802.11 wireless LANs

Wireless networks based on the 802.11 standard, also known as Wi-Fi, were all the rage last year and promise to be even more popular in 2002, as the growing use of Pocket PCs and other handheld devices in the enterprise make the cost and productivity advantages of wireless networks more compelling. Furthermore, new standards on the horizon will resolve security concerns and interoperability issues that currently hinder deployment.

Determining which flavour of 802.11 to implement isn’t easy. The 802.11b standard that provides 11Mbps throughput has been the wireless standard to date. But in the first few months of 2002, a slew of products supporting the 802.11a standard will come to market. An 802.11a network operates at a different frequency than 802.11b and can provide throughput as fast as 54Mbps. The latest IEEE wireless LAN standard, 802.11g, operates in the same frequency as 802.11b, so 802.11b and 802.11g products should be interoperable. Additionally, 802.11g provides throughput as fast as 22Mbps.

The security issues with WEP (Wired Equivalent Privacy), the security mechanism currently used in the 802.11 standard, have been well-publicized. The 802.11 standard that defines WEP specifies a 40-bit key, which is easy to crack with today’s computing power. As a result, a number of wireless vendors, such as Orinoco, have developed proprietary solutions using 128-bit encryption, but these solutions are not interoperable. The IEEE is developing a non-proprietary 128-bit encryption solution, called ESN (Enhanced Security Network), which will support the new AES (Advanced Encryption Standard) encryption algorithm.

One of the bigger security issues with 802.11 networks is the need for a static encryption key. With current deployments, it is not feasible to manually change the encryption key on all access points and wireless cards every hour. To get around this problem, the IEEE has developed the 802.1x standard, an authentication framework for all 802-based LANs that will provide centralized user authentication and automated key distribution. Vendors such as Cisco Systems Inc., Lucent Technologies Inc., and Agere Systems Inc. already support the draft 802.1x standard or have developed proprietary solutions with similar functionality.

Both bandwidth and security shortcomings have led early adopters of wireless networks to choose such proprietary solutions. Emerging standards will overcome these shortcomings without locking you into using components from one vendor.

Technology Analyst Mandy Andress (mandy_andress@infoworld.com) covers security and networking for the InfoWorld Test Center.