IBM内部WLAN培训资料.ppt

A group of startup companies’ offer dedicated 802.11 security devices to enterprises building wireless LAN networks. Based on a conservative analysis, these security solution vendors will have an addressable market of $500 million by 2006. The vendors compete against VPNs and new Wi-Fi Protected Access (WPA) and 802.11i security systems. Vendors include Bluesocket Inc., Cranite Systems Inc., Fortress Technologies Inc., ReefEdge Inc., and Vernier Networks Inc. Typically the security solution offered by these vendors consist of servers or gateways that sit behind a number of access points to aggregate traffic and apply security policies and network permissions. But each vendor has a slightly different take on how best to do this. Fortress Technology and Cranite Systems, for example, both use Layer 2 encryption; while Bluesocket, ReefEdge, and Vernier operate at Layer 3. From a security point of view, the relative merits of Layer 2 and Layer 3 are moot, although Cranite Systems claims it is the first to implement the new Advanced Encryption Standard (AES) that is mandated for the transmission of sensitive, non-military U.S. government data. These vendors however do not see security as their core long-term value proposition and therefore are not concerned about the emergence of the WPA and 802.11i security standards based on the 802.1x authentication protocol. “At the link-layer it’s right to have standard security mechanisms, and it’s to our benefit that standards are taking over encryption,” Evan Sohn, vice president for marketing at ReefEdge, told the Wireless Oracle. Instead, these vendors are talking up their wireless network management capabilities such as class-of-service bandwidth allocation, granular access permissions, and enabling users to roam among access points without losing their connections -- all of which, they claim, gives them significant advantages over any other solutions. “VPNs do have a lot of security and control mechanisms,” explains