WLAN: The Next Disruptive Technology
September 17, 2002
IDC estimates that revenues from WLAN in Asia (excluding Japan) will reach US$350 million by 2005.
This is not pure hype as many vendors including Gemtek Systems Inc., a company that designs and builds wireless infrastructure for Public Access providers, have observed that "organizations all over the world are increasingly looking at implementing WLAN," says Bonnie Cheong, its vice president of communications.
"In Asia, Japan and Korea have the highest WLAN adoption rate. While Japan is often at the forefront of new technologies, Korea sees WLAN as the easiest way to bring the last mile of broadband into the home," she adds.
The benefits associated with WLAN, designed to co-exist with wired networks rather than to replace them, are abundant. One of which is it eliminates the labor costs associated with cabling and maintenance. The other is "ease of use" and it "allows users to be connected anytime and anyway ... enabling a true mobile workforce," Cheong says.
While it is a fact that WLAN adoption is on the rise, there are inhibiting factors that limit its adoption. These include "shrinking IT budgets, unfamiliarity of WLAN technology, lack of 'killer applications' and security threats, just to name a few," Cheong states.
Security threats are one of the top barriers for some corporations. As the current generation of WLANs is predominantly based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11b, the authentication mechanism is based on the knowledge of a shared pre-installed key. "Unfortunately, pre-shared authentication keys are not a robust security mechanism and are susceptible to security attacks," says Mohan Atreya, technical consultant, Systems Engineering, Developer Solutions Group, RSA Security.
He adds: "Despite that an encryption mechanism called WEP (Wired Equivalent Privacy) has been defined for use in IEEE 802.11b-enabled WLANs, the secret key used for encrypting the session can be easily retrieved by sniffing a number of encrypted packets sent over air."
Generally, WLAN, whether or not it is based on 802.11 standards, is an easier target for a hacker when compared to wired ones. Data on most handheld devices are not encrypted and information can be stolen during the transmission process.
"While buildings provide a physical first line of defense for wired networks, the signals transported by WLAN pass right through the walls and are transmitted into the public places such as the car parks or streets, making it vulnerable to attacks," Atreya comments.
To make matters worse, some organizations view WLAN as secondary to the wired LAN and therefore have not put in place the stronger security needed, he adds.
What Can Be Done
One method of securing WLAN access is to run a Virtue Private Network (VPN) application that creates an encrypted tunnel over the WLAN, Atreya suggests. "This will protect the network traffic from eavesdroppers. Unfortunately, many small, handheld computers and devices attached to WLANs are not able to function as VPN clients due usually to the non-availability of ready VPN clients on many non-standard operating systems."
Another setback of VPN is that it may lower the performance of the wireless networks. In addition, VPN requires users to manually re-authenticate and set up a new VPN tunnel every time they roam between access points. This can prove cumbersome and users may avoid and ignore the VPN policies, Atreya explains.
Under such circumstances, users may look to Encrypted File Protection, a solution that entails simple encryption process with a password, as an alternative. This is a common method used to encrypt sensitive information on corporate laptops and can be extended to handheld devices and PDAs accessing the WLANs. Another way of protecting information from being 'stolen' is not to provide sensitive information in the offline mode, Atreya advices.
But whenever possible, "companies need to put security policies in place that require road warriors to use VPN clients and two-factor authentication when connecting to enterprise network form public hotspots. Without strong authentication, there is no way to distinguish between legitimate users and intruders who have stolen their laptops or handhelds," says Atreya.
Currently, RSA Security, together with Cisco and Microsoft, are working together on the new Protected Extensible Authentication Protocol (PEAP) to tackle the roaming and authentication issues on WLAN. This protocol will enable roaming users to authenticate themselves via different mechanisms, including RSA SecurID tokens, smart cards, x.509 digital certificates and even passwords.
More insightful issues surrounding WLAN in Asia will be discussed during the 802.11 Planet Conference & Expo that will be held on October 2 and 3 at The Pan Pacific Hotel, Singapore. Go to www.jupiterevents.com/80211/singapore02/index.html for more details.