Pulling the plug on cables
Despite a number of obstacles to adoption, the wireless market is booming, writes Guy Matthews.
There has never been a more profitable time for resellers to get involved with selling wireless solutions. Wireless is an extremely difficult sell, with many buyers viewing it with a mixture of uncertainty, paranoia and downright hostility.
If you think these two statements contradict each other, you're right. But it happens that, in the wacky world of wireless networking, they are both true.
Seamus Twohig, partnership relationship director at distributor Ideal, has seen movement across the board in the wireless market.
"At the moment, there is wireless uptake in the SME and major corporate sectors," he said. "Corporates are looking at products from companies such as Cisco and Hewlett Packard, while small businesses are buying Netgear and similar solutions."
However, while most customers can see that wireless is a good thing, many feel that issues such as security and uncertainty over standards make this a bad time to take the plunge.
"People tell me that they have no plans to deploy wireless because there are just too many issues at present," explained Mark Bradshaw, EMEA vice president at Aventail, a vendor specialising in remote access and virtual private network (VPN) technology. "Many of these issues are overblown, but there's no getting away from them."
Some customers, according to Bradshaw, have a realistic view of the problems posed by wireless, but are still waiting for the right moment, like nervous divers on a high board.
"They are often simply waiting for things like the outcome of pilots, or tests on new software betas, or the right partner to integrate it all, before they commit," he claimed.
Like many, Bradshaw feels that it is down to resellers to eliminate the hurdles that are keeping so many organisations reliant on wired networks when wireless ones would be better, more flexible, easier to deploy and, in an increasing number of cases, cheaper.
Obstacle course
So what are these hurdles, and how can resellers help to remove them? Well, the biggest single barrier to more widespread wireless deployment is security.
What differentiates security from other wireless issues is that its impact is felt in the boardroom, not just the data centre, and this creates an opportunity for resellers to impress at the highest level.
David Ellis, director of e-security at Unipalm, said: "Many high-profile cases of wireless security breaches have been highlighted by the media and have then been raised in the boardroom.
"The reputations of these companies have been tarnished and their stock values have suffered in the wake of these cases."
Wireless security is clearly a sensitive subject for many organisations. "Lots of our customers have installed wireless and then taken it out again because of security," said Martin Cassidy, managing director of Bluesocket.
"Many of these companies are corporates in the financial services sector that are worried about drive-by hacking. Yet there is huge pressure within those organisations from people who want to go mobile."
There you have the paradox of wireless in a nutshell. It is desirable, yet risky. But the upside of the paradox is that, where there are security worries, there is also profit.
"For resellers, things like access points are now commodities," explained Cassidy. "Resellers must go for higher-value solutions such as a wireless gateway to handle security."
Like many, Cassidy feels that security is receding as a serious barrier to adoption. "There are a lot of corporates moving from the early phase of worrying about security to the next phase of wondering how wireless integrates with their fixed network. This is a great time for resellers to get involved," he said.
Campbell Williams, strategic marketing director at Mitel, believes that manufacturers can work with resellers to overcome security misperceptions.
"The best way for a reseller to address users' security concerns is to be well briefed by its wireless local area network [Lan] vendor partner," he said. "It must be explained that there have been plenty of real security problems in the past, but that the market has moved on."
There is also plenty that resellers can do on their own, according to Gunter Ollmann, manager of security services at vendor ISS.
"Wireless is now so easy to install that firms are afraid departments might deploy it unilaterally, creating security weaknesses through multiple access points. New laptops have wireless built into them, for example. Resellers can bring all aspects of wireless under their control and steer users away from point solutions," he said.
Advising on complete solutions
Resellers can also play a part by helping customers to devise appropriate security policies. But this needs to be an extension of mainstream security policies, claimed Bradshaw.
"It is all about ensuring that wireless is incorporated into your regular security policy. One trouble is that lots of companies do not have a security policy in the first place," he explained.
But the trouble with wireless security is that as soon as one door is closed another opens, bringing with it an entirely new threat. At the moment, this is drive-by hacking.
Recent research by RSA Security into the threat of drive-by hacking in the City of London revealed that 67 per cent of companies with wireless networks were leaking unencrypted data into the street.
RSA security expert Tim Pickard warned: "With a laptop computer and free software available from the internet, researchers were able to pick up information from firms' wireless networks while driving around London.
"There are a number of readily available tools to facilitate this type of attack, such as the AirSnort, WEPCrack and NetStumbler programs."
Security relates to another issue: authentication and encryption. In this area, too, resellers can prevent users from becoming their own worst enemies.
Kenneth Chan, product manager for portables at Toshiba, said: "It has been reported that not all organisations turn their security and authentication features on, which makes them vulnerable to attack. Hacking is only a problem when security features are not enabled."
Bob Jones, managing director of secure server appliance vendor Equiinet, echoed this sentiment. "Information in transit needs to be protected," he stated.
"But unless the implementation of authentication and VPN encryption is practically invisible, users will try to circumvent it. The trouble is that manufacturers don't help; just look at wireless Lans, where the default setting is 'encryption off'."
Next-generation technology
Resellers need to steer users towards the next generation of authentication technology, according to Graham Peat, European marketing manager at Rainbow Technologies.
The most common authentication method has been user name and password, but hackers have become all too aware of its weaknesses and stronger methods are required.
"With smartcards or two-factor authentication tokens, unauthorised users will not be able to enter the network unless they obtain the physical device and know the Pin code, significantly reducing the threat of a security breach," he said.
Competing protocols
Another common area of wireless concern is standards: 802.11a, 802.11b, Hyperlan and Bluetooth. The sheer proliferation of competing protocols is at the heart of the problem.
Tom Pattinson, business development manager at D-Link, said: "There is a whole alphabet soup of different wireless standards out there and we, by necessity, back them all."
Chan added that resellers need to help their customers understand what purpose each standard serves, and where it fits into the overall spectrum. "It needs to be remembered that Bluetooth and 802.11x are totally different technologies," he explained.
"Bluetooth is designed for short-distance, low-security, low-bandwidth tasks such as synchronisation and printing. 802.11x is designed to replace or complement wired Lan infrastructures.
"802.11b is now widely available and supported by the major players, and users are comfortable with it. 802.11a/h is the next standard, but it is at least 12 months away and vendors are working to make a/b compatible."
Campbell believes that resellers and their customers should avoid the assumption that it is important to wait for one standard to prevail before committing to it.
"Standards do not always interoperate, but there is often room for more than one," he suggested. "There's nothing wrong with choice; it's what customers want."
Niche markets
Another corporate concern connected to the wireless issue is choice of device. At its most basic, this involves resellers recommending to clients whether laptops or personal digital assistants are more appropriate. But it does get more interesting in the niche wireless markets.
Raf Jezierski, director of mobile computing at Psion Teklogix, said: "We look into why people choose particular devices for a range of specialised applications.
"Flexibility of access makes wireless suitable for a number of extreme environments. These environments tend to be limited geographically, which also suits wireless. Resellers have a role in assessing which of a wide range of devices is most suitable for these roles."
So, despite its numerous pitfalls, wireless is a true seller's market at the moment. Such are the economics of the sector that the total cost of wireless ownership is often less than that of wired networking, particularly for SMEs.
Prices are coming down which, analysts say, is making the market explode. This is good for users and good for resellers, as it gives them a much bigger market into which they can sell value-added services. A paradox it may be, but one worth embracing.
CASE STUDY: ULTIMA
"People are opening up to wireless and getting over security issues," trumpeted Andy Nabbs, managing director of Ultima. "It is easy for people simply to buy off the shelf these days. The problem is finding the right partner to implement it for you. This is basically what we do, so we are particularly busy at the moment."
Lots of Ultima's customers are SMEs, as they tend to have good reasons for wanting a network with no cabling. "They grow out of their office space quickly and regularly, some as often as every six months. They can take a wireless Lan with them," he said.
And it's not just smaller clients that are filling Ultima's order book. "Larger corporates are turning onto wireless as well," explained Nabbs. "And not always because they want to rip out cabling, the traditional reason why large companies go wireless. They can see other benefits too."
There are drawbacks still keeping many customers away from wireless. "It's not fast enough for some," said Nabbs. "But it's getting better all the time." He indicated that either HyperLAN or 802.11a will solve the speed issue for many, depending on which comes first.
Bluetooth is proving a key technology for mobile workforces, claimed Nabbs. General Packet Radio Service is also proving a cost-effective way for firms to reduce mobile costs.
HOW TO BEAT THE WIRELESS HACKERS
- When configuring the network, make sure you put wireless access points outside the perimeter firewall.
- Use media access control (MAC) address-based lists that allow only registered devices to access the network. MAC address filtering is like adding another lock to your front door, and the more obstacles you present, the more likely it is that hackers will be encouraged to move on to less secure organisations.
- Many wireless Lans have a default service set identifier (SSID) or network name. Make this an alphanumeric name. Organisations should change the SSID regularly.
- Wired Equivalent Privacy (WEP) is the standard 802.11b wireless security protocol. It is designed to provide wired-like protection by encrypting wireless data as it transmits information. Enable it and change the WEP key from the default. Make sure WEP keys are generated dynamically when a user logs on, making access to wireless data a moving target for hackers. Session-based and user-based WEP keys offer the best protection and add another layer of defence.
- If each security option is like another locked entrance which hackers must penetrate, then a VPN is a bank vault door. VPNs offer a higher level of security (Layer 3) than WEP and allow a secure end-to-end tunnel between user and network.
- Remote users of larger companies are often authenticated to use the network through a Remote Authentication Dial-In User Service (Radius) server. You can integrate wireless Lans into the existing Radius infrastructure to enable simpler management of users. It enables wireless authentication and ensures that wireless users go through the same authorisation and accounting approvals as remote users.
- Wireless security is not a separate network infrastructure that requires different procedures and protocols. Work with the user to develop a security policy that combines both wired and wireless security to produce management and cost benefits.
- While 802.11b is a standard protocol and all equipment bearing the Wi-Fi trademark will operate with the same base functionality, not all wireless equipment is equal. While Wi-Fi ensures interoperability, many manufacturers' equipment does not include enhanced security features.
- Advise the client not to allow 'Bob in marketing' to sprout a rogue network. Ensure that they have a policy that stops wireless Lans being established without formal systems administration approval and deployment, and regularly scan the network with intrusion detection tools to root out rogue networks that provide a vulnerable hacker entry point.
SOURCE: 3Com
CONTACTS
Aventail (0870) 240 4499
www.aventail.com
Unipalm (01638) 569 644
www.unipalm.co.uk
Bluesocket (020) 7015 5200
www.bluesocket.com
Mitel (01291) 430 000
www.mitel.com
Rainbow (0031) 104 908 080
www.rainbow.com
ISS (01923) 266023
www.iss.com
Toshiba (01932) 841600
www.toshiba.co.uk
Equiinet (01793) 603700
www.equiinet.com
D-Link (020) 8731 5555
www.d-link.com
Psion Teklogix (01494) 450 666
wwwww.teklogix.com