Problem solve Get help with specific problems with your technologies, process and projects.

Emerging enterprise Wi-Fi trends: Multidimensional security, focused intelligence at access points

We popped into Bluesocket, Inc. recently to get a reality check on what is happening on the deployment front.

This week marks the beginning of the Chinese New Year, which this time around is identified as the Year of the Monkey. As anyone who has observed this animal in a zoo or on one of those television nature programs can attest, monkeys are usually quick, frenetic and at times highly unpredictable. This means they have a lot in common with the wireless industry, especially as we progress in a year that will most likely be characterized by quick decisions and a great deal of activity in the high trees of the enterprise.

We won't go so far as to say vendors will be tempted to "monkey around" to snag that wireless sale and deployment, but we will predict that there will be lot of confusion and miscommunication between what enterprise users say they want and wireless solutions providers try to tell them what they need.

With that in mind, we popped into Bluesocket, Inc. recently to get a reality check on what is happening on the deployment front. We usually spend a great deal of time talking to the end users about their problems and challenges, so we thought it might be a good idea to talk to a major solutions provider like Bluesocket to understand their position. After all, isn't that what objective analysts do, get both sides of a story? Rather than take up too much of your time, we offer this summary of our discussion.

Tim Scannell: The cell phone has always been a useful and indispensable tool for remote workers, at least as a voice communications device. It has also set the bar in terms of expectations for wireless service, reliability, security and pervasive access. Do you agree with this, and what kind of an impact does this have on your business model?

Bluesocket, Inc.: The cell phone is the right user model, you expect it to work the same across the street as it does in Illinois. That's what users have come to expect, it's the standard for wireless devices.

If you're talking all types of devices and sticking radios in them and expect them to interoperate with an infinite variety of private legacy networks, versus network devices that have evolved over time to be completely consistent with the protocols and security level with the public networks that they interoperate with, then that's the kind of problem we set out to solve. One of the things that happened in the cellular world, of course, is a bunch of standards evolved to make it easier for everyone to adopt the same protocols, so that everything works seamlessly. The challenge in the wireless LAN market is that there will continue to be some competition at all levels.

Tim Scannell: What about the issue of security and a user's expectations of what should be a balance between strong security and a relatively comfortable user interface?

Bluesocket, Inc.:The problem is not purely an issue of encryption. With cell phones, it's a matter of authenticating the device to the network, not the user. We have the opposite problem in the wireless LAN world, where you want to authenticate the user to the network independent of the device. You also want to make sure that the user has the right access to different parts of the private network as well as the public network so they can get through to the private network. And that access needs to be based on who they are and what their relationship is to the organization.

Tim Scannell: So, you're not just authenticating the user, you also want to authenticate the cellular device for the billing process. Since there are various levels of authentication, if they it is not the right user you have to shut them down immediately, or at least find out where they are.

Bluesocket, Inc.: We call it "3D security." Not just security with respect to users, but also to space and time. Now, the security requirements of the organization can change with respect to the user depending on where they are and what time it is. The typical early adopters in this industry are those in the education market, where we have learned a lot. That's probably one of the first places where we've come to a deeper understanding of how dimensions of space and time affect the security model of an organization.

Tim Scannell: Although the security restrictions and requirements in education may be much less than those within the enterprise.

Bluesocket, Inc.: Actually, that's a preconception, and not true. Rutgers University, for example, runs everything encrypted and is very highly secured. Most large educational institutions ARE very large enterprises. They might involve 20,000 to 30,000 students, and then on top of that thousands of employees and staff members. So actually, they have a lot of the same security requirements that you see in the large enterprise. But, on top of that is the complexity of having no control over what type of devices are on the network, as well as a fair number of students who are motivated to hack. Therefore, it's actually a MORE difficult security environment than large enterprises. Some are less obsessed with security than others. But we certainly cut our teeth there.

Tim Scannell: What about when you get into the area of multiple wireless systems, which can create hundreds or even thousands of nodes or little blips in that network. This creates significantly more problems in terms of tracking and managing, doesn't it?

Bluesocket, Inc.: Oh yes. There are a number of things that need to be managed. The analogy we like to give is that our customers are building private cellular networks on top of their legacy infrastructure. They're trying to provide the level of service quality, security, reliability that you and I as users of cell phones expect to get from a public network. The difference, of course, is that these are private networks.

Now, we as a company can't provide them with all the means because some of the requirements for doing this requires special domain expertise that no individual company can provide. So part of our strategy is to make our system open so that other companies can work with us to develop technologies that require a certain domain expertise. For example, it doesn't make any sense to develop our own network management solution for wireless LANs, when our customers really see it as an extension of network management problem they have with wire line networks.

Tim Scannell: Right now there is a lot of discussion about putting more intelligence directly in the wiring cabinet versus directly at the remote access point. Does that create problems for you as far as control and management, or from your perspective as that relatively invisible infrastructure? Also, what are the tradeoffs in either approach?

Bluesocket, Inc.: Well, it depends on what kind of intelligence you mean. You certainly don't want your access points to do continuous packet inspection. It just requires too much horsepower, a results in a lot of redundant processing around the network where it's not adding any incremental value. What you do want your access points doing is ensuring packet reliability and to automatically control the channel and optimize coverage. Our long-term view is that it is something that has to be handled as a standard feature at every access point. And we expect this will be the case in most products no later than the second quarter of this year (2004).

Right now, 80% of the access points in use today are manufactured by a very small number of companies in Taiwan and other Asian countries. The reference designs they are using converge toward an access point with a set of features whereby they will arbitrate among each other for optimal power output to get enough overlap with respect to coverage and to get out of each other's way with respect to channels. This is because you usually do not move your access points around.

Tim Scannell: So, the intelligence in these access points will be focused more on such things as load balancing to ensure the signals will be swapped and switched very smoothly.

Bluesocket, Inc.: That actually is something that can be done extremely efficiently from the access points themselves, not from a central system. We hear from our customers that they want open systems and approaches, not proprietary approaches. They want choices in what kind of access points they buy in order to take advantage of trends and strategies within their organizations. Business-class access points are going to get cheaper and cheaper. They've already gone from $2000 to $500, and they're inevitably going to go from $500 to $50. So, enterprise users don't want to miss the trend, and they want to avoid getting locked into something that is proprietary.

Tim Scannell is the president and chief analyst with Shoreline Research, a Quincy, Mass.-based consulting company specializing in mobile and wireless technology and initiatives. Shoreline works with end users, looking to implement mobile solutions, and vendors, developing new products and seeking business and customer opportunities. The company also specializes in training and strategic planning projects. For more information on Shoreline Research and the company's strategic services please go to

Dig Deeper on Enterprise mobility strategy and policy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.