WLAN solutions for HP enterprise notebooks and Tablet
PCs
HP Compaq nc4000, nc4010, nc6000, nc8000, nw8000, TC1100
Executive summary................................................................................................ ..........................3
Introduction....................................................................................................................................3
Enterprise WLAN Requirements.........................................................................................................3
Security.....................................................................................................................................3
Manageability............................................................................................................................4
Performance...............................................................................................................................5
HP WLAN Adapters........................................................................................................................ 5
HP WLAN Client Software................................................................................................................7
Selecting the right WLAN Solution...................................................................................................10
Emerging WLAN standards............................................................................................................11
Conclusion ..................................................................................................................................12
2
Executive summary
HP has a comprehensive offering of mobile wireless local area network (WLAN) solutions that address enterprise
business requirements for security, performance, and manageability. This offering has been recently
strengthened with the introduction of the Intel® Pro/Wireless 2200BG WLAN adapter and a new release of the
Atheros Client Utility, version 3.1. This white paper includes:
• An overview of primary enterprise WLAN requirements
• A comparison of HP WLAN adapters
• A comparison of HP WLAN client software features
• Guidelines for choosing a WLAN solution
• A preview of emerging WLAN standards
Introduction
Since early 2003 there has been explosive growth in the sales of mobile computers with integrated WLAN.
Adoption of WLAN by enterprise businesses, initially held back by concerns over security and manageability, is
growing. These concerns have been—and continue to be—addressed by HP and our WLAN technology
partners.
HP offers a selection of standards-based WLAN solutions for enterprise notebooks and Tablet PCs, including
WLAN adapters based on technology from Intel and Atheros, and software that supports a comprehensive set of
enterprise features such as Cisco Lightweight Extensible Authentication Protocol (LEAP) and profile import/export.
All HP WLAN solutions are Wi-Fi Certified to ensure the greatest level of interoperability with other WLAN
products.
HP WLAN solutions allow enterprise businesses to unlock the productivity and convenience benefits derived from
a secure, high performance, manageable wireless network.
Enterprise WLAN requirements
Security
Security is a fundamental concern for enterprise IT managers. WLAN is a particular concern, since an intruder
does not need physical access to the network to attempt to breach it. Aside from physical access, however, the
security challenges for a WLAN are similar to those of a wired LAN:
• Authentication – How to ensure that only authorized users can access the enterprise LAN?
• Data protection and integrity – How to ensure that data on the network are not compromised?
• Manageability – How to make network security more manageable?
HP addresses the need for WLAN authentication through support for 802.1x EAPs. The IEEE 802.1x standard
and EAP protocols define a framework for authenticating users on a network, as well as a mechanism for
dynamically changing and distributing keys. There are several 802.1x EAP types supporting a variety of
authentication methods, including passwords and digital certificates. 802.1x is a proven, scalable
authentication method that is widely deployed.
Data on the WLAN is protected by encryption. HP WLAN solutions support all commonly deployed encryption
standards, including Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and the Advanced
Encryption Standard (AES)1.
1
The HP W400 and W500 WLANs support AES now; other HP WLANs will be upgraded to AES in future driver releases. AES support will be standard for all
HP WLANs 2005 and later.
3
Defined as part of the IEEE 802.11 family of WLAN specifications, WEP security was intended to make wireless
networks as secure as wired LANs. However, with the symmetrical RC4 stream cipher2and static 64- or 128-bit
key, WEP security was insufficient for some environments.
WPA was introduced in mid 2003 as an immediately-available, software-upgradable enhancement for WEP.
WPA enhanced WEP encryption through the addition of Temporal Key Integrity Protocol (TKIP), providing perpacket key mixing, Message Integrity Check (MIC), extended initialization vector (IV) with sequencing rules, and
a re-keying mechanism. WPA is significantly more secure than WEP3, and has received acceptance from most
enterprise IT managers.
AES is a block cipher using the Rijndael encryption algorithm on 128-bit (or 192- or 256-bit) blocks of data;
block lengths and key lengths are variable. (Block ciphers are typically more complex than stream ciphers
and thus harder to crack. The strength of AES security is validated by its adoption by the U.S. government
and military.) AES is a key component of the IEEE 802.11i specification, the most recent WLAN security
standard that was ratified in June 2004 by IEEE Task Group i (TGi) working group members. HP’s current
WLANs include AES support, and will support 802.11i and the corresponding Wi-Fi interoperability test
WPA2 through a future software upgrades.
Manageability
For large WLAN deployments, the effort required to implement and maintain WLAN security measures can
be significant. Manageability features of HP WLAN solutions include:
Restricted user rights
User rights to certain settings may be restricted to prevent modifying WLAN profiles (for example, security
keys), and in some cases from creating new profiles.
Easy distribution of encryption keys and user profiles
The management and distribution of encryption keys and user profiles can be cumbersome and potentially
insecure. Appropriate WLAN management solutions—such as 802.1x and the ability to import and export
WLAN profiles—can be used to distribute keys and profiles, minimizing the burden on IT staff.
User credential management
HP addresses the need for the security and simplified management of user credentials by allowing
Windows® Domain credentials to be re-used for LEAP authentication. Security can also be further enhanced
by the HP ProtectTools Security Manager—a single client console application that unifies security capabilities
of HP client PCs under a common architecture and single user interface. Today a range of features is being
delivered that builds on underlying hardware security building block,s such as embedded security chips
designed to the Trusted Computing Group (TCG) standard and Smart Card technology. Collectively, these
features are addressing business customer needs for better protection against unauthorized PC access, as
well as stronger protection for sensitive data stored locally or accessed over a network.
Managed product lifecycles and software upgrades
Stable product configurations over a long purchase period ease IT management by minimizing technology
transitions. WLAN driver and client software that are compatible across multiple notebooks and WLAN
adapters, and are backwards compatible with previous revisions, simplify maintenance of the WLAN installed
base.
2
For more information, visit www.rsasecurity.oom
3
Wi-Fi Protected Access Whitepaper, available at www.wi-fi.org
4