Building a small wireless LAN is easy: You set up an access point or two, then configure the clients. But chief information officers (CIOs) who deploy wireless systems as part of their companies' LAN infrastructure quickly discover that managing a wireless network is more difficult than managing its wired cousin; there are worries about performance, security, and pesky wireless-specific issues such as radio-signal and traffic management. Before deploying wireless LANs widely, you must ensure you put in place the right management systems. This is not easy - as these user experiences make very clear.

Because of insufficient security in early wireless hardware, most IT managers set up their initial wireless LANs as independent segments outside the core network. That approach works fine for limited LANs, but not for an enterprise-wide approach. "Ultimately, there will be so many wireless connections that it won't make sense to keep them separate," says Warren Wilson, a practice director at Summit Strategies. "Companies will really need to adjust central policies to manage access at the edge." As built-in security improves, and even better security standards such as 802.11i and Wi-Fi Protected Access (WPA) 2 are released, you should expand your wireless strategies beyond security to include centralised management, says Meta Group senior analyst Chris Kozup. That approach would permit the deployment of wireless LANs as part of a company's overall network, not as a separate segment in a demilitarised zone.

What wireless LANs require
Integrating wireless segments into the the corporate LAN requires several components. Traditional LAN management tools can handle much of the load, such as establishing user policies, performing network monitoring and analysis, handling hardware maintenance (such as installing firmware and security patches), providing access control to the network as well as attached applications and data stores, and managing authentication keys and user validation.

But wireless LANs also have unique needs. "They require a lot more hands-on management than most companies initially thought," says Wilson. For instance, radio signals for wireless LANs must be managed to ensure appropriate coverage, to prevent both gaps and areas of overlap (though opinions vary about how much surveying you need).

Wireless LANs also require dynamic management of user access: Unlike a wired LAN, in which the number of possible connections is regulated by the number of jacks, a wireless access point can go from having no connections to hundreds as people move into range. Wireless LAN management software must spot such spikes and move users to other nearby access points to spread the load, or restrict access to only high-priority users. Wireless LAN management software should also be able to shut down a wireless port if an unauthorised user tries to access the network, plus it must be able to manage the handoff as a user roams from one access point to another. Many tools offer some of these capabilities, but analysts report that only a few handle all of them well.

Patchwork planning works
In most cases, you need a multivendor strategy to centrally manage your networks, with one vendor for the wireless LANs and another to handle the wired LAN, along with and directory services to store user profiles. This strategy carries a risk, as small wireless management companies turn over regularly. "About 70 percent of vendors will no longer exist in their current form in a couple years," predicts William Clark, a research director at Gartner. Some will fail outright, others will merge, and some will be acquired. Therefore, IT managers must do their best to assess the vendors' technology, customer base and industry support, in hopes that the technology will survive via acquisition or merger even if the vendor does not.

But analysts Clark, Kozup and Wilson agree that there really is no choice but to take this risk. Traditional LAN management providers simply don't have the right tools, and waiting until they do delays reaping the advantages of connecting mobile workforces to enterprise information systems.

The analysts say that small vendors provide better tools for wireless LAN management than the competition, citing several names (familiar to Techworld readers):

  • Airespace,
  • AirMagnet,
  • AirWave,
  • Aruba,
  • Cognio,
  • Legra,
  • Roving Planet,
  • Trapeze
  • Wavelink
Of the well-established, traditional LAN management vendors, Cisco and Computer (CA) are noted as offering the best wireless tools, and the analysts say that these tools will be significantly enhanced later this year. Hewlett-Packard (HP) essentially relies on Wavelink to provide plug-ins to its OpenView software, while acquiring some smaller providers and building up its own capabilities. And IBM Tivoli "is still trying to figure out how to get from here to there," says Wilson.

"For IBM, HP and CA, (the wireless functions) are not core to their business," notes Clark, because the market is still small.

During the next few years, analysts expect traditional LAN management tools to subsume more and more wireless functionality, making it easier for enterprises to choose one vendor.

At the moment (as these case studies make clear), most users have to patch together wireless management with multiple vendors.

Analysts acknowledge that many enterprises will continue to bring in specialty vendors to handle unique business needs not included in the broader packages. And many others will have already gone the two-vendor route and will stick with it, rather than uproot a system that works. No matter which direction customers take, it's clear that enterprise-class management will be as necessary to wireless LANs as its is to wired ones.