Perpetual paranoia about security breaches, rather than actual significant evidence of them, has retarded the growth of wireless LANs. Long-held beliefs about the fragility of WLAN security has not kept pace with technology developments designed to address security issues.
Jupiter research released in the US in September found 50 percent of surveyed companies said security was the primary inhibitor to the growth of wireless.
But sheepishly, nearly 85 percent admitted they hadn't actually experienced security breaches on their WLANs.
We've all heard the stories of mischief-makers trying to sniff corporate data while riding lifts, sitting in smelly stairwells, or beaming-up from the carpark.
And it's true WLANs can exacerbate the impact of poor existing security practices. However, security is more than passwords and encrypting sensitive data; it's also about appropriate products, enforcing stringent security policies and addressing work culture issues.
The Australian Bureau of Statistics' assessed business use of the internet in its communications and IT report in April this year. The most common method of internet access by Australian businesses was dial-up via modem with 86 percent of businesses using this method. 'Less common was the use of digital subscriber line (DSL) at seven percent; cable modem seven percent; and integrated services digital network (ISDN) four percent.' Only one percent of businesses had access to the internet via a wireless connection, the ABS report said.
The biggest job facing integrators at present is to dispel lingering myths about WLAN security and inform users of new products and standards and build strong business cases for using WLANs.
George Deligiannoudis, sales director for Wireless IP Technology, says the first priority is market education. 'Customers haven't really been given a simplistic view of how the whole security component works. Many companies use that as a selling tool; to be able to say that their software or hardware solution is more secure than others.'
META Group's senior research analyst Bjarne Munch says the WLAN market is so unstable right now that he wouldn't put much faith in current market statistics or predictions.
'There's a lot of confusion regarding the actual business case for wireless - it could go either way. You can see a lot of potential for adoption but you can also see people realising they don't really need wireless connectivity in their office because they don't move around all that much,' he says.
One thing that is helping the takeup of WLAN is lower costs. Toshiba's presales tech specialist, Keith Rothsay, has noticed considerable change in prices since Christmas.
'Cost is not a barrier to wireless deployment anymore, whereas even a year ago it might have been. For example, with 802.11a technology, prices have come down from where an access point cost more than $1000 to the stage where I can go to Harris Technology and buy an 802.11a access point for $79 now.'
Admittedly he says you're not going to get much support with a sub-$80 product, but 'realistically, the wireless hardware costs have been reduced to a point where it's a commoditised technology already', he says.
Something that may also help to tease out more WLAN users is the emergence of service level agreements (SLAs).
Reports from the US say companies like Sprint give credits to its WLAN customers if service drops below certain levels, such as frequent drop-outs or low network availability.
Current issues
InTechnology's Mark Winter says because wireless is all in the open air, radio waves propagate in all directions and reflect, refract and penetrate solid objects. 'As such, you don't have much control over where your transmissions go,' he says.
When people break into wireless networks, it's generally networks that have been turned on with 'out-of-the-box' settings, says Rothsay.
'But even a slight modification of the out-of-the-box security makes it very difficult for the average person,' he says.
In the vein of 'pot-plants with ears' and 'lights with eyes', one of the areas that people are now focusing on is rogue access points.
Consulting systems engineer for Cisco, Adam Radford, says planting rogue access points under office cupboards is not unheard of in corporate espionage situations.
'Now however, self-defending networks allow defense against rogue access points. If you have wireless deployed, that wireless infrastructure can be watching for access points that are unknown to the network. And if a user brings in an unknown access point and plugs it in, then [it's detected] and relayed back to the management station,' he says. That rogue access point can then be traced and shut down.
Rothsay says WLAN security issues are currently addressed with a software solution called WPA, or Wi-Fi protective access, but that still has significant overheads.
'Once we talk about encryption, we're really talking about 30 percent of the available bandwidth on the wireless systems being dedicated to security.'
The introduction of 802.11i effectively means encryption done by hardware, he says, and this will reduce the bandwidth by having a hardware encryption engine at each end, the client and the access point.
META Group's Munch says there's a bit of scepticism from the larger, more conservative corporate clients right now about WLANs, and it's not just about security. 'They want to see the business case for wireless first. Wireless connectivity in the office is quite hard to justify right now, and that's probably holding the market and the vendor product evolution back a little bit,' he says.
He says most of the WLAN action is within the SME market, and some verticals like hospitals. He says the government sector is also still quite conservative.
'Even though it's explained to them that they can probably secure wireless to meet their needs, there's still a holding back to see how the market evolves in the next 12 months,' he says.
In the corporate space, there's still a level of confusion regarding the actual business case behind using wireless LAN. 'For instance, why do you want to do it? What's the business benefit? What's the return on my investment here? Trying to identify the right deployment scenarios and the right business case is an issue,' Munch says.
And when looking at potentially large scale deployments, there's also the issue of how you actually manage that wireless solution.
Peter Evangelista, GM of integrator AirNet, says in large-scale wireless deployments, managing congestion is a big task.
'The 2.4 gigahertz spectrum that everybody can use is starting to fill up and it's starting to get noisy, which means that less and less people are going to be able to begin to use it. There are also people out there that are putting out more power than they should be, and when they start spitting out extra power, it impacts on everybody else's ability to communicate over long distances.'
He says the Australian Communications Authority is looking at opening up more channel space to address this. 'At this point in time, apart from the 2.4GHz and 5.8GHz spectrum, there's nothing really that you can use.'
There's a lot of relief from customers that there are now standards-based security solutions. Standards have been a complicated issue.
Adam Radford, consulting systems engineer for Cisco say WPA (Wi-Fi protected access) was the first version of the standard.
'Now the next version WPA2 has recently finalised in the standards bodies, so we can now have standards-based security between clients and access points.'
META Group's Munch says the latest standard 802.11i is the one we've been waiting for and now has been ratified.
'We're still waiting for it to get to market in fully standardised products. The thing is within the 802.11i framework, there is no standardised authentication protocol and you can't have strong security without having really really strong authentication.
'Even if you have a very strong encryption mechanism ... we've got no one, single solution where all vendor products use the same authentication protocol,' Munch cautions.
WLAN users
It's often significantly easier to identify a business case for wireless when you move out of the office into the 'non-carpeted' work environment, especially where people have to move around a lot while doing their work, says Munch.
A good business case can be made for WLANs in the hospital setting. Healthcare tends to be fairly conservative with adoption of new technology.
Security concerns are never far from mind, due to the sensitive nature of patient data, however healthcare is a highly mobile workforce that's always looking for efficiency and productivity gains.
Ross Chiswell, CEO of Integrity Data Systems, says in all his work in hospitals, two repeating themes occur. One is that wireless has snuck into the hospital environment without the control of the IT department.
'For example, people within the hospital get a research grant which is under their control and not the IT department. They'll go off and buy their own gear, including some wireless devices, so the IT department gets little islands of wireless that pops up without their control. And it's typically all based on different types of hardware, and may not meet a standard the hospital wants to adopt.'
Chiswell says it's almost impossible for the IT department to come up with a uniform security approach, without having to ditch some products and waste money.
The second theme in hospital's wireless journey is the productivity angle, he says. 'You have people from all over the hospital, from different disciplines, saying 'we want to implement this wireless device, we want to run this software'.
So the problem from the productivity side is if they let everybody in, then because wireless is still basically a shared medium, they're going to have a whole stack of people competing for bandwidth in a particular area,' Chiswell says.
He uses the example where the WLAN in triage or an operating theatre is being used for a core device or function. At the same time, there's an intern in a side room relaxing on his break.
'He's a valid user, he logs into the network on his wireless laptop, but he's got a Britney Spears fetish and downloads her video. And as he's doing that, he sucks all the bandwidth out of the wireless environment because there's no control of the allocation of that bandwidth. That could then delay the work being done with the core devices in the operating theatre,' he says.
This is when it's crucial for the IT department to have something back in its core that allocates different levels of bandwidth to different types of users so that access is prioritised, Chiswell says.
Munch says WLANs also suit the dynamic office environment of the legal industry, and manufacturing and warehousing have been early adopters of WLAN. 'Symbol has been doing a lot with wireless Ethernet for stocktake appliances for many years. There's a strong business case for the use of wireless in this environment. It can increase efficiency and productivity,' Munch says.
Up until six to eight months ago the government's take on WLANs was 'no we're not having wireless at all, we're not even going to consider it,' says Toshiba's Rothsay.
He says now there's a shift in position where they're saying 'well we are going to be interested in wireless in the future but we're not going to look at it until 802.11i comes about. So we don't want to disable the wireless in the machines, we want it upgradeable for a future date.'
Channel
Most agree a significant inhibitor to the WLAN market is lack of market education about all aspects of the technology.
Deligiannoudis says it's up to all organisations, whether hardware manufacturers, ISV, resellers and integrators, to effectively provide an agnostic approach to educating the market.
'Don't jargonise the terms and thereby add to the insecure environment that already exists out there,' he says.
'It boils down to education, the basics. Explain where the pitfalls are, where things get encrypted, where things are unencrypted.
Talk the customer through every phase, and explain that while there are some issues with WLANs, they're not unlike the issues you face in other, non-wireless networks,' he says.
And there has to a solid implementation map for installation of wLANs for customers. The implementation has an effect across the entire organisation; from a user point of view, administration point of view, and on general company policy.
'Implementing wireless is not just about getting the end user a solution,' Deligiannoudis says. 'It's about how the company as a whole is going to manage how that information is going to get disseminated into the field, and what the security and user profiles are that need to be adhered to.'
META Group's Munch agrees. 'Assist the client in identifying the business case for where their company can benefit from wireless, and identify the proper deployment scenarios,' he says.
He says Wi-Fi will not replace the wired Ethernet for a long time, if ever. 'We're still not seeing the level of quality or bandwidth being available from wireless Ethernet as we're seeing from the wired Ethernet. It's an add-on and it shouldn't be viewed as anything but an add-on, so the issue is to identify where this niche add-on fits in the corporate environment,' he says.
Integrators can help make the WLAN installation easier, especially when it comes to easing security concerns. 'The security standard has been ratified now and we are expecting to see products coming to market now based on that ratified standard,' Munch says.
He cautions however, that there's still aspects of the security standard that hasn't actually been fully 'standardised'. Some vendors are trying to create little niche advantages for themselves by creating their own proprietory solutions.
'Specifically in relation to the authentication protocol. That's not standardised yet so you see a lot of the vendors doing their own stuff like Microsoft, Cisco, and a couple of smaller vendors as well.
As an integrator you can alleviate a lot of the pain of having a multi-vendor deployment by taking the integration of multiple security solutions away from the corporations.'
Securing the wireless environment in a multi-vendor situation becomes quite complex and the channel can help in situations where customers don't want lock themselves into just one vendor.
Chiswell says resellers and integrators have to tick far more than just the security box in the WLAN checklist.
The air-gap security issue gets far too much focus, he says, but the focus also has to be on things such as the management and allocation of the wireless bandwidth.
'This area is where the channel can shine. They can take that consultative approach to the organisation. They can discuss the different types of devices that are going to use the wireless environment; they can discuss the different types of users to determine who's the priority to ensure good quality service for them. That's what the channel should be doing,' he says.
Because you can't assume the customer knows even the WLAN basics, the responsibility for that falls to the channel partners.
Garen Casey, marketing director for D-Link, says integrators have to research right down to what type of antennae best meets customer's needs, and learn to do site surveys and audit for weaknesses.
'We're going to be running wireless training workshops in October and November in Melbourne, Sydney, Auckland and Brisbane. We teach the basics and get them up to speed with all the new stuff,' he says.
InTechnology also holds regular free seminars and education programs on WLAN security.
While there's not much money in just wireless LAN infrastructure anymore, Chiswell says the money is in doing the 'brainy bits' that actually manage and secure WLAN environments.
Munch says at least for the next three to four years, integrators can make a value-add trying to integrate and manage the complexity of these solutions.
'While it might have seemed to be complicated these past two to three years trying to figure out what to do with wireless Ethernet, it's nothing compared to what we are going to see the next four to five years. It's a very complex area,' Munch says. Which should be good news for the channel.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
