Latest Wi-Fi security would do less for public 'hot spots'

News

Latest Wi-Fi security would do less for public 'hot spots'

The latest security features that wireless LAN vendors plan to build into products under the Wireless Protected Access (WPA) programme will do little to protect enterprise or individual users in the booming Wi-Fi public-access "hot spot" market, according to analysts.

Gartner analyst John Pescatore said that public-access providers such as T-Mobile or Boingo Wireless typically do not employ security because it inhibits their business by reducing the convenience of high-speed (11Mbps) Internet access.

Pescatore said that mobile enterprise workers should use a virtual private network (VPN) connection if they intend to use a public-access WLAN service to tap into a corporate database or e-mail server. He also suggested that anyone using a public-access Wi-Fi service should install a personal firewall to prevent snooping by other users on the same public network.

Peter Beardmore, senior marketing director at Colubris Networks, which sells a "hot spot in a box" WLAN setup through Boingo, said public-access WLAN users without a firewall ran the risk of another airport or coffee shop user poking around in their files using the "Network Neighborhood" tools found in the Windows operating systems.

Beardmore said Colubris helps Boingo prevent this kind of casual sniffing by "forcing all traffic upstream" to a Colubris server either incorporated into the access point or separate from it.

This technique, according to Beardmore, prevents "paper-to-peer" sniffing of one client on a public-access WLAN network by another.

However, Beardmore agreed with Pescatore that enterprise users should also protect their data through the use of a VPN.

Eventually, he said, public-access providers could build the authentication part of WPA into their servers for monthly customers, providing companies such as Boingo with a way to authenticate the identity of regular - though not casual - customers.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy