Increase Revenues By Securing WLANs

When WLAN solutions were introduced several years ago, many VARs were uncomfortable proposing them to their customers because of security concerns. In many cases, the WEP (wired equivalent privacy) security mechanism used for 802.11 did not meet the needs of enterprise wireless IT managers. VARs that did try to sell WLANs were often fighting an uphill battle trying to overcome their customers’ security-related objections. As a result, many VARs were hesitant to include WLAN solutions in their line cards.

All that has changed. Today’s WLAN security is significantly more robust than earlier systems. WLANs are fast and secure, and they are as robust as wired LANs when implemented correctly. If you’ve been waiting to add WLAN solutions to your product line, now is the time.

Improved WLAN Security Drives Increased Demand
The security issues that plagued WLANs in the past have been addressed by IEEE (Institute of Electrical and Electronics Engineers) and the Wi-Fi Alliance in the form of WPA (Wi-Fi Protected Access) and WPA2 (Wi-Fi Protected Access 2) standards. Introduced in 2002, WPA improved over the previous WEP protocol by adding two new security measures.

The first security measure added was TKIP (temporal key integrity protocol). Data sent over wireless networks had always been encrypted, but sharing the keys that encrypted the information had been a problem. TKIP scrambles the keys using what is called a hashing algorithm and ensures the keys haven’t been tampered with.

The other security improvement WPA added was a way to authenticate users trying to log on to a network. The EAP (extensible authentication protocol) replaced access restrictions based on the older MAC (medium access control) address with one built on a more secure public key encryption system.

The newest standard, WPA2, advances this security standard another level. WPA2 includes AES (advanced encryption standard), which supports 128-, 192-, and 256-bit keys; EAP; and RADIUS (remote authentication dial-in user service). Products that are able to pass the IEEE’s 802.11i security standard with WPA2 have been on the market now for almost 18 months and have proven themselves reliable and robust.

Because of the improvements in security, VARs are seeing an increased interest in WLANs from their customers. Dedicated RADIUS boxes are being developed that simplify the process of deploying 802.1x for larger networks. “We are even seeing access points and wireless routers incorporating built-in RADIUS servers,” observes Shawn Rogers, professional wireless product manager for ZyXEL Communications, Inc. “These products allow small businesses to implement full WPA2-compliant 802.1x authentication without the need to buy dedicated RADIUS solutions. VARs can now approach small businesses [fewer than 50 employees] with secure WLANs that are inexpensive and easy to deploy.”

One hot market for WLANs is the medical field. With the adoption of enterprise-level WPA2 security, more medical organizations (i.e. hospitals, doctors’ offices, and health clinics) are looking to deploy WLANs. “The 802.1x authentication and AES encryption are allowing medical professions to deploy WLANs while also maintaining government-required patient data security,” says Rogers. Vendors are developing software solutions that run on inexpensive PDAs connected to a WLAN in an effort to simplify the lives of doctors and other medical personnel.

WLAN Education, Management Key To Customers
Most customers are looking for WLAN features that allow them to have better visibility into the use of their wireless network. “Users want audit features included in their WLAN so they can track access, usage, location, and bandwidth on a per-user basis,” details Rocky Rosas, technical marketing engineer at D-Link. There is also growing interest in QoS (quality of service) and bandwidth management features for the wireless network.

While this interest in simplified management and security of WLANs is not new in the enterprise space, it is becoming more apparent in the SMB market. SMBs want to manage their WLAN networks as single systems or single entities versus multiple disparate wireless microcells. A centralized view or point of management to administer the WLAN infrastructure makes it easier on resource-strapped SMBs. Securing these single-system WLANs is also more effective because end users can deploy centralized and consistent policy and authorization management across their companies.

Efforts to help simplify WLAN management vary from dedicated WLAN switches that use “dumb” access points to those using “smart” access points. Dumb access points act only as radios and have all the normal access point functions performed by a central box. On the other hand, smart access points talk to each other to pass along configuration changes and automatically manage user load and radio frequency use. These features and others will be particularly important to emerging applications such as voice over WLANs.

To sell WLAN implementations, VARs should focus on educating potential customers. To make an effective pitch, VARs need to understand exactly what a prospective customer knows and doesn’t know. Going through a brief Q&A session is a good way to find out what the prospect knows. Prime candidates for education include end users who claim they don’t have a wireless policy or state they are using basic solutions such as WEP with 128-bit encryption.

Educating customers could be as simple as providing them with industry research. Another powerful approach is actually showing them how easy it is for someone to access their internal communications if they don’t have their WLAN properly secured. “By equipping a wirelessly enabled laptop with snooper software such as AirSnort, VARs can demonstrate how unauthorized users detect access points and attempt to access a wireless network,” suggests Rogers.

Profit From Confidence In WLAN Security
WLAN solutions are not just opportunities for wireless networking VARs. “VARs that specialize in cabling installations, security and surveillance systems, point of sale solutions, and audio/video can all benefit by adding WLAN security products to their portfolios,” states D-Link’s Rosas.

Most of what VARs need to know about WLANs is the same as for wired LANs. The only differences are security – because you no longer need a physical link to the network to access it – and radio frequency behavior. By following the 802.1x standards and WPA and WPA2 protocols set forth by IEEE and the Wi-Fi Alliance, VARs can address the security aspect. VARs need to be comfortable with the basics of conducting a site survey, common forms of interference, and how to use the available channels properly. “VARs that want to learn more should look to their vendors and distributors for additional information,” recommends ZyXEL’s Rogers.

Finally, VARs should be aware of the pending 802.11n standard for WLAN. Until the standard is complete, WLAN deployment of higher performing smart antenna technology will be limited. Once the standard is established, more businesses will feel confident in investing in the newer WLAN technology. (For more information on 802.11n, go to www.ieee.org.)