If you go into a meeting these days, you will probably see people using, not just one, but several wireless mobile devices such as smartphones, tablets or laptops. According to Ian Kilpatrick, Chairman Wick Hill Group, it’s part of an unstoppable wave of change, which is radically affecting the structure of our IT networks and taking us into a new wireless world of rapid and unpredictable developments, with ongoing operational and security challenges.
A key driver behind these developments has been the introduction of the new wireless standard 802.11ac TM-2013, which was officially approved at the beginning of 2014, and will be followed in the next couple of years by 802.11ad. These standards will fuel the increase in mobile devices and BYOD, leading to wireless becoming the status quo instead of wired.
There are many elements supporting this change. 4G, with faster and bigger data-handling capabilities, will drive expectations in the office - many home networks already have greater mobility capabilities than lots of offices. The growing deployment of mobile IPV6, with its significantly enhanced capabilities, enables better roaming. Cloud and virtualisation shift both the perception and the very nature of company boundaries, making mobility even more relevant.
These and other unpredictable developments will directly impact organisational structures and security. Questions arising include how do you develop the network so users can get the best productivity and benefits from existing and new mobile devices? How do you move to wireless in a cost-effective way, with the least disruption to the business? How do you track and manage the growing number of mobile devices? How do you maintain control of the network? And how do you keep the network secure in this rapidly changing environment?
The move to wireless
The new wireless standard 802.11ac provides initial WLAN throughput of at least 1Gbps and up to 7Gbps in the future. 802.11ad, with multi Gbps throughput, will provide up to 7Gbps, when it is ratified and introduced. And 4G, will provide up to 100 Mbps mobile. This gives the potential for radically improved wi-fi performance.
Many wireless deployments to date have been tactical, with more access points added, often unstructured, to meet increasing user demand or deal with cold spots. Usually, they haven’t been either fully pervasive or capable of handling multi-media, high volume and high-density traffic. Of course, they are based on the higher range of the old 2.4 GHz access points.
802.11ac will deliver the unfulfilled promise of 802.11n, but with a focus on 5GHz rather than 2.4GHz. With 5GHz providing shorter range, but higher throughput, existing access point (AP) based systems will be inadequate for the new requirements.
To migrate to 802.11ac will require entirely new APs, new antennas, upgraded or replaced controllers, and new switches or PoE injectors. Similar to the evolution of 802.11n, there will be multiple versions and phases of 802.11ac. For some organisations, this will mean a rolling deployment, with the associated configuration and security risks.
An increasingly popular alternative to the AP approach is the modular array approach. An array can hold multiple directionally tuneable APs. Unlike traditional broadcasting, directional focus minimises interference and enables clear control over geo overspill.
This is particularly relevant given the challenges that 5GHz and beyond will create for the old AP-based approach to coverage. With 2.4GHz, providing more coverage typically involves adding more APs. However, that has been shown to be increasingly self-limiting because interference between APs reduces coverage, rather than increasing it.
A major benefit of an array-based or directional-based approach is that it can be easier to upgrade as traffic usage and capacity evolve, allowing companies to react swiftly to changing circumstances. Key to success in adopting or extending wireless networks will be deployment pre-planning, risk assessment and determining the policies to apply.
Security
Major considerations for IT managers are how to secure, control and manage a rapidly evolving wireless network, with a steadily growing number of mobile devices, as well as how to protect the growing volume of data? Security should be planned beforehand, rather than back-fitted, and should involve -
- Risk analysis and acceptance of the level of risk
- Planning
- Embedding security
- Policies
- Processes
- Education and staff involvement
- Deployment
- Monitoring and feedback loop
- Analysis
- Forensics
- Containment
Multiple mobile devices necessitate multiple security solutions. These should include mobile device management (MDM), tracking and RF management, encryption, authentication, and behaviour management, as well as basic security measures on mobile devices.
Mobility brings many challenges, but it also brings great advantages. There is such a groundswell of demand for mobility, that it will be unstoppable. Securing data is key to benefitting from this change, with device security being a major element. However, perhaps more importantly, there is the need, as well as the opportunity, to change staff’s behaviour towards mobile security and protecting data.