Hardware-upgrade fears stall wireless LAN plans

By Jim Rendon, News Writer 05 Feb 2004 | SearchNetworking.com

Digg This!     StumbleUpon     Del.icio.us

The next key wireless LAN security standard should be approved this year, but some users are up in arms over the specification, which could force massive hardware upgrades and make Wi-Fi network management more complex.

The Institute of Electrical and Electronics Engineers (IEEE), an important networking standards body, is on track to ratify the 802.11i security standard at some point this year, though the timetable is uncertain.

Among other security improvements , 802.11i will replace the Wi-Fi Protected Access (WPA) encryption protocol with Advanced Encryption Standard (AES), a much more computing-intensive algorithm.

I don't want to make a major investment in a lot of equipment that is just going to become obsolete later. Rick Scholl electronic system engineer, Milwaukee Museum

Because of the complexity of AES, vendors cannot provide software upgrades for much of their existing WLAN equipment, particularly access points that are more than a year old, said Chris Kozup, a program director with Stamford, Conn.-based research firm Meta Group.

Chris Bolinger, a product marketing manager for Cisco Systems Inc.'s wireless network business unit, said that because access points may be decrypting signals from multiple devices, they will need hardware upgrades to avoid significant losses of throughput. Most enterprise class access points that are being manufactured today will be able to use 802.11i with only a software upgrade.

Many newer devices, such as laptops and handhelds, will only need a software upgrade to use 802.11i, since they have enough native computing power to decrypt AES without hurting performance, said Bolinger. He added that many older scanner-type devices that run on DOS won't be able to use 802.11i at all.

That means that, in order to take advantage of AES, many users could be forced to replace significant amounts of hardware, though some products will only require the installation of new radio modules.

This upgrade requirement for hardware that may be no more than 24 months old has left some users frustrated, and even shying away from wireless LAN implementations altogether.

Rick Scholl, an electronic system engineer with the Milwaukee Museum, has put his Wi-Fi plans on hold. The museum wants to install a Wi-Fi system for use by both museum staff and the public, but it has delayed purchasing equipment until after the 802.11i specification is ratified.

"I don't want to make a major investment in a lot of equipment that is just going to become obsolete later," Scholl said.

Scholl may be right to wait, Kozup said. 802.11i will be ratified perhaps as early as this summer, he said. Products could be on the market by the fall.

Scholl, however, finds little solace in waiting. He said that the IEEE should be able to find a more secure path for Wi-Fi without requiring costly and expensive hardware upgrades.

Still, Brian Mathews, the publicity chair for the IEEE's 802.11 committee, defended his group's work. He said the Wi-Fi market has already suffered from serious security problems with Wired Equivalent Privacy (WEP), the predecessor to WPA that was widely considered flawed. It is important that the group find the best security solution it can, he said.

"If we don't address security to the fullest extent possible, we'll get slammed as an industry," he said. "Hardware upgrades are unfortunate, but it is unacceptable to have a system that is not secure."

For More Information  Browse our Topics on wireless LAN security. Learn more about the focus of 802.11i.

Rather than forcing wholesale upgrades, the introduction of 802.11i is much more likely to make wireless networks more complicated. Few companies will upgrade everything all at once, Kozup said, and wireless network security will likely become a confusing mix of WPA and 802.11i.

Kozup said that, when 802.11i-enabled equipment is available, businesses will have to segment the network using virtual local area networks to keep traffic with different security levels separate from each other. Using a service set identifiers (SSIDs), which are special wireless LAN naming conventions, administrators can set policies that segregate users based on the forms of security they are using. Those with lower levels of security may have access to less important data.

With so many different levels of security, networks could become more vulnerable, Kozup said. At the very least, they will become much more complicated to manage.

Tags: Wireless LAN Implementation,  WLAN Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Wireless LAN Implementation University tackles large-scale 802.11n wireless network management Why is my network adapter not working after a Vista Business upgrade? How many wireless base stations can connect to 802.11g access points? 802.11n wireless APs bring IP video to sprawling Illinois high school No data cable? Wireless mesh networking the answer for Wi-Fi backhaul Integrated wireless and wired LAN: Brocade-Motorola deal ups the ante 802.11n WLAN architecture strategies: The 2.4 vs. 5 GHz band debate 802.11n upgrade: College ditches legacy network for new vendor 802.11n ratification will drive down wireless LAN prices How does Wi-Fi ad-hoc mode react when 802.11n and legacy peers are present? WLAN Security Where can I find a wire driver that unblocks recognized passwords? Will using a VPN protect me against fake wireless hotspots? Fluke gets WLAN design, management, security cred with AirMagnet Is WPA2 secure enough for a commercial business wireless network? Health center cut cost securing wireless network edge with Aerohive Wi-Fi RTLS for WLAN management, location-based security, asset tracking Wireless LAN performance management and security standards beefed up How can I hide my WLAN's SSID in an Aruba AP-61? Wireless LAN security: SonicWall joins crowded WLAN market Stolen laptop recovery using remote access and wireless network SSIDs

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 802.11a  (SearchNetworking.com) Asynchronous Pulsed Radiated Incident Light  (SearchNetworking.com) beamforming  (SearchNetworking.com) cognitive radio  (SearchNetworking.com) direct sequence spread spectrum  (SearchNetworking.com) frequency-hopping spread spectrum  (SearchNetworking.com) patch antenna  (SearchNetworking.com) phase-locked loop  (SearchNetworking.com) radio frequency  (SearchNetworking.com) wireless mesh network  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary