The development of wireless technology and virtual private
networks offers the possibility of major changes to network
architecture.
The current standard network architecture uses encryption and
security devices at the outer, internet-facing boundary of the
network. Routers lie behind it, followed by a further screen of
firewalls protecting corporate desktops and core systems.
Some experts say this approach is increasingly cumbersome and that
a new architecture can be devised using lessons learned in wireless
Lan deployments.
Because 802.11b wireless Lan encryption standards have never been
completely secure, experts have always recommended the use of VPNs
between devices. That is, encrypting traffic between wireless
devices.
Experts are now suggesting applying that method to fixed PCs to
create a more pervasive security architecture.
Evan Kaplan, chief executive of network device manufacturer
Aventail, said, "People are starting to treat all PCs as
potentially 'dirty', encrypting traffic between them and not having
a firewall between the company's PCs and the internet. The firewall
surrounds only the datacentre and storage assets."
Neil Rickard, an analyst with Gartner, said the approach had
merits. "With wireless Lan you needed an infrastructure with
authentication, passwords and servers. People are now building this
out to the rest of the network at a low incremental cost."