Securing the WLAN

Symbol, 3Com boost wireless LANs with added security.

Optimism is growing around WLANs now that vendors have started addressing the technologys major shortcomings–security, throughput and cost.

Two makers of wireless LAN gear, Symbol Technologies Inc. and 3Com Corp., each unveiled last week products at the NetWorld+Interop show here that they said will solve authentication and other security problems associated with the 802.11b WLAN protocol.

In addition, they said the products will give users greater flexibility and give WLANs in general the boost they need to gain wider acceptance.

Researchers have identified numerous attacks that enable unauthorized users to gain access into WLANs, not only to eavesdrop on traffic but also to inject false traffic. But the main problem of 802.11b has centered on the weak authentication required by the specification. All users on a given wireless network are required to use the same encryption key for authentication, and there is no requirement for how often the key must be changed.

Symbol, of Holtsville, N.Y., is tackling this problem by adding the Kerberos authentication protocol to the new security system that will ship with upcoming versions of its Spectrum24 LANs.

Using this protocol, which is widely deployed in wired networks, Symbols LAN will push new keys to each user at the beginning of every session–and can be modified to deliver new keys as often as the user wants during sessions.

However, some users say that while they welcome the much-needed security advancements, proprietary technologies such as Symbols can create other problems.

"Even with a standardized back end, I want client independence," said Kevin Wilson, a workstation analyst at Duke Energy Corp., in Charlotte, N.C., and a user of WLAN products. "The proprietary technologies are good, but since all of the vendors have their own, youre locked into a client, which limits what you can do."

Kerberos, the security technology chosen by the International Electrical and Electronics Engineering task force working to revise the 802.11b security standard, also will enable users to roam securely between access points on a wireless network, something thats not possible now.

The first products with Symbols new security technology are slated to ship in July.

For its part, 3Com, of Santa Clara, Calif., later this month will begin shipping its new access points with its Dynamic Security Link technology. Like Symbols Kerberos-based technology, 3Coms new access points will deliver fresh 128-bit keys at the start of each session.

In addition to security, the spread of 802.11b WLANs has been slowed by concerns over throughput and price. Texas Instruments Inc., of Dallas, is addressing both issues by pushing a higher-speed version of 802.11 technology and vowing to crank up production of WLAN chip sets to push down costs.

TIs Wireless Networking Business Unit is using technology gained when the company acquired Alantro Communications Inc. late last year to boost WLAN speeds from 11M bps to 22M bps, officials said.

The speedier chips are due this summer and should be available in user products by the end of the year, TI officials said.

In addition to doubling throughput, TIs Alantro technology boasts better noise and distortion specs than current 802.11b offerings, officials said. The IEEE standards task force for 802.11g is mulling a number of technologies, including TIs Alantro, to boost the WLAN data rate in the 2.4GHz band.

To promote the Alantro 802.11g technology, TI last week said it would offer royalty-free licenses pending ratification of the IEEE standard. Mike Hogan, TIs general manager of the Wireless Networking Business Unit, said the move targets WLAN component and systems developers and will help speed the rollout of 22M-bps gear.

With volume production, TI is vowing to push the per-unit price of 802.11 chip sets from todays $35 to $45 down to between $5 and $10 by 2003.

At that price, officials said that the WLAN technology will be comparable to the much-anticipated Bluetooth short-range wireless connectivity protocol with much better range, speed and functionality.