Going Wireless

(Note: This is a reprint from our June 2004 Newsletter - much of it is still relevant today)

Customers may recall that when wireless technology first started to become prevalent we cautioned against using it, largely because the security for wireless communications was inadequate. The advice was well founded. For example, 128bit WEP (Wireless Encryption Protocol) was the best protection available under the old 802.11b standard, but could be broken by a normal computer in only a few minutes. That is, an attacker could sit outside your premises, and break your security in a matter of minutes using a normal notebook and a wireless card.

The advice was well founded then, but is starting to become obsolete now. The new wireless standard, 802.11g, contains a number of new security measures that have drastically improved the security of wireless networking. In addition to this, the price of 802.11g capable equipment has come down significantly from when it was first released to the point where it is affordable and only slightly more expensive than 802.11b equipment.

So where might you think about using wireless? As always, where it makes sense for the business by either being cost effective compared to alternatives, or giving you a capability you need. For example, if you had a building that you need to setup an office in, and had no data cables in place already, you might decide that setting up a wireless network at approximately $150 a station was a better strategy than paying an electrician $200 per point to setup data points and data cabling.

This would apply double if there were reasons you couldn’t easily modify the building, such as solid concrete walls/floors/no ceiling space. Another example might be if you wanted people to be able to use their notebook computers in a conference or meeting room, but didn’t want to have to cable the room. Finally, if you had wireless devices necessary for your business process, such as using PDAs for managing stock inventories in a warehouse, wireless is a good solution.

On the other hand are some examples of places where wireless was used without good business justification. One client told us that one of their users had decided to install wireless, seemingly purely out of their own interest, and had the system setup so that the base station (that connects to the main network via a cable ), and the wireless computer were on the same desk. The radio signal traveled all of three feet. They had no real need to work away from their desk.

Net result = money wasted, no new required capability delivered, and because this was in the 802.11b days, the security of the network severely reduced.

There are some other things to keep in mind when considering wireless networks. For example, if you were thinking about using wireless for a whole office, rather than cabling, you need to consider how you are going to deliver telephone to people’s desks.

There are ways to do this over a computer network, such as VOIP (Voice Over IP), but very few of these solutions would be cost effective for smaller organizations, and the technology is still a little immature (things are a bit different in 2009).

Another thing to consider is what your actual bandwidth requirements will be. For example, 100Mb switches are now the entry level standard for cabled connections. However, the 802.11g standard is only at 54Mb shared between all computers. If you have network intensive applications you may find, with only a few computers (say 4), that 802.11g does not give you the performance you need.

None of this is to say don’t do it, only that, as always, and particularly with new technology, you should convince yourself of the benefits at a business level. Believe me, this is hard advice for a geeks (like us) to give, but it is what we consistently advise. New technology is always interesting, and for us, fun to play with. That doesn’t mean it is necessarily right for customers.

Quick Tips on Wireless Security for the Enthusiast (may not make sense to others):

• WEP under 802.11b is better than nothing, but that is about it. An attacker can break 128 bit WEP in minutes with a notebook and wireless card, sitting outside your home/office. Yes, people do wander about looking for these connections, often just to obtain a free Internet connection. Your risks of this increase if you live/work in high density areas but it could happen anywhere if you have the wrong neighbors.
• MAC address security is not really much security at all. MAC addresses seem like long random numbers, but they aren’t really. Most manufacturers publish the MAC addresses they use (they have to, so others don’t make gear with the same addresses), and there are tools on the Internet that let a person try and test all possible MAC addresses in seconds.
• WEP and MAC address security combined is not really very strong. If you choose to use just this, for convenience, just be aware in your own mind that there is some risk. Ways to control the risk include putting a personal firewall on all the machines connected to the wireless network, and keeping an eye on your broadband usage throughout the month to make sure you don’t get a nasty shock.
• If you can afford 802.11g equipment then buy it, and use rotating WEP keys and other security features. These features start to offer real levels of security.