The former chairman of Aruba, and now its recently appointed CEO, says enterprise wireless LANs are about to get much less interesting.
That's because, says Dominic Orr, the increasing commoditization of WLAN gear, along with the advent of the 100+Mbps 802.11n standard will make wireless connectivity a routine part of the enterprise net infrastructure.
But what won't be routine is the challenge WLANs have created to the traditional conventions and architectures for network authentication and security.
"The security architecture for wired nets, based on using physical port-based conventions, won't work," he says. "You need specific, user-oriented identification, content and location data [to secure the net]."
This is where the emerging enterprise battleground lies, according to Orr.
"'WLAN' is, if not dead, then uninteresting," he says. "Once it's 'spec-able' by the IEEE, most of the profit goes the silicon makers. Eighteen months after 802.11n is standardized, the WLAN is no longer an interesting business. It's a very small window, and it's quickly being commoditized."
But it creates a huge hole in the traditional enterprise security model, which assumes the person at the far end of a wire linked to a specific switch port is the person who is supposed to be sitting at that desk.
What's needed is 'secure mobility' as a logical add-on to the enterprise net, he says.
This will become increasingly obvious and increasingly urgent as more enterprise workers become mobile. Today, only about 5% of workers are mobile, but that will rise to over 20% in two or three years, says Orr.
The analogy he uses is the shift from landline phones, one device tethered to a wire inside the home, to cell phones, which can be used anywhere. "With a cell phone, you're calling another cell phone user, who can be in New York City or Singapore," Orr says. "The phones work with the [carrier's] network to figure out where he is and complete the call."
In order for enterprise nets to do a similar kind of thing, there needs to be new functions and new information higher up in the network stack. Most WLAN innovation so far has been at Layers 1-3, focusing simply on wireless Ethernet connectivity, according to Orr. Aruba is now specifically focusing on Layers 4-7 in its line of WLAN controllers and companion thin access points.
"Our goal is mobile access control: Who is this person [on the wireless link]? What is his role in the organization, what device is he using, what applications?" Orr says.
He points to large-scale wireless deployments in higher education. These enterprises have highly mobile populations, which move en mass hourly. The populations are in specific subgroups, such as law students, medical students. Regardless of where on campus they connect wirelessly, a law student wants to access his or her own applications, data, and services. Students and faculty, including visiting faculty and medical center doctors, may have different rights to the physical net at different times of day, even in different locations.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment