- Protecting yourself from a new online scam
- Diary of a deliberately spammed housewife
- Silly Internet traditions: A concise history
- How to avoid laptop loss at the airport
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Vendors will tell you that upgrading from the interim security standard Wi-Fi Protected Access to the fully baked 802.11i protocol will be fairly simple, straightforward and worth the effort. But analysts and end users warn that there are lots of wrinkles to an 802.11i upgrade, including the fact that you might have to buy new hardware. After analyzing costs and other issues, some users have decided that WPA is good enough for now.
At the very least, moving to 802.11i means managing firmware upgrades on both access points and clients. That's if you have relatively new hardware. If not, you'll have to swap out your old gear for new access points that can handle Advanced Encryption Standard (AES ) encryption.
Plus, you'll need to install authentication servers and certificate-authority servers (if you don't already have one in place), and add a whole new protocol to the networks. That's because 802.11i manages the encryption part of wireless LAN security, but you also need authentication, which means implementing 802.1X, another relatively new protocol.
"Anyone who tells you it's simple is not telling you the straight story," says Kenneth Dulaney, an analyst at Gartner. "You're adding two encryption methods and one authentication scheme. That's not simple."
WPA uses temporal key integration protocol (TKIP) encryption, while 802.11i uses AES. Because WPA is a subset of the fuller-featured 802.11i, WPA-enabled access points usually can support both encryption methods.
"If you have first-generation access points, you've just inherited a doorstop," says Michael Disabato, networking service director at Burton Group. "That's not the worst thing in the world because there are numerous reasons you want the older stuff to go away if you can afford it. The receivers are better, they have better range. Lots of reasons."
What if you can't afford it? Cost is a major reason why the Boston Public Library is holding off on an 802.11i upgrade, according to Systems Officer Carolyn Coulter.
The library provides free wireless access in its public rooms for patrons and staff, so the network has to be pretty open. "We never know what kind of equipment the public is going to walk in with," Coulter says.
Coulter runs Cisco equipment on both wired and wireless networks, but uses a Bluesocket wireless gateway for access control and encryption, rather than WPA.
The idea of a single link (consolidating I/O and storage) being a single point of failure doesn't stand...- Fernando Sanchez
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment