Nortel touts secure Wi-Fi for enterprise
Nortel has announced wireless LAN products to woo IT managers that are still uncertain about security and manageability of office wireless. The products, which include a security switch that monitors wireless traffic from the wired network, join wireless LAN announcements from other vendors including Alcatel and Cisco.
"The big players are all getting into Wi-Fi," said Richard Webb, European analyst at Infonetics Research. "For many enterprises, a big name vendor is another check-box to tick before they buy into a new technology. Wi-Fi is a big growth area, although it will never equal the market for wired networks."
Nortel's products address the main objections to wireless LANs from enterprise IT managers: security, manageability, and the uncertainties of roaming between access points. "For enterprises and wireless service providers, we need products that are more grown up," said Trevor Dearing, enterprise security solutions manager for Nortel Networks in EMEA. "Roaming, security and management are the three key issues. Wireless LAN should be just part of a single network experience."
The strategy works by centralising the control in one device -- the WLAN Security Switch 2250 -- to handle security and management services. One of its key features is the detection of traffic on the wired LAN from unregistered access points. "The switch sniffs for access point traffic and alerts the management station, which can block off the specific port where that traffic is coming from," said Dearing.
The 2250 will cost around $7000 (£4,432), and can manage around 30 access points, each of which supports five or six users. Multiple switches can manage larger wireless LANs.
Security can obstruct mobility, however. Nortel advises users to treat their wireless LAN as if it were outside the building, and connect through a VPN, even when on-site. "VPNs are fragile for roaming," said Dearing -- they operate between specific IP addresses. To answer this, the 2250 switch runs mobile adaptive tunnelling, which sets up a "care-of" IP address function that forwards packets to the mobile device in whichever cell it is.
Future versions of this function will extend it to include roaming between GSM, 3G and Wi-Fi networks, said Dearing, all part of Nortel's efforts to make the products suitable for service providers running hotspots as well as enterprise IT managers. "Mobile Ipv6 will help with this," he said.
The effort to straddle both the enterprise and the service provider market also explains Nortel's departure from the approach of its current wireless LAN partner, Symbol. Symbol's Mobius WLAN system, launched in September 2002 also aims to centralise management but, where Mobius removes features from the access point until it's little more than a radio, Nortel intends to keep access points intelligent so they can be used alone in sites such as cafés.
Nortel's 2220 access point is a dual-mode device supporting both 802.11a (with a 104Mbps turbo mode) and 802.11b. Working with the switch, it can allow people to roam between 802.11a and 802.11b at a single hotspot as they come into range of the higher speed signals. Like most high-end access points, it can be run with power over Ethernet.
The access point costs $899, which Dearing accepts is considerably more expensive than basic models available in high street shops: "This is an enterprise access point, not a NetGear access point."
Nortel's relationship with Symbol will continue, said Dearing, despite the company's divergent strategies. "Mobius is an interesting concept, and there is a split in the market between putting more or less intelligence in the access point," he said. "We think significant features need to be in the access point." Extra features in the Nortel access point include the ability to provision it and change functions remotely. Nortel licences voice products to Symbol, and hopes to sell security switches for use in Mobius networks.
Nortel is also launching an adapter card for both 802.11a and 802.11b, and a "soft phone" voice client for IP telephony calls on PDAs which will cost $250.
"Users will not replace Ethernet with wireless LANs," said Dearing. "It will be an add-on." However, he expects wireless LANs to change the corporate network completely. "If people have wireless PDAs with soft phones, they will not need laptops, and they could replace their desktops with Citrix thin clients."
Let the editors know what you think in the Mailroom.