News Stay informed about the latest enterprise technology news and product updates.

Emergence of WPA threatens gateway vendors

Analysts say that, unless wireless LAN gateway vendors evolve to address customers' changing enterprise management needs, they could be facing extinction at the hands of Cisco and others.

Wireless local area network gateway vendors, which sell centralized management, security and roaming products, are facing an uncertain future.

With growing competition from larger vendors and increasing commoditization of their offerings, industry analysts feel that, unless those companies find new ways to innovate, they may soon be facing extinction.

Vendors such as ReefEdge Inc., Bluesocket Inc., Vernier Networks Inc. and others were early in identifying major problems that businesses were encountering with wireless LAN deployments, said Craig Mathias, a principal with the Framingham, Mass.-based research firm Farpoint Group.

When inadequacies in the Wired Equivalent Privacy (WEP) security protocol were revealed, these companies developed systems that made wireless LANs compatible with better security approaches. ReefEdge recently received the benchmark Federal Information Processing Standard (FIPS) 140 Level 2 security certification from the government, enabling it to sell its products to government agencies.

"Those companies are to be commended for identifying areas that have turned out to be some of the biggest challenges to wireless LANs," Mathias said.

But now, there is a new de facto security standard, Wi-Fi Protected Access (WPA), that fixes the problems with WEP, making out-of-the-box, enterprise-class wireless LANs adequately secure, said Michael Disabato, an analyst with the Midvale, Utah-based research firm Burton Group. Though WPA is not an official standard of the Institute of Electrical and Electronics Engineers (IEEE), it is being certified for interoperability by the Wi-Fi Alliance.

Next year, a new and more stringent standard, 802.11i, will likely be ratified. With these advances in wireless LAN security built into new products, these vendors are no longer filling a need in the market, said Chris Kozup, an analyst with Stamford, Conn.-based research firm Meta Group.

"Where is the added value," asked Kozup, "if you already have WPA on your system?"

But WPA remains a new technology, said Phillip Redman, a vice president with Stamford, Conn.-based Gartner Inc. The Wi-Fi Alliance has only certified a half-dozen WPA-based products, he said, and very few businesses have actually implemented them. Security will continue to be an issue for some time to come, especially with legacy systems, he said. And these vendors are filling a need there.

Sandeep Singhal, chief technical officer of Fort Lee, N.J.-based ReefEdge, said that his company's system allows users to implement WPA, IPsec and other security measures. What is important is its flexibility.

Eric Janzen, CEO of Bluesocket, said his company's products are similarly flexible when it comes to supporting different security approaches, including Advanced Encryption Standard (AES) and other authentication methods that work with a company's existing technology.

These vendors have also been quick to identify problems inherent to managing large wireless LAN systems, and they've capitalized on the market opportunity. Universities, for example, have put in systems that encompass thousands of access points. Other businesses, such as hospitals, often need to enable users' devices to roam freely from one site to another.

Such advanced wireless LAN management features weren't common a few years ago. Today, now that enterprise-caliber WLANs are becoming more common, Redman said, there are still only a handful of management tools available. Even networking giant Cisco Systems Inc. is largely ignoring the market.

"Maybe when there is a lot of demand for management features18 months from now, that will be a different story," Redman said.

Though vendors are beginning to offer switched and routed wireless LANs, which centralize some management features, other issues -- such as quality of service and roaming among sites and even subnets -- remain a challenge.

At this point, there are few off-the-shelf products that will fill every customer's needs, Mathias said, but most businesses end up customizing their deployments.

Additionally, Bluesocket and ReefEdge stressed that their systems were designed to work with multi-vendor systems, which reflects the reality of most businesses today. Systems from wireless LAN vendors can lose some functionality when combined with access points or hardware from other vendors.

But by the nature of the market they are in, this class of vendors must keep adjusting their product lines if they are to survive, Redman said. Mathias calls them completer products -- products that fill in the holes ignored by the Ciscos and Symbol Technologies of the world. Inevitably, those larger vendors will incorporate more functionality into their own products, forcing the ReefEdges and the Bluesockets to continue to adapt, or else.

"These companies do not have a long-term play," Redman said. "The challenge for them is to keep adding on solutions, so that they continue to be needed in the marketplace."


Read about ReefEdge gaining FIPS 140-2 certification

See how a medical school healed its wireless LAN vulnerability

Dig Deeper on Network Security Best Practices and Products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.