Wireless maturity

Up until recently, wireless technology was a patchwork of incompatible systems. The technology was expensive, slow and reserved for mobile situations or harsh environments. However, with the maturing of industry standards and the deployment of lightweight networking hardware, wireless technology has come of age.

  • E-Mail
By  Angela Sutherland Published  November 23, 2005

|~|greg_kelaart-courtney-websi.jpg|~|There should be a correlation of best of breed solutions that will provide the penultimate managed environment, says Greg Kelaart-Courtney, senior infrastructure security consultant for IBM Middle East. |~|Up until recently, wireless technology was a patchwork of incompatible systems. The technology was expensive, slow and reserved for mobile situations or harsh environments. However, with the maturing of industry standards and the deployment of lightweight networking hardware, wireless technology has come of age. Wireless networks allow enterprises to connect to the internet without relying on wires. These networks rely on radio frequency (RF) rather than wires to connect computers to the internet. A transmitter, known as a wireless access point (AP) or gateway, is used for an internet connection, which provides a hotspot that transmits the connectivity over radio waves. Computers that have a wireless card and have permission to access the wireless frequency. Increased use of laptops within an enterprise has fuelled the demand for wireless networks. Up until recently, wireless technology was a patchwork of incompatible systems from networking vendors. The technology was expensive, slow and reserved for mobile situations or harsh environments. With the maturing of industry standards and the deployment of lightweight wireless networking hardware across a broad market section, wireless technology has come of age. Frost& Sullivan estimates the WLAN market to have been US$0.3 billion in 1998 and US$1.6 billion in 2005. WLANs have been installed in universities, airports and other major public places. Trapeze Networks says building an enterprise wireless large area network (LAN) requires a “lifecycle” approach. These key lifecycle processes include network planning, verification, deployment, management and optimisation. Once the wireless network is deployed, the IT administrator should perform daily monitoring and management tasks. However, while wireless technology can be convenient due to a lack of wires and cables, managing a wireless network has it share of challenges. There are three major issues associated with such networks. These include security, performance and management. With the proliferation of inexpensive wireless technology, security maintenance has become a challenging task for CIOs. The most serious challenges in securing wireless networks come from bandwidth hijacking and data encryption. Either unintentionally or maliciously, anyone with a wireless laptop or other wi-fi devices can tap into an organisation’s bandwidth. The worrying part is that such a hijacker has the ability to gain access to an organisation’s internal network resources. When it comes to data encryption, currently, the industry does not have many viable options for wireless encryption. The wired equivalent privacy (WEP protocol), previously the standard for wireless encryption, is only useful as a means of thwarting casual eavesdropping on a wireless connection. It does not prevent the actions of a determined attacker. “It is a major misconception in wireless technology that the security battle can be won by technology alone. Even with well deployed WLAN security systems, rogue APs can compromise network security. An employee could go to a shop, buy a wireless AP, connect it under his desk and [gain access] to the company network from outside,” says Werner Heeren, regional sales and marketing director for Fluke Networks Eastern Europe and MEA. “The only remedy against this is enforcing security policies by means of periodic monitoring. Encryption and authentication are important. WPA2 is currently the best available encryption,” he adds. One organisation that is aware of the security challenges of a wireless network is the American University of Sharjah (AUS). The organisation, which deployed a wireless network 18 months ago, is using a Tipping Point (part of 3Com) solution for threat management and security. The solution is working for AUS and it is comfortable with the current level of security. Ashi Sheth, the university’s director of IT, says network security has its share of challenges and enterprises should remember the basic tenets of safe computing, such as desktop firewalls and antivirus. “Vendors are working towards deploying security features within the APs to improve end-user security. There are many enterprise APs with features such as wireless encryption technologies like WPA or IPSec. Authentication protocols such as 802.1x can also be used to verify that a user is authorised to use the wireless network,” explains Sheth. 3Com says security is a key concern for wireless networking, and in order to overcome the issue, end-users should take the path of integrated security, which provides authentication and authorisation. “Integration usually uses PEAP with 802.1x to authenticate before using the network. Authorisation is then implemented via access control lists or per user VLAN assignement,” says Khalid Khan, marketing manager for 3Com MENA. Khan says his organisation is taking wireless mobility approach with centralised wireless switch controllers managing and enforcing rules to APs. Juniper Networks says although wireless technology is an enabler, it can also introduce new security risks. These include un-authorised access and threats to data privacy. In some cases, employees may set up their own, un-authorised, wireless APs, which is an obvious security risk that may also introduce network configuration problems. However, the vendor says security risks can be managed. “In common with many perceived IT security risks, wireless security need not be a barrier to deployments, so long as the risks are understood and an effective security policy is put in place. This policy needs to include a robust, purpose-built security device at its heart,” says Penny Still, corporate communications manager for Juniper EMEA. Rifaat Al Karmi technology manager for EMW Middle East, North Africa and SW Asia, says end-users must consider the standard secure authentication framework and the AES encryption. “The IEEE 802.01x authentication should be used. Also, the AES encryption is the strongest algorithm available and supports all other algorithms for backward compatibility,” Al Karim adds. Performance is another aspect to consider when choosing a wireless LAN. There are three widely known performance standards. The 802.11b operates at 11Mb, and the 802.11g operates at 54Mb. Most commercially available APs are able to operate at both these speeds simultaneously. However, it is important to note that in both cases the bandwidth is shared equally among users. The 802.11a standard solves this problem by dedicating bandwidth to each client, although the downside is the dramatically reduced coverage range. Sheth says end-users need to understand that even though wireless has made tremendous strides and can provide consistent, stable service when configured correctly, the quality, reliability and performance of wireless network will not be identical to a wired one. “It starts with the throughput limits of 54Mbps for 802.11g wireless [networks] compared to 100Mbps duplex for wired [ones] and carries through the environmental variables such as number of wireless devices and types of traffic going through a single AP,” he adds.Dubai Municipality (DM), which is deploying Cisco Systems’ integrated wireless network suite for its head office in Deira, is comfortable with the solution’s performance. The government body says the new solution will enable it to build a scalable enterprise wireless network that addresses WLAN security, deployment, management and control issues. “Dubai Municipality is a dynamic organisation with a requirement for streamlined IT and network infrastructure solutions. The Cisco portfolio met the criterion for the wireless network at our head office. Moreover, scalability, security, manageability and control that Cisco solutions provided were unmatched,” says Abdul Hakim Malik, director of IT at Dubai Municipality. Samer Al Kharrat, general manager for Cisco Gulf region and Pakistan, says the solution will address the network performance requirements of the organisation. “We welcome the decision by Dubai Municipality to implement our solution. The relationship with Dubai Municipality forms the core of Cisco’s public sector strategy, where we assist governmental organisations to achieve their goals,” explains Al Kharrat. The most challenging aspect of an enterprise wireless network is the management of it. Unlike its wired counterpart the Ethernet switch, wireless clients have the ability to roam between different levels of a building. Furthermore, troubleshooting a wireless LAN problem using traditional network management tools can be difficult if not impossible. Many vendors have developed their own wireless LAN network management tools. However, they work well only for their own wireless products and not with third-party hardware. A web-based management application embedded in an AP may be fine for a 20-ser deployment, but managing a WLAN AP-by-AP will not work for a 200 or 2000-user wireless LAN. In addition, a wireless LAN management console should not break the IT budget. Mitel says it is a battle to agree on common standards for wireless architecture among major suppliers and early developers. It says there are more than 400 standards in development stage and it is a fight between the ‘big boys’ to protect early R&D investments and secure commercial advantages. “If not agreed on a common platform, multiple wireless standards will confuse customers, which will lead to end-users buying products that do not work well together,” says Hisham Amili general manager for Mitel Networks GCC. However, Mitel says there is a task group representing over 250 companies and 700 members developing IEEE P802.11 standards, which is focused on improving the security of management frames. “The wireless LAN world appears to have settled on a new standard. Since 2002, WLAN products are supporting 802.11g to optimise on speed, bandwidth and frequency. It is the most promising option for [end-users],” Amili adds. The AUS’ Sheth says the key to managing a network lies in the understanding of how a wireless connectivity operates. Problems arise from channel overlay or physical limitations of the area, which needs to be covered. “Constant monitoring towards building layout changes and population density cannot be solved by deploying additional APs,” he adds. IBM says a single solution is not ideal for managing a wireless network. There should be a correlation of best of breed solutions that will provide the penultimate managed environment. For example, networking vendors are now providing centralised management capabilities such as the wireless security switch, which allows an IT administrator to manage APs at the network level. “From a security [aspect], businesses can use the operating system of choice and radius technology to provide authorisation and authentication capabilities. Enterprise management solutions work well in these environments providing both the management of the devices at an alert and proactive maintenance levels,” explains Greg Kelaart-Courtney, senior infrastructure security consultant for IBM Middle East. Furthermore, although it is generally accepted that electromagnetic field (EMF) levels for wireless LAN devices are much lower than mobile phones, there is a lack of understanding of the safety of wireless LAN devices. Networking vendors believe wireless LANs operating within a specific predefined standard is totally safe. “This is an old concern since the inception of wireless networks. Since the massive deployment of 2G networks, a series of new regulations have been introduced limiting the RF output power from both fixed stations and user terminals to the absolute minimum levels sufficient to ensure acceptable performance,” explains Hamdi Breik, senior manager for mobility at Lucent Technologies MEA. “In addition, equipment enclosures are designed to ensure spurious RF radiations are kept below the standard levels so that there are no health impacts. Despite the large number of researches conducted so far, there is no evidence of any health impacts if RF output power of equipment and networks are within the adopted standard levels,” he adds. D-Link Middle East’s Sumedah Ganpate shares Breik’s sentiments. He says wi-fi indoor products do not harm human beings because the radiation level is not that high. “One of the objectives of using wireless products, which have power below 100 Mega watt (MW), is to keep the radiation level as low as possible,” Ganpate adds. Managing wireless networks may not be all that easy but the demand for such infrastructures is growing. Mitel’s Amili says there will be a huge growth in the VoIP (Voice-over-IP) market, which will accelerate the wireless and mobility applications. Enterprises cannot survive the global climate without VoIP and wireless technology is the way forward. For AUS, the benefits of a wireless network are enormous. The university now has the much needed flexibility and mobility for its growing number of students. “We have encountered some difficulties and some benefits, however, we are finally getting to a point where we are [enjoying] consistent service throughout the campus,” says Sheth. “The rewards are in the flexibility to provide additional access for our students on the campus. We are seeing a tremendous growth in the group studying mentality [because] students are able to see the same thing or research simultaneously,” he enthuses. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code