News Stay informed about the latest enterprise technology news and product updates.

Putting wireless LAN fears to rest

Security holes in wireless local area network (LAN) standards have caused many businesses to think twice about deploying the technology. While wireless has been one of the few bright spots in the IT sector, Wai Sing Lee, an analyst with New York-based research firm Frost and Sullivan and author of a recent report on wireless security standards, said that enterprise adoption has not kept pace with the small and home office market. But that may soon change.

The Institute of Electrical and Electronics Engineers (IEEE) is close to approving new security standards, and the Wi-Fi alliance has also pushed through interoperability certification for new security approaches. Lee shared some of his thoughts with on how businesses can best negotiate the volatile world of wireless LAN security standards.

What are some of the most promising wireless security standards on the horizon?
The two to watch are WPA and 802.11i. With WPA, the Wi-Fi Alliance picked the best parts from the proposed 802.11i standard and is working to certify that for interoperability, so that companies can use it right away. This level of security should be fine for most companies. For government agencies or those with heightened security needs, they'll want to keep an eye on the proposed 802.11i standard that will be ratified next year. Within that, the technology to watch is temporal key integrity protocol (TKIP), which improves the encryption of wireless data. Why are enterprises concerned about security on wireless local area networks?
Wireless LANs are really just an extension of the wired network, and anytime you access the network, that connection should be secure. You never want to allow a casual or malicious user to enter your network. With security you always want to eliminate any potential opening or weak point, and wireless [LANs] can be a weak point. The average maximum distance a wireless access point can transmit is 300 feet, so people outside of your buildings can access your network. It can be quite a hazard. Businesses are very wary of this. Small vendors are now offering many of the more innovative security approaches. Are they likely to face trouble when standards-based approaches are available?
There is a very short window of opportunity for these companies. A lot of startups have been launched with the idea of solving that problem. Some of those companies are going to fail, others will take the opportunity to grow quickly and branch out. Will more standardized security approaches make wireless LANs more appealing for businesses?
Industry-wide standardization is the best solution. With standards, companies are more comfortable. They feel that they know what to expect. IT managers feel that if they take some time to learn about the technology, they can simply plug it in and it will work, and, most importantly, it will not cause any harm to their networks. Wireless LANs are already proving themselves to have positive return on investment. Having a standardized, secure system will make it a win-win situation for the industry, and for the user. There are a number of proprietary security fixes for wireless LAN, but do those approaches cause more trouble in the long run?
There are lots of very small companies offering these security solutions, but their ability to bring their security solution to the enterprise market is not strong. They just lack the marketing power. On the other hand, many of them have very good products, but many companies just do not have the time to do that research to find these solutions. Will companies that buy products and services from these startups be left in the cold?
The good thing is a lot of these companies have partnered with the big networking and services companies. I would advise enterprises to not go with proprietary solutions, but try to use industry standards when they can and, if they work with a small company, make sure that it has good partnerships. It's better yet is to work with large integrators and find the small partner companies through them.


Have your questions answered by Wireless LAN expert Lisa Phifer

Get up to speed quickly with our Wireless Security Learning Guide

What changes will make enterprises more comfortable with wireless LANs?
Security is the biggest outstanding issue. Cost is not an issue. The technology is inexpensive and cost continues to come down. It just needs to be more secure. The question is, how long will it take? Wi-Fi protected access (WPA) is undergoing testing right now by the IEEE. It should be certified by this summer. The 802.11i security standards are likely to be certified by early next year. The market has been moving much faster than the standards committees and, as a result, the Wi-Fi association has decided to certify WPA for interoperability before the IEEE makes it a standard. That is a wise move on their part, and it is likely to make businesses feel more comfortable about wireless security.

Dig Deeper on Wireless LAN (WLAN)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.