Suppliers of wireless LAN products are falling short in their efforts to deliver highly secure products that are interoperable with those of other vendors, according to a recently released report from the Meta Group.
Three years after initial concerns about wireless LAN security were raised, achieving a highly secure enterprise wireless LAN remains a challenge. Suppliers are confusing the market by offering products that are complex and costly to implement and support.
"We continue to see lackluster adoption of wireless LANs in the enterprise," says Chris Kozup, program director with Meta Group's Technology Research Services. "A handful of vendors have been aggressive in trying to solve these problems but each continues to push their own agenda."
He singled out Cisco with its support for the Leap protocol, which requires buy-in to an all-Cisco access-point infrastructure, and Microsoft with its support for Peap, which is supported in its newer operating systems but it not compatible with Cisco's Peap. Both have roots in the 802.1x standard world.
Meta Group projects that by 2004 or 2005, Peap will emerge as the de facto standard for 802.1x authentication in wireless LAN deployments.
Meanwhile, certain software companies have positioned to support both variants, Peap and Leap, to enable greater flexibility. Meta Group notes Funk Software, Meetinghouse and Interlink Networks are offering such products.
The emergence of Wi-Fi Protected Access (WPA) as an alternative to WEP for wireless LAN security is positive, however full support for the emerging 802.11i standard will include support for the Advanced Encryption Standard (AES). This will require upgrades for most access points to meet the cryptographic processing power requirements.
In advice for enterprise IT buyers today, Kozup suggested companies audit their devices to determine their exposure, and be aware of whether the selected wireless LAN security approach is tactical or strategic in nature.
Meta Group Slams Wireless LAN Suppliers on Security
