Are your users willing to carry around Wi-Fi APs?

Aruba takes fresh approach to reinforcing remote Wi-Fi security

Industry analysis by expert Joanie Wexler, plus links to the day's wireless news headlines

How amenable would your mobile workers be to carrying around a Wi-Fi access point?

Enterprise-class wireless LAN maker Aruba Networks is selling software that you can load onto any of its APs to simplify security for users on the road, as well as telecommuters.

The company is offering remote-access point (RAP) software that works with Aruba’s own APs and data center WLAN controllers. The telecommuter installs the RAP in a home office; mobile workers carry it around and plug it into an Ethernet jack in a hotel room.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

How amenable would your mobile workers be to carrying around a Wi-Fi access point?

Enterprise-class wireless LAN maker Aruba Networks is selling software that you can load onto any of its APs to simplify security for users on the road, as well as telecommuters.

The company is offering remote-access point (RAP) software that works with Aruba’s own APs and data center WLAN controllers. The telecommuter installs the RAP in a home office; mobile workers carry it around and plug it into an Ethernet jack in a hotel room.

The software sets up an IPSec tunnel between the AP and the Aruba WLAN controller in your company’s data center. From there, the per-user firewall policies on the Aruba controller get pushed out to the remote AP, which then identifies any legitimate devices that connect to it and applies their respective passwords, PINs, VLAN, access rights and so forth.

The point is to make security invisible to the remote user, thereby enhancing security strength by having fewer frustrated users trying to circumvent the system. The AP, rather than the user, handles all the security logons. This would particularly unburden home users who continually log in and out of the VPN.

In a hotel room, it is the AP that registers to the property’s $9.95-a-day Internet service. Then, any legitimate corporate wireless device the user has can then piggyback onto that same connection. The appropriate credentials and controls are pushed to the AP from the data center and enforced for each device.

How would hotel guests using their own APs affect the performance of the property’s own AP infrastructure? Enterprise-class APs such as Aruba’s do have dynamic channel reassignment, notes Mike Tennefoss, Aruba’s head of strategic marketing. In other words, if a nearby AP is already occupying a given channel, the AP will move to another to avoid interference.

However, most hotel properties currently support 802.11b/g networks, which occupy the 2.4-GHz band with just three non-overlapping channels. Theoretically, should such architecture catch on and there’s, say, an AP in every room, that’s a pretty dense deployment for three measly channels. Interference is likely to ensue.

Read more about wireless & mobile in Network World's Wireless & Mobile section.

Joanie Wexler is an independent networking technology writer/editor in Silicon Valley.