Many WLAN proponents claim that the technology's success is due to the popular phrase, "anytime, anywhere, anything." These words promise that everyone can get to their applications from anywhere in the enterprise at anytime. In reality, however, not many CIOs, IT directors, or network-security managers are entirely comfortable with allowing anytime, anywhere access to anything. Before true enterprise-wide deployments can become a reality, the administration needs to control its WLAN infrastructure and the users and applications that run on a WLAN.
Imagine this scenario: Students enter a lecture hall with their new Intel Centrino laptops. The professor tells them that they have 45 min. to write an answer to the question that's on the white board. They can either use the print server or e-mail their answers to the professor. When the students begin their quiz, one student Instant Messages to another student, "Hey, what are you writing down?" Meanwhile, another student is performing a quick Google search. The professor didn't want Internet access available in class. But how can the professor allow access to some applications and not others? In addition, how can access to applications change with the classroom schedule?
This situation is not limited to universities. Many locations need to control access to the network and specific applications. They include hospitals, airports, manufacturing and distribution facilities, trading floors, corporate campuses, and more. With mobile users, this access also may have to be a function of time and location.
Take this example: A CIO decides to invest in WLAN infrastructure. That CIO deploys wireless access throughout the corporate campus. How do all of the different users access their applications? Perhaps the CIO decides that wireless users can access the Internet, e-mail, and manufacturing applications. Does he or she also give access to every print server, file server, and IT resources? What about financial data and applications or HR applications? To serve multiple user types, the wireless access point must have a path to everyone's resources.
Yet many CIOs and IT directors don't allow access to every network segment from the WLAN. Otherwise, they would be forced to give universal access. On the wired network, applications can be restricted due to the fact that IT management knows where the connection is from: who connects to what jack that goes through which port on the switch to which application server. Unfortunately, the 802.11 standards do not address application authorization for users on the wireless network. IT management will only be comfortable with an enterprise-WLAN deployment through an authorization process. Such a process can provide assurance that only the right users can access the right applications.
Aside from the fact that the wireless access point is an open hub, it's also a bandwidth bottleneck. Currently, a CIO is forced to only allow one high-priority application to be available in separate, disparate WLANs. Otherwise, these applications will not function correctly on a WLAN due to improper quality of service (QoS). The redundant infrastructure and duplicated administration are not feasible paths for the cash-conservative enterprise.
With certain access-point (AP) brands, IT managers have the ability to provide multiple SSIDs with different Virtual LANs (VLANs) to help segregate traffic. VLANs are a known technology for creating port-based segmentation. But they're not designed to segregate specific application traffic. The QoS for an application cannot be protected using VLANs at the source of the bottleneck: the access point itself.
In addition, CIOs and IT managers need bandwidth-management policies that can be access-point- or location-specific. They also must be able to dynamically change based on time, such as during the last five days of every quarter from 6 a.m. to midnight. In this type of managed environment, CIOs and IT managers can accommodate the full range of applications and users while delivering better performance. As a result, they gain a maximized return on the investment for the WLAN infrastructure.
Overall, the basic challenge is ensuring that access to the network and to specific applications remains a function of the individual. But whether a given individual should have WLAN access and access to certain applications may change based on time or location. For example, a WLAN may shut down every day from 9 p.m. to 6 a.m. to everyone but IT or security personnel.
Obviously, the pitch of anytime, anywhere, anything is not really what most CIOs want. CIOs need authentication, authorization, bandwidth controls, detailed monitoring and reporting, and the ability to change policies by schedules or events. They also need a solution that integrates with existing systems and services while providing mechanisms to securely manage WLAN-user and application behavior. CIOs will not adopt wireless technologies unless they can leverage their significant investments in legacy systems and applications. They also want to deploy a management platform that can comprehensively address the diverse requirements for effective and efficient WLAN usage and performance. Only then can CIOs realize anytime, anywhere, anything.