Smart companies will move to next-generation 802.11a and wireless switch gear that increases data speeds, hardens security and improves manageability.
Commentary: Wi-Fi questions and answers
By Forrester Research
Special to CNET News.com
March 28, 2003, 12:15PM PT
By Maribel L. Dolinov, Principal Analyst
Despite very soft return on investment, companies probably can't avoid installing wireless LANs. Smart companies will get ahead of the problem with next-generation 802.11a and wireless switch gear that increases data speeds, hardens security and improves manageability.
Wireless LANs are showing up everywhere--in the home, the office, and "hot spots" such as Starbucks cafes and airport departure lounges. Although the technology looks promising, the alphabet soup surrounding 802.11--and real security concerns--have left IT executives confused. CIOs want to know:
Should I implement a wireless LAN?
Yes--even considering relatively lightweight returns. Why? Because Wi-Fi is like the Web server was in 1995: cheap and easy to install. Already, companies without official Wi-Fi investments are overrun with Wi-Fi gear purchased and configured by employees, opening up real security and network management challenges. Instead of fighting a losing battle, companies should start IT-led wireless LAN (WLAN) installations and encourage users to turn in small office/home office devices for corporate-grade gear. And companies that do won't be alone: Almost a quarter of companies are now installing WLANs.
Which wireless LAN standard--802.11a, b or g--should I use?
Forrester believes that companies should implement 802.11a because it bolsters capacity to 54 megabits per second, offers eight channels instead of three, and reduces interference by using the 5.8GHz instead of the 2.4 GHz spectrum. Although 802.11g offers high speed with backward compatibility, using the 2.4GHz band does nothing to fix interference, and the gear isn't yet standardized. Companies with large, in-place 802.11b networks should issue dual-radio cards to their users and run a mixed 802.11a/b environment until they can replace access points.
Can companies implement a wireless LAN securely?
Absolutely. First, companies need to hunt down rogue, insecure access points using monitoring solutions from companies like AirDefense or Fluke Networks. Second, administrators should turn off the beacons that create security holes. Stopping the broadcast of the service set
Waiting to deliver faster
wireless gear puts a dent
in market share gains.
identifier (SSID) would help this point. Third, companies can sidestep security issues with the Wired Equivalent Privacy (WEP) protocol in the short run by implementing access points outside the firewall with VPNs to provide strong authentication and encryption. Finally, businesses with hypersensitive security needs, such as financial companies and government agencies, should work with wireless LAN security specialists like Bluesocket and Cranite Systems until next-generation security like 802.11i with Advanced Encryption Standard gets baked into products in late 2004.
How do I improve wireless LAN manageability?
With first-generation gear, every access point has to be implemented, monitored and managed separately. It's easy with a few access points, but management costs grow linearly when dozens or hundreds of access points need to be updated. New WLAN switches from companies like Aruba Wireless Networks and Trapeze Networks will improve manageability by automating calculations for access point placement and centralizing intelligence into a single--or handful--of switches. And companies like Vivato can help radically reduce the number of access points required. Moreover, many of these next-generation solutions can enhance security by identifying and disabling rogue access points.
Should I subscribe to a monthly hot-spot plan?
For most people, the answer is not yet--but soon. Today's wireless Internet service providers, such as T-Mobile and Wayport, offer spotty coverage at high prices. Within two years, prices will fall, roaming agreements will improve coverage, and operators will bundle Wi-Fi with their existing VPN and cellular offerings. Instead of paying $30 a month per user for hot-spot access from T-Mobile, a company will be able to add Wi-Fi access to its AT&T remote access service for $5 per month.