Government by the Wireless, For the Wireless
March 29, 2005
Policy enforcement may be the number one deterrent for many agencies that have yet to embrace Wi-Fi, but one government-specific integrator says it has solved that problem by bringing together the vendors those agencies need to be mobile and secure.
Government has long been a quagmire for Wi-Fi. Many government departments and agencies do use Wi-Fi, but many more don't, either because it's against policy, because there is no policy and they've heard security horror stories about Wi-Fi, because the policy is poorly understood, or because it's too difficult to meet policy requirements.
Where policies are absent, poorly understood or unenforced, individual users and work groups too often go ahead and implement Wi-Fi themselves. It's a security disaster in the making, says Brad Mack, vice president of iGov, a systems and network integrator serving government and military customers since 1996.
iGov hopes to resolve the problems with wireless policies with the launch of its iSolutions for Wireless, an offering that the company says will allow it to quickly and easily implement Wi-Fi systems that are compliant with even the strictest government requirements.
"The big differentiator is that this truly is a complete solution -- nothing has been overlooked," says Mack. "Many companies have a partial solution, and others aren't compliant with all government policies, regulations and guidelines. Ours is complete and compliant."
The iSolutions initiative was a response to rising demand in government for Wi-Fi networks, but it is also now helping drive that demand, he says.
"I've been doing this for 15 years," Mack says, "and I don't remember the interest being this high before. Now that they know the [security] products are available, they're coming out of the woodwork. I know of 35 different unrelated wireless opportunities in our pipeline. We should close half of them. The total dollar amount looks to be in the $15 million range."
Part of the pent-up demand is due to a growing realization in government that restrictions on the use of Wi-Fi are robbing it of vital productivity benefits. Some departments, for example, turn off the radios in their employees' Centrino laptops because they don't know how to deal with the security issues.
"So now you've got mobile workers out in the field who can't connect," Mack notes. "On any given day, the army, for example, has 20,000 to 30,000 mobile workers. They want to use this technology. It's just a question of figuring out how to comply with policies."
The missed benefits go well beyond lost productivity for mobile workers, though. The army, even though it has had a draft Wi-Fi policy in place since 2002 and finalized it last summer, is one department that has been tangled in red tape and moving painfully slowly on Wi-Fi applications. Some of them are mission-critical.One army initiative with iGov would see combat brigades in the field use Wi-Fi instead of Cat-5 Ethernet cabling for networks that must be set up and taken down as the army moves. The wired networks currently can take as long as 72 hours to set up, and the cabling must often be abandoned. "With wireless," Mack notes, "they could start sending as soon as they turn on their laptops."
To help break the Wi-Fi policy bottleneck, iGov is partnering with ten "best-of-breed" suppliers of network and security technology. They include Aruba Networks for core network infrastructure, Cranite Systems for firewalls that comply with the strict FIPS (Federal Information Processing Standards) 140-2 encryption standard, AirMagnet for intrusion detection technology, Senforce for endpoint security, and so on.
The McLean, Va.-based company brought all the partners together in one place and got them to agree to an unprecedented sharing of resources. "That's the key right there," Mack says. "To get all these companies to agree to sell together and market together. We haven't seen that in past." Many of the partners were already working with iGov, in some cases for years, but the new agreements ensure the integrator has access to additional marketing and technology resources.
With the iSolutions imitative, iGov is also building on its already considerable experience with Wi-Fi. It has dozens of implementations under its belt, Mack says. Among the biggest is one at West Point, begun in 2001, that now supports 4,500 users. That experience is a vital ingredient in the iSolutions offering, he says.
"It's really fairly easy to install a Wi-Fi network, but as these networks scale up, as they must, to meet strict security guidelines, and as you want to extend their reach over a metropolitan area while still defending all the endpoints, that's where the complexities come in," Mack says. "That's where you had better know what you're doing."
Protection of mobile endpoints is a major priority, in fact. Mack likes to tell the story of an army employee who opened his laptop in Dallas-Fort Worth Airport and logged on to a T-Mobile Wi-Fi hotspot, not realizing that a hacker was in the departure lounge monitoring traffic to and from the local access point. It could have been worse. Luckily, the man was off-duty and not sending sensitive information—but he did go to an e-commerce site and buy something using a credit card.
"That was his first mistake," Mack says. "He puts in his credentials and they go out over the network in the clear. Basically, you've got an attacker rooting around inside your personal data. Without at least VPN (Virtual Private Network) protection, that guy is dead in the water."
With the range of solutions and technologies at its disposal from the iSolutions partners, iGov can design and implement networks to meet any "protection profile." Every department or agency has a different set of requirements, dictated by the type of information they need to transmit over the network, and the scope of the network, Mack explains. If the protection profile calls for intrusion detection, for example, iGov can build a network around that requirement.
"It'll be a complete solution, it will be in conformance with the protection profile—and it will also be something we're very experienced at doing," he says.
At the end of the day, iSolutions for Wireless is as much about branding as anything else. Not much is new here. Still, if it helps convince government departments that Wi-Fi isn't necessarily a huge security risk and that they can safely reap some of its benefits, it will have served a useful purpose.