Wireless LAN Technology

Julie Vogel Jim Faxon Kevin Meehan Rob Belote

The Wireless LAN Industry exceeded $300 million in 1998 and will grow to $1.6 billion in 2005.

Source: Frost and Sullivan

Why Go Wireless?

 Business solutions = OPPO

RTUNITY

– Increase Productivity – Better Customer Service – Future Cost Savings – Access all the time, anywhere – No need for Ethernet jack hookups

Why Go Wireless (cont)

 University Solutions – Cloud of Connectivity – Enhance Education Possibilities  Live Remote Classes  Mobile Study / Group Work

Is It Worth It?

 Aspects to Consider – Cost – Performance – Interoperability – Lifespan and Upgrades

 802.11b

Cost / Performance

 802.11a

– – 11 Mbps @ 2.4 GHz Longer Distances  Up to 100 feet – Basic Access Points  ~ $100 – Wireless PC Cards  < $100 – – 54 Mbps @ 5 GHz Shorter Distances  Up to 50 feet – Basic Access Points  ~ $250- 500 – Wireless PC Cards  ~ $200

Interoperability

 Integration of Standards – 802.11b and 802.11a

 Future Technology  Integration of Manufacturers – D-Link vs. Linksys

New Wireless Technology



Harmony

by Proxim – – – 802.11a and b integration “Central” Access Point Controller Ability to Roam Subnets – Cost  $900

802.11b +



AirPlus

by D-Link – 22 Mbps @ 2.4 Ghz  Opposed to 11 Mbps – Upgrade available soon  12 Mbps Real World Performance – Cost  Roughly same as 802.11b

 ~ $100 per Access Point and PC Card

802.11g and VoIP



PRISM GT

Chip by Intersil – VoIP to fit Wireless Bandwidth – Quality of Service (QoS)  Ability to maintain video data while mobile

802.11 and Bluetooth



PX20

by Philips – Advanced Access Gateway – Allows integration of Bluetooth and 802.11b standards – Not on market yet 

Blue802

by Intersil – Mini-PCI card  Mixes Bluetooth and 802.11b standards – Cost = $50

Security Devices



Mobius

by Symbol Technologies – – Central Switch Access “Ports” – Offers Central Control of Access 

WG-1000

by Bluesocket – Employee vs. Guest Access – Specific Levels of Access – Usernames and Passwords – $6000

Wireless LAN Standards

 Institute of Electrical and Electronic Engineers (IEEE) in charge of creating standards – 802.11 Working Group deals with Wireless  Divided up into Task Groups – MAC Task Group – PHY Task Group – Task Groups assigned letters (a through i)

802.11 Standards

 802.11 standards released, followed by the 802.11b standards – 802.11a standards release followed 802.11b despite being finished first – 802.11a standards didn’t seem feasible until the 802.11b standards were in place

802.11a

802.11b

Transfer speed 54 Mbps* (33) Available Channels Range Users per Access Point 11 25 ft 1024 11 Mbps* (6) 3 100 in / 200 out 256

Wireless Fidelity (Wi-Fi) certification

 802.11b and Wi-Fi certification form the baseline standard across the world  Assures that your device can work with other Wi-Fi certified devices from other vendors  Given by Wi-Fi alliance – Non-Profit International Trade Organization

Standards in the Works

 802.11g is a promising new standard  Similar to parts of 802.11a & b standards – – Transmission rate (54Mbps) same as 802.11a

Number of channels (3), Frequency band used (2.4GHz), Clients per Access Point (256) same as 802.11b

 Uses OFDM modulation in 2.4GHz frequency band, (802.11b =DSS in 2.4GHz band

Standards in the works (cont)

 802.11g

– Backward compatible with 802.11b

 802.11h

– Deals with MAC and Physical Layer standards for 5GHz in Europe  802.11i

– Deals with improving the security measures in the 802.11a,b,&g standards

Security: Wireless Versus Wired LANs

 Wireless LANs have increased security risks because of the nature of radio communication  Radio communication makes it practically impossible to prevent certain types of attacks

Wireless LAN Attacks



Main types of security attacks on wireless LANs:

–

Eavesdropping or Sniffing

–

Transitive Trust

–

Infrastructure

–

Denial of Service (DoS)

Eavesdropping

 Eavesdropping, or sniffing, is a way for attackers to capture messages being transmitted between two parties.

 When one wireless device sends a message over a radio path, an attacker equipped with a special transceiver in the range of the transmission, can eavesdrop the message.  Businesses should not assume that their wireless LAN is contained inside the building, except for the presence of electromagnetic shielding and other costly security precautions.

Transitive Trust Attacks

 The largest security issue associated with transitive trust is authentication, the ability to verify the other parties identify.  Two ways to break into a network: 1. The attacker fools the wireless LAN into trusting the mobile device, allowing the attacker access inside the network’s firewall. 2. Attacker fools the mobile device into logging onto their network, instead of the intended network. The attacker can then scan for passwords and encryption keys.

Infrastructure Attacks

 Attackers have information about the known weaknesses in computer’s: – – – server operating system client operating system application programs  A company can protect itself by downloading patches.

Denial of Service (DoS)

 With a powerful transceiver, an attacker can generate a radio interference that disables the wireless LAN from using a radio path.  Attackers have to act quickly on these attacks because it is fairly easy for authorities to locate the transceiver.

Secure Communication

 Because of the vulnerabilities associated with wireless LANs, users can provide the most protection for their networks by using: – Encryption – Authentication

 Encryption and Authentication Symmetric key encryption: – method is efficient – not very secure because an attacker can intercept the key and decode all the information  Public key encryption: – more secure than symmetric key encryption – inefficient and is usually used for small messages  Hashing: – uses a mathematical process  Digital Signatures: – authenticates a message  Digital Certificates: – certificate authority

Security Management

 Companies must be in control of their wireless network by: – implementing security policies – testing network for weaknesses – educating employees on security threats

Policy and Regulation

•

Legislation

•

Congress

•

Common Law / Interpertation of Law

•

Courts

•

Administrative Law

•

Federal Communication Commission (FCC)

Legislation

•

Bill introduced in House or Senate

•

Bill approved by both House and Senate

•

Approved by executive branch

•

Creates a law that can do anything from create a tax to prohibit an action

Common Law

•

FCC

Administrative Law

• Created in Communication Act of 1934 • Strengthened by Telecommunications Act of 1996 • Opened Markets to exchange carriers, including broadband Ethernet.

• Title I of ’96 Act • Wireless Telecommunications Bureau of FCC

FCC Rulemaking Process

• Notice of Inquiry • Notice of Proposed Rulemaking • Comments received and reviewed • Further Notice of Proposed Rulemaking (if needed) • Report & Order

* Carries Full “Force of Law”

FCC Enforcement Measures

• “Letter in the file” • Cease-and-Desist Order • Consent Order • Forfeitures (fines) • FCC Hearings • Administrative Law Judge • Witness, Testimony, Evidence, and Council

Today's FCC

• 5 Commissioners with five-year overlapping terms • Chairman appointed by Executive Branch • Sets direction and philosophy of FCC • Current Goals • Unregulated Competitive Environment • Eliminate Unnecessary Regulation • Planning in International Arena • “E-Rate” Program • “lap dog” or “watch dog” ?

The Future of Wireless Networks

•

Internet access to most US residents

•

Home PC

•

Television (MSN TV)

•

Video Game Consoles (X-Box)

•

Schools

•

Libraries

Current Application of WLANs

• Denver / San Diego Wireless MAN • Santana Row: “Silicon Valley’s Rodeo Drive” • IBM Emergency Network • Windows XP • Boingo

Do people trust wireless?

•

76% of people polled at www.techtv.com

said that they did NOT trust their secrets on wireless networks.

• The Lawrence Livermore and Los Alamos National Laboratories banning wireless networks.

• People are pleased with wireless, but are not yet willing to use it •

Early Internet Vendors and Credit Cards

• Is 128-bit encryption safe?

Where to go from here?

•

Future is bright for Wireless Networkers

•

users becoming comfortable in new technology

•

businesses able to make money

•

anticipate BOOM in wireless markets

•

Prices are falling

•

Access Points becoming easier to find

•

Security Issues being addressed

•

Need more regulation from FCC $69.88 @ Amazon.com

Questions?

Comments?