Wireless Networking is here. Now a fully-mature technology, based on the IEEE 802.11 standards family, a wide range of useful and affordable wireless networking systems are reaching the mainstream network. For the user prepared to make good use of the technology, wireless systems can be an excellent tool. However, for companies with significant security concerns, wireless networks may be a disaster.

• Wireless networks default to an installation that does not have any security- Any user can connect.
  Good for Starbucks. Bad for Northrop Grumman.
• The most popular security protocols (WAP 48 and 64bit)
  can (and are) regularly broken by hackers with good software
  and patience.
• Security and wireless systems are best installed with a committment to a single vendor, to simplify support and installation issues. This requires careful planning.
• DSL "Give-aways" of insecure "Home Network" wireless access point routers bring new targets right to the hacker's doorstep.
• Wireless VPN's do not prevent TCP/IP access, allowing
  hackers what they really want most of all-Free Internet access.
• Some technicians are not prepared to manage the technologies
  necessary to introduce secure wireless networking. This has
  not stopped technicians from selling products they don't fully understand in the past, and is unlikely to stop them now.

WARNING: Wireless is NOT secure Wireless Networks expose their users to serious security risks. Companies that implement this technology do so at their peril. There are significant unresolved security issues with Wireless that make it inherently insecure. This includes: 1) The default installation of Wireless systems is without encryption. Although it works for you, it also works for EVERYONE ELSE in your receiver range who is interested in your signal. What is this range? For 802.11b, this can be TEN MILES with a $20 "cantenna"; see http://www.cantenna.com. 2) If a user puts WEP encryption on their system, it can be broken. Hacker systems have been ported to Windows and Macintosh from Linux that can crack WEP systems of 64bit encryption or less in SECONDS. WEP 128bit systems are also vulnerable. The only way to truly defend traffic on a Wireless system is to use a VPN. 3) VPN systems are not inexpensive or simple to install. Microsoft's IPSEC is the most accessable, but requires Windows 2000 or 2003 Server and a certain amount of setup time, including problems with NAT routers (now resolved on many models.)    Securing Wi-Fi is still a WORK IN PROGRESS. Unless users are careful, there may be other eyes looking over your proverbial shoulder, reading your network traffic.

Wi-Fi - Networking in the 21st Century
It's in the air. Cell phones, pagers, and... Computer data. The next step in computer networking offers wireless access from multiple locations. As with any new technology, there are risks, challenges, and standards problems.

IEEE 802.11 is the overall standard by which wireless networks are being developed. (IEEE is the "Institute of Electrical and Electronics Engineers, Inc.", the leading standards body for networking and communication systems.) The term "Wi-Fi" now refers to all types of 802.11 networking. Several flavors are available:

802.11b was the first networking standard. Up to 32 computers could connect, at speeds up to 11megabits per second (mbps). Slow, but it worked. Nearly all current wireless networks use 802.11b. 802.11b signal is on an "open wavelength", shared by walk-around phones and household appliances, so it can be boosted and amplified, or focused over long distances. Optional 802.11b antennas, in a wide array of shapes, can push signals as far as 10 miles with the proper boosters and amplifiers.

802.11g is a faster version of 802.11b, up to 54mbps. Still limited to 32 computers, and using the same public wavelength that other services (such as popular 2.4gig wireless phones, microwave ovens, cell phones) might use, 802.11g is under attack by 802.11a. 802.11g is simple to understand, however, as it offers complete compatibility with the original 802.11b systems. 802.11g has serious performance problems when used on networks which also have 802.11b clients. 802.11g appears to offer similar speed advantages to 802.11a, but users of 802.11g will almost never reach these speeds. 802.11g performance falls apart if a single 802.11b user is in range of the access point, and 802.11b remains the most popular option for wireless networking. As with 802.11b, the public wavelength this service uses can, in theory, be boosted by amplifiers and special antennas.

802.11a is also much faster than 802.11b, up to 54mbps (or 72 in "turbo" mode on vendor-specific systems, such as Netgear's), and uses different frequencies than 802.11b/g. Their 5gig frequency is reserved for data communication, and both it and the frequency modulation scheme 802.11a uses are better suited to the work involved. 802.11a will also support up to 64 computers on a single network, double the number of 802.11b or 802.11g. SoftProse Technology, Inc. believes that for the next few years, the future of Wi-Fi is with 802.11a systems. Unlike 802.11g, 802.11a has no performance conflicts with 802.11b clients. However, 802.11a signals are not as strong as many 802.11b systems, so the distance from the transmitter to a client is more critical, and more access points are required to cover a given area with service.

802.11a/b and 802.11a/b/g Although 802.11a is directly incompatible with existing 802.11b systems, all 802.11a access points and most 802.11a cards are BOTH 802.11a and 802.11b compatible! This resolves compatibility issues with 802.11a rather well, making this our preferred Wi-Fi model. 802.11a/b also resolves performance problems of 802.11g, making this the clear winner in mixed-mode environments. Now a/b/g cards and wireless access points are appearing, with options to connect to everything.

• PCMCIA Cards
• Mini-PCI Card
• Built-In (Centrino)
• PCI Card
• USB Connector
• Wireless Bridge

PCMCIA Card: This is a standard Laptop card, that pokes out of the side of a laptop and makes it difficult to fit into a case. PCMCIA cards are becoming more rare, as 802.11 networking is now available built-in to most laptops.

Mini-PCI Card: This is the most popular system for adding wireless networking as an option to a laptop. Vendors are installing antenna systems on laptops without wireless cards, but provide this new interface module to add any flavor of 802.11 networking. (Mini-PCI slots resemble laptop memory module slots, but take a totally different type of card.)

Built-In (Centrino): Intel's new "Centrino" architecture specifies 802.11 networking as an integral component of a laptop. This has many advantages, the biggest being in power management. 802.11 networking can take significant amounts of power, and laptops that are not using the service should turn it off automatically. Although built-in 802.11 networking offers limited expansion options, the overall benifits to laptop owners are considerable and make this the most desirable option for wireless networking in a laptop.

Desktop PCI Cards: These are standard "PC Cards" which go into the PCI slots inside a standard desktop computer. Normally, a stubby little antenna pokes out the back. On some systems, the antenna can be replaced with a cable to an external antenna; unfortunately these external antennas often cost more than the wireless PC card itself. This is a POOR system for wireless networking, as the wireless signal does best by "line of sight" networking. A stubby antenna on the back of a PC is often blocked by the metal case of the PC itself, along with file cabinets, desks, enclosures, etc. It is difficult to configure a machine with a clean signal and one of these cards. However, the PC card interface offers a fast and smooth data transfer rate.

USB Wireless Connectors: These connectors look similar to the old PCMCIA network card "dongles". Normally a cord between 3' and 6' long, there is a wireless receiver on the end of the cord. They are typically powered off the USB port itself, and require no additional power or connectors. For desktops, we recommend USB cable wireless connectors as the antenna can be easily moved about to achieve the best possible signal. The USB systems are of two types:
USB 2.0 Wireless Networking uses the new high-speed USB 2.0 specification to achieve the high data transfer rates possible in 802.11a and 802.11g networking. Any user of an a/g system should consider only USB 2.0 wireless connectors for their desktop computer. Not all desktop systems have USB 2.0 ports, although all new computers sold in 2003 and beyond should be equipped with them.
USB 1.0 (or just USB) Wireless Networking uses the original USB speeds. This seems to be adequate for 802.11b networking. USB 1.0 Wireless Networking should only be used with the original 802.11b system, although it appears to give adequate performance.

Wireless Bridge: This is a wireless acess point that has been reconfigured to act as a "bridge", and will output wireless signals onto a standard Ethernet cable. This cable can then be connected to either one computer, or to a collection of computers attached to a hub. A wireless bridge merges traditional networking with 802.11 wireless systems. For network designers, the use of wireless bridges offers some interesting solutions. Desktop users who must connect to a wireless network may be best served by a traditional network outfitted with a Wireless Bridge.

WAP:
   Wi-Fi 802.11a and b offers built-in WAP 128-bit encryption. This is specified in the original 802.11 foundation document. Use of this in an office is strongly suggested at the 128bit level. It must be turned on, configured, documented, and managed to work effectively. Using WAP is not simple, or intuitive. WAP is not total security, however; WAP can be broken by hackers with patience. A VPN is required for complete security in an office environment.

Secure Certificates:
   However, outside the office security of a wireless network is much more of an issue. Unprotected Wi-Fi networks allow any hacker with a wireless card to read the network data, and information that is not encrypted in this data stream could then be read easily. Email systems are notorious for this, as most do not protect their passwords. E-Commerce sites who accept credit card information should encrypt with a standard "secure certificate"; your browser indicates this by a https:// instead of http:// leading the URL in the address bar; the LOCK icon in the browser's status bar should also be closed when on one of these encrypted connections. Locked browser connections with a certificate from a major issuing authority (Verisign or Thawte) should be reasonably safe for E-commerce even on public wireless systems.

VPN:
For access to an office network from "outside" via the Internet, a VPN (Virtual Private Network) would be required. A VPN can create an encrypted link between Wi-Fi systems and an office network. Microsoft provides a VPN service (IPSEC) with their Windows 2000/2003 Server which, although not highly regarded by many industry pundits, is certainly secure and provides a solid standard for other security products to follow. VPN's can be implemented as a service of Windows 2000/2003 Server. They can also be managed in a separate "Internet Appliance" such as a router with a VPN option. (HotBrick, Sonicwall, etc.)
   TCP/IP (with or without DHCP, DNS, etc.) will still be carried over the wireless network system outside the VPN, giving access to Internet service for unauthorized users. A mix of VPN and WAP can be an excellent solution for a modern office.

Some Links of interest:
Wi-Fi Report-Daily Updates http://80211b.weblogger.com/
Wi-Fi Alliance http://www.weca.net/OpenSection/index.asp
(Formerly known as Wireless Ethernet Compatibility Alliance (WECA), the primary evangelist group for Wi-Fi 802.11 networking.)
Wi-Fi has a subculture. Experience it at www.warchalking.org

Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest

Introduction  Wi-Fi Networks  802.11b  802.11g  802.11a  Hardware  Wireless Security  WAP Encryption  Secure Certificates  VPN's  Links of Interest