Comparing Wireless Technologies
There are currently two prevalent wireless LAN solutions being deployed. These solutions are the IEEE 802.11standards, primarily 802.11b, and the solution proposed by the HomeRF working group. These two solutions are not interoperable with each other or with other wireless LAN solutions. While HomeRF is designed exclusively for the home environment; 802.11b is designed and is being deployed in homes, small and medium businesses, large enterprises, and in a growing number of public wireless networking hot spots. Several major laptop vendors are shipping or have plans to ship laptops with internal 802.11b NICs. A comparison of these two solutions is given in Table 1.
Table 1 Comparing the IEEE 802.11b and HomeRF Networking Standards
|
IEEE 802.11b |
HomeRF |
Major Industry Support |
Cisco, Lucent, 3Com WECA |
Apple, Compaq, HomeRF Working Group |
Status |
Shipping |
Shipping (low speed) |
Range |
50300 feet |
150 feet |
Speed |
11Mbps |
1Mbps, 2Mbps, 10Mbps |
Use |
Home, small office, campus, enterprise |
Home |
Cost |
$75$150 per card |
$85$129 |
Security |
WEP/802.1x |
NWID/encryption |
Vendors |
Over 75 |
Under 30 |
Public Access Points |
Over 350 |
None |
Market share of Wireless NICs |
72% |
21% |
NOTE
Microsoft's choice? Home RF versus 802.11b. It's clear from the comparisons above that the 802.11b standard reaches more efficiently into both the office and home-networking environments. Expect to see Microsoft come down on the side of the 802.11b standard because it has many of the features most needed in both companies and homes.
Exploring the 802.11b Standard and How It Works
Wireless LANs are built using two basic topologies, much like TCP/IP networks are either peer-to-peer or client/server. These topologies include managed and unmanaged, hosted and peer-to-peer, and infrastructure and ad hoc. The most often used are infrastructure and ad hoc.
An infrastructure topology is one that extends an existing wired LAN to wireless devices by providing a base station (called an access point). Many companies today are using this technical term to refer to their devices, as is the case with Cisco and 3COM. The access point bridges the wireless and wired LAN, and acts as a central controller for the wireless LAN. The access point coordinates transmission and reception from multiple wireless devices within a specific range; the range and number of devices depend on the wireless standard being used and vendor's product. In infrastructure mode, there may be multiple access points to cover a large area or only a single access point for a small area such as a single home or small building. Figure 1 shows an example of an infrastructure mode network.
Figure 1 Infrastructure mode network.
An ad hoc topology is one in which solely the wireless devices create a LAN themselves, with no central controller or access point. Each device communicates directly with other devices in the network rather than through a central controller. This is useful in places where small groups of computers might congregate and not need access to another network. A home without a wired network or a conference room in which teams meet regularly to exchange ideas are examples of where ad hoc wireless networks might be useful.
For example, when combined with today's new generation of smart peer-to-peer software and and solutions, these ad hoc wireless networks can enable traveling users to collaborate, play multiplayer games, transfer files or otherwise communicate with one another using their PCs or smart devices wirelessly. Figure 2 shows an example of an ad hoc network.
Figure 2 Ad hoc network.
Understanding Wireless Security Concerns
With a wired network, there is an inherent security in that a potential data thief has to gain access to the network through a wired connection, usually meaning physical access to the network cable plant. On top of this physical access, other security mechanisms can be layered.
When wires no longer contain the network, the freedom gained by the users of the network can also be extended to the potential data thief. The network now may become available in the hallways, insecure waiting areas, even outside of the building. In a home environment, your network could extend to your neighbors' houses if the proper security mechanisms aren't adopted by the networking gear or used properly.
Since its inception, 802.11 has provided some basic security mechanisms to make this enhanced freedom less a potential threat. For example, 802.11 access points (or sets of access points) can be configured with a service set identifier (SSID). This SSID must also be known by the NIC in order to associate with the AP and thus proceed with data transmission and reception on the network. This is very weak security if at all because
The SSID is well known by all NICs and Aps.
The SSID is sent through the air in the clear (even beaconed by the AP).
The NIC/Driver locally can control whether the association is allowed if the SSID is not known.
No encryption is provided through this scheme.
Additional security is provided through the 802.11 specifications through the Wired Equivalent Privacy (WEP) algorithm. WEP provides 802.11 with authentication and encryption services. The WEP algorithm defines the use of a 40-bit secret key for authentication and encryption, and many IEEE 802.11 implementations also allow 104-bit secret keys. This algorithm provides mostly protection against eavesdropping and physical security attributes comparable to a wired network.
A principal limitation of this security mechanism is that the standard does not define a key management protocol for distribution of the keys. This presumes that the secret shared keys are delivered to the IEEE 802.11 wireless station via a secure channel independent of IEEE 802.11. This becomes even more challenging when a large number of stations are involved, such as on a corporate campus.