Should I implement WPA or wait for 802.11i? What is the difference between the two?Q: Should I implement WPA or wait for 802.11i?\u00a0 What is the difference between the two?- Hardy, Durham N.C.A: First, let's address the differences between WPA\u00a0(Wi-Fi Protected Access) and\u00a0802.11i .\u00a0WPA was created by the\u00a0Wi-Fi Alliance\u00a0as an interim measure until 802.11i is ratified.\u00a0 WPA addresses a subset of the 802.11i draft, focusing on the part of the emerging specification that improves the security of WEP. With WPA, enterprises can increase the security of their existing 802.11 WEP environments.\u00a0 At the same time, WPA prepares these environments for a seamless transition to 802.11i.802.11i is the IEEE's draft standard for adding improved security to wireless LANs (WLAN).\u00a0 It includes two parts - one that addresses improvements to existing 802.11 equipment using the current WEP algorithm, and a second that enables new 802.11 equipment to support the Advanced Encryption Standard (AES) encryption algorithm. It is still under development and is expected to be ratified in mid-2004.Both WPA and 802.11i provide significantly improved security compared to\u00a0WEP, through rapid key updates, stronger encryption algorithms, and stronger authentication.\u00a0But all security is not created equal.\u00a0 While WPA is more secure than WEP, it is less secure than 802.11i. In order of increasing security, I would rate the various 802.11 algorithms as follows: WEP, WPA group key only, WPA pre-shared key, WPA pair-wise key, and 802.11i robust security network (RSN). Group key refers to an environment where all devices share the same key. Pre-shared key refers to a key or pass phrase that is entered on all access points and clients that will be used to create unique pair-wise keys for each mobile client and AP.\u00a0 Pair-wise keying creates unique keys for every mobile client device, derived from information in the\u00a0RADIUS\u00a0authentication.\u00a0So should you implement WPA now?\u00a0 Absolutely!\u00a0 If you have a WLAN today, you should definitely move to WPA as soon as possible.\u00a0 Otherwise, your WLAN could be vulnerable to eavesdroppers or intruders.\u00a0If you are considering deploying your first WLAN, you should only consider WLAN equipment with support for this technology. Pay attention to the type of keying used in the WLAN systems you choose. Because a group keying system lets all mobile clients associated with an access point decrypt the traffic sent to any other mobile client on that same AP, we recommend not choosing something that relies exclusively on this technology.Is there any reason you should hold off WLAN deployment until 802.11i is available? No, we don't believe there is.\u00a0 802.11i will provide stronger security than WPA, because RSN uses the AES algorithm and requires that the access point and mobile client devices support pair-wise keying. But in this wizard's opinion, a WLAN that is built using WPA pair-wise keys is secure enough to protect most corporate environments.