By Galen Gruman, editorial director, IT Wireless
A free newsletter to all IT Wireless subscribers.
Note to readers: Some email clients, such as Lotus Notes, do not properly handle links within an email, such as those above to specific stories. If your email client cannot properly use these links, simply scroll down for the stories. Links to Web sites outside this email should work in any email client.
Get a printed set of our new 2003 market
overview plus IT Wireless case studies and IT Wireless
analyses in the IT Wireless Report: Trends, Analyses, and Case
Studies of Wireless Deployment in the Enterprise. Use it as a
handy reference. Share it with your colleagues and staff! You also get a
PDF version immediately upon purchase. PLUS! Subscribers get 40% off the $100 cover price and free shipping
to U.S. addresses!
Defense Agency Secures Its Wireless LANs
Security concerns have caused the U.S. Defense Dept. (DoD) to question the use of wireless LANs in its facilities. Two years ago, it put a moratorium on wireless LAN deployments at the Pentagon and nearby facilities because of those concerns, and the department began formulating a wireless policy to address security concerns and standards that it released earlier this year. At the same time, the department has been investigating the use of wireless systems at various facilities within the U.S. and overseas.
Three years ago, the Defense Commissary Agency, which runs 276 grocery stores and commissaries throughout the globe (with 171 in the continental U.S.), deployed an 802.11b network at its facilities to enable the use of wireless barcode scanners, sales terminals, and printers to make operations more efficient and provide better customer service to its military customers (for example, by letting them buy some goods directly in the parking lot rather than waiting in line inside the store). The agency had seen studies demonstrating increases in productivity as high as 30%, so it was eager to bring those efficiencies to its own operations, notes Keith Pinkston, the agency's wireless program manager.
At the time, agency officials were not concerned about security because 802.11b includes built-in Wired Equivalent Protocol (WEP) authentication, which the agency used, notes Janet Haase, acting chief of the agency's Information Technology Business Unit in Fort Lee, Va. But when this encryption scheme was cracked, the DoD issued new security requirements that included the use of the government FIPS security standards to ensure there was no unauthorized access to any wireless network. Although the Defense Commissary Agency does not deal in classified information, the DoD mandated that all wireless networks in use meet its high security requirements.
That meant a crash project for the Defense Commissary Agency to retool its devices and network to use the FIPS protocols for authentication, encryption, and intrusion detection. Between January and June of this year, the agency had to change the network and device security mechanisms at 276 commissaries, seven training labs, and three central distribution centers.
The initial estimate was that it would take 18 months to select, configure, and test the required software and hardware changes at the network and device levels. But the agency had just six months to replace the security mechanism to meet the DoD's deadline; otherwise, it would have had to stop using the system. Haase's team contacted other federal agencies to see if one of them had already implemented FIPS security on an 802.11-based wireless system, but none had. Thanks to "a lot of manpower, a lot of long trips," Haase recalls, the agency and its contractors implemented FIPS security across its many locations, preserving the wireless system and its productivity and customer benefits. At the efforts peak, 14 teams were working simultaneously at various locations, she notes. The effort cost $3.5 million.
In addition to the tight deadline, several other factors made the project a strong challenge, recall Haase, Pinkston, and Duane Woodfin, an information technology specialist at the agency. One was the need to coordinate the FIPS implementation across several vendors, since FIPS support was not a requirement in the initial network deployment and few devices were equipped for it. (Instead, WEP encryption was the lingua franca of the time, permitting interoperability out of the box.) Engineers at Fortress Technologies provided the FIPS backbone, and teams from Fortress, Psion Teklogix, and NCR worked on implementing the technology at the device level. The agency was never able to FIPS-enable its wireless printers, so they have all been connected via network cables and taken off the wireless network, Haase notes.
A second complication was that the Defense Commissary Agency was in the midst of upgrading its sales terminals, so it had two technology baselines to upgrade simultaneously. That put the sales-terminal effort behind schedule, so for several months the sales terminals were taken off the wireless network. Fortunately, recalls, Haase, this occurred during the winter, when the mobile terminals are rarely used because of the weather.
A third complication was the need to secure the overseas networks first, because of higher risk of unauthorized access there. That meant late hours and a lot of time on the phone with local teams, recalls Woodfin. "It might have been easier to do [the first upgrades] closer to home," he says, where the lead IT staff from both the agency and its contractors could directly note any issues that came up and perfect the system before wide-scale deployment. But security priorities didn't permit this approach.
With the FIPS effort done, the Defense Commissary Agency IT staff is now working on further system upgrades. One is a refresh of its wireless access points, which after three years are outdated. Many, for example, work only at 2Mbps rates, rather than 802.11b's maximum 11Mbps. New access points that support both 80211b and 802.11g standards are now being deployed to increase both data-access speed and coverage area. The agency is also installing a wireless management system that will permit central management of all the networks from the Fort Lee, Va., headquarters. This will simplify software and firmware upgrades to access points and client devices, as well as make device status visible for faster troubleshooting.Got deployment experience and lessons to share? Let us know at email@example.com.
|From our editors
Koolspan has released SecurEdge, which uses a lock-and-key approach to securing Wi-Fi transmissions and authentication that identifies the individual user rather than just the user's computer. Users plug a smart-card-based dongle into a USB port on their mobile device; this dongle contains a unique client key that is validated by a Koolspan "lock" installed behind the access point, regardless of standard and vendor. The technology also works for users accessing the corporate network via a public hot spot, regardless of whether that hot spot uses the Koolspan technology itself.
Vivato has released its Wi-Fi Bridge/Router, an 802.11b product that performs multiple functions, including wireless backhaul and extending the range of Wi-Fi coverage or filling gaps in coverage of larger Wi-Fi deployments, while also serving as a stand-alone access point. It has two radios, both of which can be used as access points, or configured to use one as a bridge and one as an access point.
Intel and iAnywhere have teamed up to produce a mobile development kit for enterprises to deploy wireless applications for laptop users. The kit includes iAnywhere development software (for application development, database access, email and file access, and device management), a Hewlett-Packard 802.11b-enabled notebook and iPaq PDA, and a Cisco 802.11b access point.
WhereNet has announced its Marine Terminal Management solution, a standards-based wireless system that lets terminal operators locate, track, and manage containers and container-handling equipment in high-volume seaports. The system uses radiofrequency identification (RFID) tags on vehicles and containers to monitor their location and status. An 802.11b network further permits operators to enter, retrieve, and exchange manifest, status, and other information in the docks.
Intermec Technologies will provide RFID consulting and certification through some of its reseller partners.
Aeris.net has enhanced its MicroBurst wireless network to support cellular data services, as well as to increase the message size to 14 bytes. The network is used for telemetry and other machine-to-machine wireless data exchange.
Acer America has released the TravelMate C300, a tablet PC that converts to a desktop PC. It includes an Intel Centrino-based Pentium M processor for built-in 802.11b wireless connectivity.
In public hot-spot news, Boingo Wireless now subscribers now have access to about 2,500 Wi-Fi hot spots in the U.K. operated by The Cloud. Boingo subscribers now have access to about 5,000 hot spots worldwide. And T-Mobile says it is implementing the 802.1x authentication protocol across its hot-spot network, which covers 3,000 locations in the U.S. T-Mobile users can also connect to corporate systems using virtual private networks (VPNs), firewalls, or via Web-page login.
Handspring has released the Treo 660, a combination PDA and cell phone with keyboard and digital camera. Sprint is reselling the device for use on its CDMA2000 1XRTT cellular data network. Available services include corporate email and file access, as well as Web browsing. Also, JP Mobile has updated its SureWave Enterprise Server to support the new device.
In other developments concerning cellular data systems:
Got a great product or technology tip? Send it to firstname.lastname@example.org.
At a recent conference, Gartner analysts said that 45% of all workers are mobile in at least some aspect of their work. Gartner said that widespread mobility is being enhanced, in in many cases enabled, by the simultaneous evolution of a set of key technologies in areas such as phone networks, wireless LANs, personal-area networks, and software infrastructure. Core technologies are evolving quickly with little prospect of significant stability before 2005, and new developments in areas such as screens, fuel cells, and software for tasks such as speech recognition will continue to drive evolution in the long term, Gartner predicts.
Gartner analysts said that wireless networking will become ubiquitous with several different technologies and protocols coexisting in the home and office. No single short-range wireless technology will be suitable for all applications in enterprises because each provides different trade-offs in terms of bandwidth, range, and cost. Consequently, several types of wireless networks will coexist in most organizations. By 2007, Gartner predicts, more than 50% of enterprises with more than 1,000 employees will make use of at least five wireless networking technologies. "All organizations should develop a strategy to support multiple wireless networking technologies," said Nick Jones, research vice president for Gartner.
Key mobile technologies in 2003 have included radiofrequency identification (RFID) tags, 802.11-based wireless LANs, personal area networks such as Bluetooth, and some proprietary network protocols. During the next five years, new networking technologies and protocols will include 802.165.4 (low-power, low-data-rate wireless), ultrawideband, and multiple input/multiple output (which exploits multipath transmission to increase bandwidth), and various mesh networking systems. Proprietary networking technologies may gain market traction in specialized areas, such as game consoles, factory automation, and medical applications, Gartner concluded.
From IT Wireless
As an IT professional, you know that wireless technologies such as 802.11 promise to provide significant benefits to your organization. Before you go full steam ahead, you need answers to your critical concerns about wireless LANs. Questions concerning security, compatibility and best practices, to name just a few. The IT Wireless Insider email newsletter is now here to help you figure it all out.
Get your FREE subscription to the email IT Wireless Insider newsletter today!
Subscription and account
This newsletter is sent to all subscribers to the IT Wireless Insider newsletter; subscribers provided their email address at the time they requested the publication at our Web site and received a confirmation of their subscription at that time. Click here to change subscription information.