With wireless networks continuing to sprawl, the concept of end-to-end encryption to business applications via a virtual private network seems like benchmark for security but most end users are avoiding the technology.
When Shane Wharton, IT infrastructure manager at the Catholic Education Office, deployed wireless access points in 80 schools across the Sydney metropolitan area, he opted for more a more piecemeal approach to security over a blanket VPN.
"It's best practice if you have a VPN but it's more appropriate where there are thousands of potential users," Wharton told Computerworld.
"A wireless VPN is suitable everywhere, but there is effort involved to upgrade the computers and re-train staff. We want our teachers to teach, not to fiddle with VPNs."
The CEO operates a large, inter-campus wireless network and since October 2003 has purchased 3000 PCs, 24 percent of which are notebooks. All of them are without dedicated VPN clients.
"We are hiding the session IDs on the access points and using LEAP (Linux Enterprise Application Porting) to authenticate the clients," he said. "We are also inside a private network and the key changes every now and then."
Staff can get into the corporate network through Novell iChain and all traffic is encrypted and secure with SSL allowing teachers to securely access e-mail and discussion boards.
The department also has a reverse proxy outside the firewall with the Web server behind the firewall.
Wharton said if there is a definite cost benefit with implementing a wireless VPN he would go for it but there is "nothing pushing us to do it".
"One school wanted to go with a VPN but we have such a diverse group of users," he said, adding analyst firms like Gartner say using VPNs is the most secure method. "We were thinking of using a Cisco VPN concentrator and we did buy one but didn't end up implementing it."
Another technology the Catholic Education Office investigated, but didn't acquire, was tokens.
"The cost of 400 tokens would have tripled the cost of the network," he said. Since the network was deployed, each school has put in access points to increase their wireless coverage.
IDC Australia's wireless and mobility research manager Warren Chaisatien said even though wireless networks have a 30 percent penetration level in the business market, it's estimated that fewer than half use use VPNs.
"Most applications tend to be horizontal - like e-mail and calendaring - but with applications like sales force automation getting deeper into mobility, VPNs will come into play more significantly," Chaisatien said, adding there are other options to provide security.