Vernier Networks' Strange Convergence
April 22, 2003
An ISP's enterprise wireless customers will demand security. Vernier Networks hopes to provide the security for enterprises, and airports, and all the spaces in between.
Most service providers probably don't share Doug Klein's vision of the wired world circa 2010. The chief technology officer of Vernier Networks expects that all computer users will be wireless, data networks will have borrowed a page from cell phone companies to run customer premise access nodes, and Vernier's technology will be the foundation of this new world order as a dominant security architecture.
So far, two-year-old Vernier has been able to sell this vision to financial backers, who invested about $35 million into the venture -- most of it during the telecom drought of last year. While scathed by telecom, investors were excited about Vernier's vision of the wired world becoming unwired.
In a nutshell, Vernier expects that ten years from now, most companies ride a wireless wide-area network across office buildings and throughout the nation, allowing the ranks of consumer Internet users tapping into wireless POPs at home to grow exponentially.
To meet the demand for wireless access, enterprise IT departments and service providers will have to guarantee security and proactively manage access profiles of network users. Vernier makes equipment designed to do just that, and investor optimism is rooted in the belief that today's average $100,000 Vernier installation will, in the future, become a more ambitious $1,000,000 installation.
"In a strange way, the convergence that we have been talking about for the last 10 years is happening, but it is happening because of this funny thing called 802.11," said Klein.
Wi-Fi entered most enterprises when individual employees felt the urge to roam and did so, authorized or not, by installing 802.11 antennas in their offices. However, this ad hoc deployment stage is giving way to what Klien called an "acceptance phase." Now that most Wi-Fi deployments have become too big to ignore, IT departments have to get involved to manage them and mitigate possible risks.
"IT organizations have to get security under control," said Klein.
Wireless security is Vernier's core competence. Klein and his partners started the company as an experiment in policy management in the wireless space. They argue that most wireline security concepts are based on various notions of who has access to the cable going into the jack in the wall. The game is played differently in the wireless world, where users get access to services and pieces of the network based on their profile.
Vernier's line of products, which now includes an edge device, access manager, and a centralized policy management unit, is ideal for the management of access policies distributed across multiple POPs. An added benefit for wireless operators is Vernier's products' power-over-Ethernet capabilities, uniquely important for Wi-Fi industry since wireless POPs are typically most suited for locations where there are no power outlets, like cellular towers. While the technology is available from other vendors like Cisco, Vernier execs argue their PoE solution is standards-based.
Analysts are not entirely buying Vernier's story, arguing that none of its competitors are trying to sell similar products to the carrier and ISP market -- and that Vernier's security pitch is becoming less significant as wireless security standards like WPA become more robust.
"A Vernier box is an overkill for most ISPs, and WPA will take a lot of security features away from Vernier by making them commonplace," said Mike Disabato, an analyst with The Burton Group.
Some who have just deployed Vernier say the box is worth a look just based on its scalability and robustness. For instance, Vernier is the solution behind a new free wireless access zone in downtown Long Beach, New York, which is expecting crowds of up to 200,000.
"The wireless network is covering a four block area and airport," said Bruce Mayers, director of IT for the City of Long Beach. "Vernier's great advantage is that the system is very powerful."
Other users of the platform suggest that even with better security standards just around the corner, a lot of Vernier functionality won't be replicated by other vendors any time soon just because the specifications have been hammered out.
"There are two types of wireless security: I need to encrypt the data and I need to protect the network," said Andrew Kemmetmueller, product manager for wireless applications at ARINC, a global aviation communications contractor. "I need to make sure I can prevent Max from ISP-Planet coming to the airport and sniffing out the network of a major airline, and standards-based security can't guarantee that."
Vernier technology, however, offers exactly that level of protection. ARINC is installing the system in three major airports over summer, part of airlines' plan to use Wi-Fi for new wireless applications. Vernier-based Wi-Fi networks seem to promise secure airline traffic going over the same network as the public traffic of travelers who are using the network as a hotspot.
ARINC's story puts Vernier's ISP pitch in perspective -- after all, ISPs running wireless POPs or extending their access portfolio with wireless access options would be expected to provide some degree of security and QoS, especially if business customers are a target audience. However, analysts like Disabato believe ISPs can get into Wi-Fi by buying more basic equipment than Vernier's, enhanced with less expensive WPA-based security features.
"Mid-span devices seem like a much less expensive solution for ISPs," said Disabato.Reprinted from ISP-Planet.
Are you concerned about security for your mobile users? Join us at the 802.11 Planet Conference & Expo, June 25 - 27, 2003 at the World Trade Center Boston in Boston, MA. Vernier Networks will be on hand at the show as an exhibitor, plus as speaker on our panel WLAN Management: Taming the Unwired Beast.