Laptops on the loose

Wireless networks were supposed to be the next big thing for at least five years before they actually arrived. Early versions worked, but with only 1Mbps transfer rates you couldn't really use them in production environments. About the same time as wireless emerged, Ethernet ratcheted up to 100Mbps and moved from hubs to switches. That made wireless look even lamer.

But we all know about Moore's law, and it applied itself to wireless just like the rest of technology. Soon enough the infant wireless became a very usable 11Mbps network, ratified as standard 802.11b, which was only slow in comparison to the newer 100BaseT wired networks. Indeed, you had to remind yourself that 10Mbps was the speed you had been working at with wired networks for many years, and this new wireless thing was already ahead by a smidgen.

Not content with 11Mbps the wireless techies soon figured out how to slice and dice the airwaves to give devices full duplex access, much like a wired switch, and the speed on offer became 22Mbps. The gotcha was that the vendors had forgotten to agree on just how each of them would achieve this speed, so you often found incompatibilities between different gadgets. When that happened everything dropped back to 11Mbps.

Once the vendors sat down and agreed on standards again, they soon came up with 802.11g which gets along at 54Mbps. That was quick enough for most people not to notice the difference between wired and wireless for every-day business use. Now there's a new trick being promoted that lets devices steal two 54Mbps channels offering 108Mbps throughput. That's fast enough for most anybody with a portable device.

In the beginning wireless security was a definite oxymoron. But once the stuff moved out of the labs and universities and into corporate arenas, the security got fixed and encryption systems on wireless links soared to virtually uncrackable 128-bit levels. By the middle of this year standard 802.11i should be ratified which directly addresses security, and is expected to satisfy the most demanding corporate and government users.

Virtually every new laptop computer is shipping with wireless technology built-in, and most PDAs either include it or offer it as a low-cost add-on. Corporate IT managers have just had to grin and bear it, and find ways to make it happen with as little pain as possible. Nearly every business that can make use of wireless is already doing it, or is planning to do it real soon now.

"Wireless has come a long way in a relatively short period of time," says Paul Gilbert, network consultant at 3Com Australia. "We are now at the stage where a correctly deployed and secure wireless network can meet today's business needs.

"Wireless in the enterprise is definitely headed out of its infancy, with the key supporter of this claim being the dramatic increase in sales over the past 12 months," Gilbert says.

"The main contributing factors to this are the ease of deployment, increased bandwidth with .11g standard and, of course, security. Enterprise managers can finally be confident that their wireless networks are secure."

The spanner in the wireless works is not being thrown by the IT department, but is coming at you directly from cafes and airports across the country. Wireless hotspots are growing even faster than internal access points, as every business that caters to road warriors with their PDAs and laptops, looks for an angle that will see them chosen for the next coffee, cake or airline ticket. By their very nature, wireless hotspots can't be very secure. If they were, you wouldn't be able to connect to them before your coffee went cold.

This ad hoc wireless mode of operation can be very convenient, and it can also save a fortune at business conferences. Rather than forking out for masses of wire that will be ripped out immediately after the event, a wireless access point with very low security can be quickly deployed. Most attendees will already have wireless-enabled devices and you can keep a small stash of wireless cards to loan to those with older technology.

But ad hoc wireless mode is shunned by most corporate IT managers for good reasons. Apart from allowing your notebook to connect to any access point it can find, ad hoc mode also allows your notebook to connect to any other device with a wireless signal, even if there aren't any access points to be found nearby. Even if you survive the low security at the cafe without being compromised, the danger lies in not switching back to secure mode when you've finished your latte.

"It's certainly a danger if someone is using ad hoc networking at home or in the cafe and doesn't switch it off when they go into the corporate or business environment," says Ross Chiswell, CEO of specialist wireless distributor Integrity Data Systems. "Ad hoc mode in wireless is set up to make things easy, but at the same time it is introducing a whole new level of risk. The issue is the management of the environment to protect users from themselves."

And that means a level of knowledge about security that many users might not have, or think they should have. "Without the correctly configured personal firewall, then you are wide open," says Chiswell. "Ad hoc wireless networking sets your machine up to talk to anyone who lines themselves up with you. That means the system's security comes down to that machine's profile."

Chiswell says the introduction of wireless-aware technology, such as Intel's Centrino chips and Microsoft Windows XP, has changed the rules for wireless networks. "There's a big difference from before, when you had to actively scan the airwaves to find a wireless network," he says.

"Today, Windows XP is set up to go and find wireless environments and bring them to your attention. It'll find any network that's within wireless reach. If you don't know what you're doing, XP can sit there and start broadcasting. It doesn't involve a conscious decision on your part."

For that reason, enterprise network managers are installing devices that actively scan for any laptop that has entered their zone of influence with ad hoc mode still enabled. The risk of a security breach is increased if that laptop is connected to a wired network, while its wireless side is still being promiscuous and having a conversation with the PDA in the next office.

"The most important wireless products today are not the quick and easy access devices, but the systems that can effectively manage the wireless resource," Chiswell says.

Products such as Integrity Data Systems' AirMagnet Distributed place a sensor on your network to alerts you to any security profile breaches, then triangulate its location so you can find the unit that is breaching the security policy. This management tool also identifies a range of conditions including intrusion detection, denial of services attacks, network congestion and performance.

Like many other new technologies, what started out as a simple easy way to get connected, has evolved into a high-performance, securely managed, enterprise resource. Wireless is definitely here to stay, but ad hoc wireless may soon be forced to give way to a more secure offering that lets enterprise network managers sleep without nightmares until the back-room boffins release their next amazing new technology.

Vendors

3Com - http://www.3com.com.au

Belkin - http://www.belkin.com.au

Cisco - http://www.cisco.com.au

D-Link - http://www.dlink.com.au

Linksys - http://www.linksys.com

Netcomm - http://www.netcomm.com.au

Netgear - http://www.netgear.com.au

The wireless network industry Wi-Fi Alliance -- http://www.weca.net

Wireless LAN Association -- http://www.wlana.org

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about 3Com AustraliaAirMagnetBelkin AustraliaDlinkD-LinkIntegrity Data SystemsIntelLinksysMicrosoftNetCommNetgear AustraliaYATES

Show Comments
[]