WLAN solutions for HP enterprise notebooks and Tablet PCs
HP Compaq nc4000, nc4010, nc6000, nc8000, nw8000, TC1100
Executive summary.......................................................................................................................... |
3 |
Introduction.................................................................................................................................... |
3 |
Enterprise WLAN Requirements ......................................................................................................... |
3 |
Security ..................................................................................................................................... |
3 |
Manageability ............................................................................................................................ |
4 |
Performance ............................................................................................................................... |
5 |
HP WLAN Adapters ........................................................................................................................ |
5 |
HP WLAN Client Software................................................................................................................ |
7 |
Selecting the right WLAN Solution ................................................................................................... |
10 |
Emerging WLAN standards ............................................................................................................ |
11 |
Conclusion .................................................................................................................................. |
12 |
2
Executive summary
HP has a comprehensive offering of mobile wireless local area network (WLAN) solutions that address enterprise business requirements for security, performance, and manageability. This offering has been recently strengthened with the introduction of the Intel® Pro/Wireless 2200BG WLAN adapter and a new release of the Atheros Client Utility, version 3.1. This white paper includes:
∙An overview of primary enterprise WLAN requirements
∙A comparison of HP WLAN adapters
∙A comparison of HP WLAN client software features
∙Guidelines for choosing a WLAN solution
∙A preview of emerging WLAN standards
Introduction
Since early 2003 there has been explosive growth in the sales of mobile computers with integrated WLAN. Adoption of WLAN by enterprise businesses, initially held back by concerns over security and manageability, is growing. These concerns have been—and continue to be—addressed by HP and our WLAN technology partners.
HP offers a selection of standards-based WLAN solutions for enterprise notebooks and Tablet PCs, including WLAN adapters based on technology from Intel and Atheros, and software that supports a comprehensive set of enterprise features such as Cisco Lightweight Extensible Authentication Protocol (LEAP) and profile import/export. All HP WLAN solutions are Wi-Fi Certified to ensure the greatest level of interoperability with other WLAN products.
HP WLAN solutions allow enterprise businesses to unlock the productivity and convenience benefits derived from a secure, high performance, manageable wireless network.
Enterprise WLAN requirements
Security
Security is a fundamental concern for enterprise IT managers. WLAN is a particular concern, since an intruder does not need physical access to the network to attempt to breach it. Aside from physical access, however, the security challenges for a WLAN are similar to those of a wired LAN:
∙Authentication – How to ensure that only authorized users can access the enterprise LAN?
∙Data protection and integrity – How to ensure that data on the network are not compromised?
∙Manageability – How to make network security more manageable?
HP addresses the need for WLAN authentication through support for 802.1x EAPs. The IEEE 802.1x standard and EAP protocols define a framework for authenticating users on a network, as well as a mechanism for dynamically changing and distributing keys. There are several 802.1x EAP types supporting a variety of authentication methods, including passwords and digital certificates. 802.1x is a proven, scalable authentication method that is widely deployed.
Data on the WLAN is protected by encryption. HP WLAN solutions support all commonly deployed encryption standards, including Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and the Advanced Encryption Standard (AES)1.
1 The HP W400 and W500 WLANs support AES now; other HP WLANs will be upgraded to AES in future driver releases. AES support will be standard for all HP WLANs 2005 and later.
3
Defined as part of the IEEE 802.11 family of WLAN specifications, WEP security was intended to make wireless networks as secure as wired LANs. However, with the symmetrical RC4 stream cipher2 and static 64or 128-bit key, WEP security was insufficient for some environments.
WPA was introduced in mid 2003 as an immediately-available, software-upgradable enhancement for WEP. WPA enhanced WEP encryption through the addition of Temporal Key Integrity Protocol (TKIP), providing perpacket key mixing, Message Integrity Check (MIC), extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. WPA is significantly more secure than WEP3, and has received acceptance from most enterprise IT managers.
AES is a block cipher using the Rijndael encryption algorithm on 128-bit (or 192or 256-bit) blocks of data; block lengths and key lengths are variable. (Block ciphers are typically more complex than stream ciphers and thus harder to crack. The strength of AES security is validated by its adoption by the U.S. government and military.) AES is a key component of the IEEE 802.11i specification, the most recent WLAN security standard that was ratified in June 2004 by IEEE Task Group i (TGi) working group members. HP’s current WLANs include AES support, and will support 802.11i and the corresponding Wi-Fi interoperability test WPA2 through a future software upgrades.
Manageability
For large WLAN deployments, the effort required to implement and maintain WLAN security measures can be significant. Manageability features of HP WLAN solutions include:
Restricted user rights
User rights to certain settings may be restricted to prevent modifying WLAN profiles (for example, security keys), and in some cases from creating new profiles.
Easy distribution of encryption keys and user profiles
The management and distribution of encryption keys and user profiles can be cumbersome and potentially insecure. Appropriate WLAN management solutions—such as 802.1x and the ability to import and export WLAN profiles—can be used to distribute keys and profiles, minimizing the burden on IT staff.
User credential management
HP addresses the need for the security and simplified management of user credentials by allowing Windows® Domain credentials to be re-used for LEAP authentication. Security can also be further enhanced by the HP ProtectTools Security Manager—a single client console application that unifies security capabilities of HP client PCs under a common architecture and single user interface. Today a range of features is being delivered that builds on underlying hardware security building block,s such as embedded security chips designed to the Trusted Computing Group (TCG) standard and Smart Card technology. Collectively, these features are addressing business customer needs for better protection against unauthorized PC access, as well as stronger protection for sensitive data stored locally or accessed over a network.
Managed product lifecycles and software upgrades
Stable product configurations over a long purchase period ease IT management by minimizing technology transitions. WLAN driver and client software that are compatible across multiple notebooks and WLAN adapters, and are backwards compatible with previous revisions, simplify maintenance of the WLAN installed base.
2For more information, visit www.rsasecurity.oom
3Wi-Fi Protected Access Whitepaper, available at www.wi-fi.org
4
Loading...