WLAN pioneer explains it all

We were as shocked as anyone to discover the relatively primitive state of the wireless client in our WLAN switching tests. To make sure we weren’t talking through our hats, we contacted someone who lives, breathes, and dreams wireless: Dave Juitt, CTO of Bluesocket, one of the early players in wireless gateways. Juitt has worked in WLANs for almost a decade and has done WLAN security work for various branches of the U.S. government.

IW: Can WLAN infrastructure continue to be this dependent on client-side hardware and drivers?

DJ: No. The end-user experience necessarily has to demand that wireless gateways are client agnostic. It’s an evolutionary process. Early cell phones worked better if they were talking to base stations from the same manufacturer. That had to go away to make the service viable and the same thing is going to be required from WLANs.

IW: Are you surprised that we found so much dependency on client-side configuration in order to make WLAN transactions successful?

DJ: No. WLAN switching and even WLAN technology are still very much evolving. We’re still in the early innovation phase for the wide use of RF [radio frequency] for data. Access points in a few years are going to be very different than they are now. We’ll see new features at the physical layer; things like “channelization” and power control stuff that we consider management now will be automated.

IW: What’s your take on 802.11i? Can it solve these problems in the near term?

DJ: 802.11 cannot go to market without a secure solution. They can’t just punt; they have to fix the WEP [Wired Equivalent Privacy] problem. I think they’re going down the right path. There’s fundamentally nothing wrong with 802.11i, and the technology is fine, but it will take a lot of work.

IW: Yeah, but will we see the result anytime soon?

DJ: 802.11i will get adopted in 2004. But it’ll go through a much more stringent interoperability testing by the standards committees than previous 802.11x standards. This will do away with some of the same issues you guys saw in your testing. They have the same hurdles, but the difference is that this time they’re truly aware of how high those hurdles are and they have the best people in the world working on it. It’ll happen, but it’s going to take a lot of work.

IW: So don’t expect anything truly useful until 2005?

DJ: I didn’t say that, but it’s certainly a possibility.

IW: Are WLAN switches or gateways the clear way to go for WLAN security?

DJ: We think so, but one security model doesn’t fit everyone, so this isn’t a silver bullet. The laptop is being used as a convergence device, which means it will take advantage of the many IT solutions that exist for remote access. As an example, we’re seeing that our users actually want IPSec as an alternative. That’s going to play a continual role for mobile and especially low-power devices that can’t do the active crypto. If all you’re doing is Web surfing and all you want is to make sure that no one does session hijacking, then maybe that’s all the security you need between yourself and the hot spot.