Wireless networks have leaped into the mainstream in the past year. Far from their previous status as a luxury amenity, they’ve become close to a necessity in business, as time-pressed users hauling wireless laptops home take advantage of broadband connections from their armchairs.
According
to analysts at In-Stat/MDR, more than half of the laptops shipped in 2003 contained built-in wireless adapters, mostly mini-PCI cards, and the Wi-Fi hardware infrastructure market surpassed US$1 billion in the last quarter of 2003. Market growth is expected to continue, with embedded Wi-Fi clients (including mobile PCs, PDAs and phones) growing at a 66.2 per cent per year to 226 million units shipped in 2008.
Since the last time we looked at these products, communication standards have gelled considerably. The 802.11g standard, in draft last year, was ratified, allowing up to 54 Mbps communication over the same distances as the older 802.11b (up to 300 feet), with which it is backward compatible. 802.11a, also rated at up to 54 Mbps, is the standard once touted as a replacement for 802.11b, and is slowly gaining traction, although its shorter range (up to 165 feet) means a higher density of access points, and thus a more expensive infrastructure. On the plus side, it is less prone to
interference than 802.11b/g, which lives in the same frequency range as portable phones and baby monitors. Intel’s belated support of 802.11a/g in the Centrino chipset used by so many laptop manufacturers, which was originally limited to 802.11b, will make the speedier standards more approachable as well.
Security, the bugbear of wireless, has also been addressed to some extent. Although standards still dictate that encryption be off by default, awareness of the vulnerability is much broader, and access points (APs) tend to have more security protocols baked in. The newest, WPA2 (Wireless Protected Access 2), the branded version of the recently ratified 802.11i standard, uses Advanced Encryption Standard (AES) encryption (its predecessor, WPA, used TKIP). Older wireless LANs may need hardware upgrades to take advantage of WPA2, however; even those we looked at here are only billed as “”AES upgradeable.””
Enterprise vendors are addressing security issues as well as the standards war by enabling 802.11a, b and g in multi-mode APs, granting users the best of all worlds. Some will even allow mixed networks, permitting 802.11a and b/g to run simultaneously.
We invited a collection of wireless vendors to supply enterprise-class 802.11 a/b/g units for testing, and three were able to provide products in time to meet our deadline.
Cisco Aironet 1200
Cisco’s new Aironet 1200 is a formidable-looking beast in its 802.11a/b/g configuration, with a large, flat antenna poking up like a beaver tail on one end, and a pair of more ordinary-looking antennae at the other. It sits nicely on a shelf, or can be mounted on a wall or ceiling using the included bracket and hardware. It gets its power either over the Ethernet cable or from an A/C adapter.
It is configured either by plugging in the included serial cable (note to Cisco — today’s laptops don’t have 9-pin serial connectors anymore), or over the LAN, if you can obtain its IP address. That can be accomplished via a handy little utility downloaded from the Cisco Web site. You enter the AP’s MAC address and the program returns its associated IP address. But to get anything from the site, you have to go through an incredible ritual, entering your name and address and declaring you’re not from a country forbidden high encryption and you will not send the software to a country forbidden high encryption, and so on.
Cisco has completely revamped its Web-based management interface. Gone is the convoluted, hard to read old look, replaced by a clean GUI based on Cisco’s IOS (the same operating system that runs its routers).
There’s every bit as much to configure as there was of old, but two “”express setup”” tabs — general networking and security — take care of the basics. The AP can be managed through CiscoWorks as well as via its Web interface or SNMP.
All three APs support up to 16 VLANs, allowing one access point to handle separate user groups with diverse security needs.
Test machines connected easily to the AP, both over 802.11a and b/g.
Colubris CN320
The Colubris CN320 can be used in the enterprise, or as a public access AP. Colubris provides setup information for both scenarios. It operates in either 802.11a, or 802.11b/g (it can be configured for b only, g only, or either), defined in software. Two Ethernet ports (one supporting Power over Ethernet) are bridged to provide connectivity.
The CN320 is a sturdy metal box, with the bare minimum of doodads — there are connections for a pair of antennae (sold separately), an A/C adapter (ditto), a power light, wireless activity light, LAN activity light, and the ports.
There are lots of smarts. The unit supports an alphabet soup of enterprise
security and authentication methodologies, including RADIUS, 802.1x, WEP, WPA, PEAP, various flavours of EAP (but not LEAP), and SNMP or proprietary management (Colubris also includes a plug-in for HP OpenView). It also offers four levels of Quality of Service (QoS) management, as laid out in the WME standard — voice, video, best-effort data traffic, background data traffic.
Documentation is extensive, but is in a PDF file on a CD — the only paper I received was a quick start sheet that explained how to do basic setup. It got me connected, but I cringed at the last paragraph, which instructed the user to configure all user stations with encryption disabled. The security information in the full documentation explains proper configuration.
PCs saw the AP as soon as it was plugged in and connected to the LAN. I did have to power cycle the AP to get Internet connectivity, though — by default, it expects a Colubris controller to handle this, and simply unchecking the appropriate filter and soft restarting didn’t appear to be enough.
Proxim Orinoco AP-4000
The AP-4000 offers simultaneous 802.11b/g and a operation. It’s a compact, white box that comes with mounting hardware and a guard for its cables and buttons to keep inquisitive fingers from interfering with them.
Installation can be accomplished via a serial cable, a direct connection to a PC over a cross-over Ethernet cable, or from a network connection. Power can come from the included A/C adapter or the optional power over Ethernet adapter.
A scanning tool locates all Orinoco APs on the network and allows you to establish an IP address. From there, the setup wizard in a Web interface walks administrators through basic configuration, including the changing of all passwords from the default value, and establishing SSIDs for the 802.11a and 802.11b/g interfaces. It automatically chooses the appropriate channel for its transmissions so the administrator doesn’t have to worry about the correct frequency in radio-rich environments. Then the AP reboots, and you can go in and configure security separately for each interface.
Like the others, it supports authentication through a RADIUS server, 802.1x, EAP, and WPA and WEP encryption. It may be upgraded to AES.
Management is through the Web interface; there’s SNMP v1, v2c and secure v3 support, plus MIBs, and a telnet client. The interface is clean-looking, with tabbed pages for configuration and monitoring of the WLAN’s status.
Connecting over either the b/g interface or the 802.11a link was trouble-free. As soon as I enabled the appropriate profile in the NIC, it associated itself with a strong signal. As expected, the 802.11a did not have the range offered by b/g, but it performed well within its perimeter.
Access unplugged: Wir