Wireless LANs are challenging traditional network conventions and making existing security systems obselete, according to Aruba Networks CEO Dominic Orr.
The increasing prevalence of WLAN equipment and the advent of the 100+Mbps 802.11n standard, is making wireless connections a routine part of companies' network infrastructure, Orr said. And this fact is forcing a review of traditional network authentication and security.
"The security architecture for wired nets, based on using physical port-based conventions, won't work," Orr argued. "You need specific, user-oriented identification, content and location data [to secure the network]."
An industry veteran of such companies as HP, Bay Networks and Alteon, Orr took over the reins at Aruba in April, but will raise a few eyebrows when he claims that WLAN is not the way forward.
"WLAN is, if not dead, then uninteresting," he said. "Once it's 'spec-able' by the IEEE, most of the profit goes to the silicon makers. Eighteen months after 802.11n is standardised, the WLAN is no longer an interesting business. It's a very small window, and it's quickly being commoditised."
That creates a big hole in the traditional enterprise security model though, which assumes the person at the far end of a wire linked to a specific switch port is the person who is supposed to be sitting at that desk.
What's needed is secure mobility as a logical add-on to the enterprise network, Orr said. This will become increasingly urgent as more enterprise workers become mobile. Today, only about five percent of workers are mobile, but that will rise to more than 20 percent in two or three years, Orr argued.
Most WLAN innovation has been at Layers 1-3, focusing on wireless Ethernet connectivity. Aruba is focusing on Layers 4-7 in its line of WLAN controllers and companion thin access points. "Our goal is mobile access control: Who is this person [on the wireless link], what is his role in the organisation, what device is he using, what applications?" Orr said.
There is no network reconfiguration needed at Layers 1 and 2, Orr said, and Aruba can work with whatever network access control scheme - i.e. Cisco or Microsoft - that the enterprise decides to adopt.
Read a longer version of this interview.