Wireless Networking Looks Attractive, but....

SAN MATEO (05/23/2000) - I was wondering if you are planning to review and test the features, reliability, and the security of wireless LANs based on the 802.11b standard. We're considering purchasing such a network for a new office.

The features and advantages would be a great asset vs. hard-wired network drops, but I'm concerned that someone could stand outside our building and get on our network.

Brian Stowe, SiteLite

Lori: With the rise of wireless technology and employees demanding greater mobility, you can't ignore looking into wireless networking. Security issues are always a big concern as well. It seems that every day we hear a report of hackers breaking into systems and of mischievous virus spreaders. It's enough to make all of us nervous about our data.

The Wired Equivalent Privacy option to the IEEE 802.11 standard is the first step in addressing user security issues. The goal of 802.11 is to provide wireless connectivity for fixed and portable units within a local area and to let regulatory bodies standardize access on one or more frequency bands. For customers, the benefit will be a standard that will allow interoperability among products from multiple vendors.

Manufacturers are just now supporting one of the standard's most important elements: 128-bit key lengths. Longer key lengths will eventually provide security that will stay ahead of the computing power required to break codes.

Authentication has improved through the use of x.509 certificates, and authentication systems are more tightly integrated. We've also seen better management capabilities of wireless access points.

Several companies are addressing wireless networking and security: Try RSA Security Inc., at www.rsa.com, or VeriSign Inc., with its Wireless Server ID product, at www.verisign.com. Another security provider is Certicom Corp., which uses ECC (elliptic curve cryptography) solutions for wireless and mobile computing. That Web site, at www.certicom.com, includes much useful data. For articles on this subject, I refer you to the Test Center Analyses, which focus on wireless technology (see "Mobile IP will fuel mobile computing boom" and "Getting around to wireless networking," www.infoworld.com/printlinks).

Brooks: The 802.11 standard is one of those frustrating bits of information technology that is close to being right but not quite there yet, at least as it is deployed today. But if you can get by with the rough edges, 802.11 can be a tremendous boon, allowing users to easily carry live network connections to meetings, the lunchroom, and, yes, the picnic tables out in the sun.

Most 802.11 products implement a simple zone method of security: If you know the zone name, you're on the network. That's kind of ironic when coupled with the spread spectrum implementations of 802.11, which promise a high level of security by making it difficult to intercept the radio signals that make up the network. What that gives you is a radio signal which is very secure and a network that isn't.

Still, it's not all that bad. Just getting on the 802.11 network doesn't necessarily give someone access to your files, and, especially with spread-spectrum versions of 802.11, it's very hard for an outsider to watch the data going across the wireless network. And I'm not sure it's worth worrying about unless you're in a very high-security environment, such as a financial institution.

As long as you have good security on your internal network (people aren't sharing folders off of Windows 9x machines, and so on), it's probably not a great concern. If you are in one of the massively secure industries, though, 802.11 probably isn't for you yet.

InfoWorld has not done a comparison of the various 802.11 solutions on the market, probably in part because they tend to be very similar. About the only differentiating factor is the 11Mbps speed that some of the solutions are capable of running at; the strict 802.11 specification is for 1Mbps and 2Mbps.

Aironet Inc. (www.aironet.com) and Lucent Technologies Inc. (www.lucent.com) both offer the higher speed. Of course, like anything in life there's a trade-off: In this case it's between the higher speed and the link's effective range.

Brooks Talley is senior business and technology architect for InfoWorld.com.

Lori Mitchell is a senior analyst in the Test Center. Send your questions for them to testcenter_rx@infoworld.com.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AironetCerticomIEEELucentLucent TechnologiesRSA, The Security Division of EMCVeriSign Australia

Show Comments