July 27, 2010, 9:24 PM — Like many things in IT, this security convergence is a work in progress. But as wireless LANs become the primary connectivity for more enterprise users, integrating wired and wireless becomes more pressing, especially around security. (See: "For IT, enterprise wireless to get more gnarly in next decade".)
"Security 'perimeters' are illusions," says Tom Henderson, managing director of ExtremeLabs. "If you're not protecting each and every device, then you're asking for trouble. The devices are already together: phones can be used to tether systems [laptops], creating back doors. Every MAC address has to be polled and understood for intrusion detection."
More wireless burning questions:
Should you even bother looking at Windows Phone 7?|How can enterprise WLANs manage the bandwidth crush from mobile devices and multimedia apps?|How can employee-owned mobile devices be secured and managed on corporate networks?|Is Sprint losing its WiMAX/4G gamble?|What's the impact of carriers' new "capped" wireless data plans on corporate networks?|How are large-scale, dense Wi-Fi networks affecting radio management issues?
The eventual goal is to manage wired and wireless networks as a single unit, says Farpoint Group's Craig Mathias, but not necessarily as a single network platform from a single vendor.
"A key part of this is the unification of security databases [such as RADIUS], and uniform user privilege management," he says. "This isn't common yet, but expect big announcements [about this] from WLAN and LAN vendors alike, this year and next."
"There's no easy answer for this. The WLAN vendors will have to do a better job here," says Paul DeBeasi, research vice president for network and telecom at Gartner. "They are working on this."
For example, both Cisco and 3Com (now part of HP) have been working to create common security, and other, capabilities that span both wired and wireless users. (See Cisco's "Wireless and Network Security Integration Solution Overview".)
Bradford Networks is offering a network access control (NAC) solution for handling wireless and wired clients. Last year Pepperdine University selected the NAC product as part of a deployment of Xirrus' Wi-Fi Array access points, specifically to work with the university's wired and wireless infrastructures on multiple campuses.
"You can begin to unify parts of the management infrastructure," Mathias says, starting with something as basic as having a common set of security policies and procedures for users, regardless of how they're connected to the network.
Don't expect much help from industry standards: work in this area is lagging, Mathias says. "The users really need to drive it," he says.
John Cox covers wireless networking and mobile computing for "Network World."
Twitter: http://twitter.com/johnwcoxnww
Email: john_cox@nww.com
Blog RSS feed: http://www.networkworld.com/community/blog/2989/feed
Read more about anti-malware in Network World's Anti-malware section.
