Security and Quality of Service

IT managers are fighting a rear-guard action to secure and manage the quality of their WLAN networks. Most primary wireless LAN security mechanisms, such as Wired Equivalent Privacy (WEP) and 802.1X, are seated in the Data Link's MAC sublayer, which is neutral regarding 802.11a, b, and g. Because all three 802.11 WLAN PHY specifications suffer from the same security and QoS maladies, Chapters 16 and 17 are devoted exclusively to Quality of Service and security, respectively.

That being said, for continuity's sake, here is a brief discussion concerning both issues. First, let's look at Quality of Service. The quality of a WLAN's management and maintenance programs can have a tremendous effect on a network's QoS. But also know that the IEEE is diligently working on the 802.11e specification, which will address both asynchronous data traffic and data traffic that is time controlled, such as voice or video. It will lay down rules on how each traffic stream can employ different policies. For example, a video stream that is time sensitive could employ forward error correction instead of packet retransmission.

QoS is an essential capability for voice and video support, but if and when the QoS standard is finalized, its mechanisms will need to be integrated with QoS mechanisms in infrastructure networks at large, and this will take some time. So while exciting, it may be years before applications in corporate environments can truly take advantage of any new QoS standard. Home use of integrated voice/video/data networks will happen much faster. However, there is no reason to wait for the more exotic features that should become available once 802.11e is ratified: Today's products offer more than sufficient capabilities for many applications. And as long as you put some hard questions to your vendors about their upgrade paths, you can safely deploy a network that you can enhance, as needed, over time.

Now to security. While implementing a fail-safe security policy is very important, it also must be pointed out that malfeasance from unauthorized access to a wireless network is greatly exaggerated; an individual or organization is as likely to lose valuable information via a stolen or lost computing device as from someone maliciously breaking into its WLAN. If you take the necessary steps to protect your computing devices by password protection and by encrypting files on the hard drives and generally exercising caution, you've taken a big step toward decreasing the likelihood that your valuable data will wind up in the wrong hands.

Currently, there is no single blanket solution that addresses all of the security issues that crop up in a wireless networking environment. But there are a variety of steps that can be taken to increase a WLAN's security. As with wired networks, effective security requires a multi-layered strategy, as discussed in Chapter 17.