Cracks in the Armor

By Ed Sutherland

March 04, 2004

UPDATE: The need for eventual re-testing for interoperability of Wi-Fi products has started some analysts and vendors questioning the need for a Wi-Fi Certified seal of approval.

Thousands of Wi-Fi products already approved by the vendor-backed Wi-Fi Alliance face re-testing as the wireless industry makes another push at convincing enterprises WLANs can indeed be secure.

In a move meant to ease enterprise concerns over security, the Wi-Fi Alliance has begun requiring products certify their use of Wireless Protected Access (WPA) in order to gain the 'Wi-Fi Certified' logo. Previously, certification was limited to testing of interoperability between published IEEE 802.11 standards. The rule change applies both to new applicants and products already on the shelf.

"The Wi-Fi Alliance has taken the proactive move of requiring WPA for all Wi-Fi certifications awarded since September 2003," according to the group's Feb. 3 statement.

"Yes, it will require retesting," says Alliance spokesperson Brian Grimm. In January, the group said more than 1,000 wireless products from over 120 vendors had received Wi-Fi certification since 2000. Yet only a fraction of those numbers are WPA certified: 175 gadgets from 40 manufacturers.

The Wi-Fi Alliance calls its WPA a 'snapshot' of 802.11i, a security standard the IEEE expects to approve in the second half of 2004. Chances are they'll call the final 11i by the moniker WPA2.

Although many existing Wi-Fi products support WPA, "our experience has shown that interoperability between vendors is compromised unless it is certified," says Grimm.

"I'm sure that manufacturers will balk at having to recertify products," says In-Stat/MDR analyst Allen Nogee. "Many feel that it just isn't worth it."

The "process must be quick, because it's a fast-moving market and companies won't want to hold up releasing products if it can't happen quickly," says Jupiter Research analyst Julie Ask.

While many big names -- including Cisco , Intel and Microsoft -- were on the list of WPA-approved companies, several familiar vendors were absent.

For example, Irvine, Calif.-based network hardware vendor SMC Networks won't stop shipping its Wi-Fi products while it awaits new Wi-Fi certification, according to Betty Chan, Product Marketing Manager.

Although SMC plans to obtain certification for Wi-Fi products bound for enterprise customers, the vendor questions the need for all wireless networking devices to be display the Wi-Fi certification logo.

The reason SMC is not listed as having WPA certification "is because not all of our products are Wi-Fi certified by the Wi-Fi Alliance," says SMC spokesperson Kimberly Maxwell. Even though they're not certified, the products support WPA and are IEEE 802.11 compliant.

"We don't send all of our products for Wi-Fi certification," says Betty Chan, product marketing manager for SMC. She says that while certification "is certainly nice, I don't think it is the only way" to ensure compatibility with other wireless products.

SMC products are all standards-based and undergo in-house testing for interoperability, says Chan.

Another vendor missing from the list of companies with WPA-certified include hardware vendor Belkin .

"We will be re-certifying our products in the near future," says Belkin spokesperson Melody Chalaban.

D-Link has certified its latest 108Mbps 802.11g products and will apply for WPA certification as other devices are updated.

So the issues with interoperability testing boil down to two issues. The first is clout. Both Nogee and Ask question whether the Wi-Fi Alliance can force recertification, and even more importantly, does it really help vendors sell products?

"I would question how much clout 'Wi-Fi Certification' really holds," says Nogee.

The second issue is the necessity of testing: Ask points out the dichotomy of the IEET 802.11 standards: although "these products claim to be standards compliant they still must be tested for interoperability," says Ask. "Can enterprises or consumers differentiate between vendors just stating that their products are WPA/802.11i compliant and the Alliance certifying that?

"Will they care?"

[An early published version of this article listed D-Link as not resubmitting their products, but D-Link tells Wi-Fi Planet it is resubmitting products for WPA Certification.]



Comment and Contribute
(Maximum characters: 1200). You have
characters left.