEAP issues.
Except that they've known about this problem for months, and the security flaw is not entirely inherent in the protocol. Forcing users to choose strong passwords will provide significantly more protection to a "LEAP-protected" networks than any patch that Cisco could issue for LEAP.
I am entirely unenlightened on EAP-FAST, Cisco's replacement for LEAP, but I'm pretty sure it would be a significant deployment effort for IT to upgrade both the infrastructure and the client devices.
Slashdot Mirror
Van's Hardware has done some Efficeon benchmarking here.
Here is a whitepaper from MagiQ on their technology.
Yeah it's been a bad week for Cisco but they aren't Microsoft. They won't ignore these problems. You'll see firmware updates to fix the password problem in a week tops (if it isn't already out). I suspect you'll also see an update to address the LEAP issues.
Except that they've known about this problem for months, and the security flaw is not entirely inherent in the protocol. Forcing users to choose strong passwords will provide significantly more protection to a "LEAP-protected" networks than any patch that Cisco could issue for LEAP.
I am entirely unenlightened on EAP-FAST, Cisco's replacement for LEAP, but I'm pretty sure it would be a significant deployment effort for IT to upgrade both the infrastructure and the client devices.