Upload
hoanglien
View
214
Download
2
Embed Size (px)
Citation preview
Wi-Fi: The Hype
•Find an access point (esp free hotspot)
•Presto! 11 Mb/s Internet connection•David vs Goliath – end of DSL, broadband cable and 3G cellular!•If problems, try Pringles!
•Plug in the card
Internet
Wild About Wi-FiRising from the grass roots, high-speed wireless Internet connections are springing up everywhere. Tune in, turn on, get e-mail. Sometimes for free.
6/10/02
The Corner Internet Network vs. the Cellular Giants
March 4, 2002
2 Tinkerers Say They've Found a Cheap Way to Broadband
June 10, 2002
The Beat Goes on….
Want Broadband With Your Fries?McDonald's serves WLAN broadband in Japan
The Register, May 2002
Wi-Fi Makes Broadband Painless Wall Street Journal, Feb 4, 2002
Why Not Try Wi-Fi?Time.com, June 2002
Above the Crowd: Why Wi-Fi Is The Next Big Thing
Fortune 3/5/01
Warming to Wi-FiThe network technology…has sparked a kind of populist movement. 'Hot spots' are sprouting all over.
LATimes 4/18/02
Worldwide WLAN Installed Base (millions of transceivers)
0
20
40
60
80
100
120
1998 1999 2000 2001 2002 2003 2004 2005 2006
Source: Sports Illustrated
Source: IDC
0
2
4
6
8
10
12
14
16
18
2000 2001 2002 2003 2004 2005 2006
Worldwide Installedbase, IP telephones
IP Telephones
Blessings from the Gods
Bob Lucky, May ’02: WiFi is the only real exciting stuff going on right now
Bill Gates, Dec ‘01: If any one technology has emerged in the past few years that will be explosive in its impact, it's 802.11.
WLAN Family Tree
802.112.4 GHz, 2 Mb/s
802.112.4 GHz, 2 Mb/s
802.11b11Mb/s
802.11b11Mb/s
802.11a5 GHz
802.11a5 GHz
Higher frequency,bit rate
Higherbit rate
802.11g54 Mb/s
802.11g54 Mb/s
Higher bit rate
802.11e802.11e
Quality of Service Capability
Wi-Fi Wi-Fi 5
Wi-Fig?
WaveLAN, RangeLAN900 MHz, 1-2 Mb/s
WaveLAN, RangeLAN900 MHz, 1-2 Mb/s
ProprietaryImplementations
The Wireless Road Warrior
Internet
Corporate Intranet
Firewall
Mobility managerMobility manager Cellular Cellular networknetwork
Public hotspot
The Wireless Road Warrior
Internet
Corporate Intranet
Firewall
Cellular Cellular networknetwork
Public hotspot
•Reproduce the Office Desktop Experience•Always-on•Hassle-free security•Autoconfiguration
Mobility managerMobility manager
The Wireless Road Warrior
Public hotspot
InternetCellular Cellular networknetwork
Firewall
Corporate Intranet
•Reproduce the Office Desktop Experience•Always-on•Hassle-free security•Autoconfiguration
Mobility managerMobility manager
The Wireless Road Warrior
Public hotspot
InternetCellular Cellular networknetwork
Firewall
Corporate Intranet
•Reproduce the Office Desktop Experience•Always-on•Hassle-free security•Autoconfiguration
Mobility managerMobility manager
The Wireless Road Warrior
Public hotspot
InternetCellular Cellular networknetwork
Firewall
Corporate Intranet
•Natural extension to dial-up remote access•2003 – 2007 Projected WiFi Revenues
•Equipment: $2B – 4.5B •Public Hot Spot: $1B – 8B
•Reproduce the Office Desktop Experience•Always-on•Hassle-free security•Autoconfiguration
Mobility managerMobility manager
1. Ease of Use – a long way to go2. Security – the clock is ticking3. Mobility – WiFi technology ☺
– WiFi service 4. Network management – more headaches for
IT groups
IVG #1Key Challenges for WiFi
1. Ease of Use
Cannot ConnectBob Lucky, January ’02 Spectrum
A sure way to stop a meeting is to offer the participants network connectivity.
What I want is a “push-to-talk” button on the computer.
1. The next step to getting on USC's wireless network is to configure Windows to connect using our settings.
2. Click on the Start button and select Control Panel. Click on Network and Internet Connections and then on Network Connections. A new icon labeled Wireless Network Connection will appear. Right-click on this icon and select Properties.
3. Click to highlight the Internet Protocol (TCP/IP) component and then click the Properties button. 4. From the Internet Protocol (TCP/IP) Properties window, click on the Advanced button. 5. Under the DNS tab, click on the Add button from the DNS server addresses, in order of use. Type
in the numbers 128.125.253.183 then click on Add. 6. Click on the Add button. Type in the numbers 128.125.253.166 then click on Add. 7. Click on the Add button again. Type in the numbers 128.125.253.136 then click on Add. 8. Select Append these DNS suffixes (in order). 9. Click on the Add button, type in usc.edu then click on Add. 10. Click on the Add button again, type in hsc.usc.edu then click on Add. 11. Under the DNS suffix for this connection, type in usc.edu12. Make sure that Register this connection's addresses in DNS and Use this connection's DNS suffix
in DNS registration are both checked 13. Below the section labeled Preferred Networks is an Add button. Click on it and a new window
labeled Wireless Network Properties will pop up. 14. In the Network Name (SSID) field, type USC in uppercase characters. Ensure that both Data
Encryption (WEP enabled) and Network Authentication (Shared Mode) are checked. 15. Uncheck the box that says The key is provided for me automatically. The field Network Key should
contain the letters GOUSC in uppercase characters. Ensure that the Key format is ASCII characters and the Key length is 40 bits. Click on OK to close this window.
16. Click on the Advanced button and verify that the Access Point (infrastructure) networks only option is selected. Click OK to continue. Click on OK again to exit the Wireless Network Connection Properties window.
17. Continue on next page….
Configuring the Windows XP Zero-Configuration Wireless Client
Use the drivers that come with Win XPUsing even the drivers in the Fall 2001 Orinoco release could cause you to have to reinstall Win XP!
These instructions must be followed explicitly.
WiFi Configuration and Hotspot Sign-up
Host configuration is a pain for everyoneBothersome on private networksChallenging at public access points (hotspots) A nearly insuperable barrier for technophobes
Auto-configuration is a great convenience for the road warrior…and essential to capture the first-use, walk-up customer.
Hotspot sign-up Browser-based, e.g. T-mobile/Starbucks
• Simple, but insecure (vulnerable to highjacking, despite SSL)802.1x (EAP-based)
• Secure, but cumbersome (requires pre-arranged account)
Goal: Enable auto-configuration and fully secure sign-up without pre-arranged account
We have a long way to go
2. WiFi SecuritySecurity causes Best Buy register banZdNet news, May 3, 2002
Security won’t work if not turned on
WEP (Wired Equivalent Privacy)‘Equivalent’ to Ethernet in-building privacyPrivate, not secureVulnerabilities recently exposed
• UC Berkeley, Cisco, AT&T
Security AlternativesImproved WEP -- Dynamic keying (TKIP) or block cipher. Simple, convenient, but unproven
• Draft standard in progressSecure Virtual Private Network (VPN) -- Bulletproof, but cumbersome and not ‘native’ to Wi-Fi
6/14/02: Best Buy re-activates wireless cash registersNo comment on security precautions
No WEP
WEP vs. VPNPhysical Building
Boundary
VPNGateway Building LAN
SecureSide
Logical BuildingBoundary
VPN Tunnel
VPNClient
Building LAN
WEP ProtectionX
X
WEP: Simple, convenient. Needs finalized standard. Delay could kill Wi-Fi momentum
VPN: No WEP, therefore need separate wiring installation. Extensible to off-premises
Assumed secure
WildSide
VPN for Remote Access
VPNGateway Building LAN
SecureSide
Logical BuildingBoundary
Building Boundary
Off-prem user
End-to-end VPN provides protection both on-premises and off. ‘Universal’ WiFi Access
Internet
Assumed Insecure
3. Mobility --- Technology
Multi-vendor interoperability -- User’s PC card communicates with any vendor’s access point
802.11b compliance not sufficientWireless Ethernet Compatibility Alliance (WECA)
• Wireless fidelity (WiFi), the de facto standard
Multi-service ‘roaming’ -- User account works on multiple Wireless ISP (WISP) networks
Not always-onMutual agreement among WISPs
• WECA – Wireless Internet Service Provider roaming (WISPr)• Interconnect AAA functions (Authentication, Authorization, Accounting)
Aggregator (resell WISP services)• Boingo
Always-on mobility – Mobile IPRe-routing of live connections
Mobile IP --- Always-on
Home Agent
Foreign Agent
Foreign Agent
Foreign Network
Internet
Foreign Network
Mobile IP --- Always-on
Technology – Ericsson, Lucent, Nokia, PCTELTrials: Rogers AT&T Wireless, Green Packet/WiFi Metro
Foreign Agent
Internet
Foreign Network
Home Agent
Foreign Network
Mobility --- Hotspot ServiceLessons in broadband wireless from the school of hard knocks
Ricochet (Metricom)AT&T Project AngelTeligentWinstarMobileStar
Cellular model: ubiquity is essential
Challenge: Establish national (or global) hotspot networkJoltage – Micro-hotspot franchise model (~ True Value Hardware).Boingo – Aggregator: Partner with public WLAN operators; sell subscriptions to individuals
• Provide settlements, billing, single account, hotspot sniffer• Multi-location, but not always-on
T-Mobile HotSpot – Integrated Carrier • Acquire MobileStar’s assets• Set the stage for integration with cellular
IVG #2
Boingo (Aggregator)
Boingo(~600 hotspot sites)
~$8/day, $75/mo
Wireless ISPs
Wayport SurfnSip AirPath
SprintPCS
$$$
EarthLink
TSI(Cellular Svcs)
SMC(Equipment)
GoAmerica(WWAN)
FreenetsFreenets
T-Mobile HotSpot (Integrated Carrier)
T-Mobile International
• ~1200 locations• $29.99/mo single metro, 49.99/mo nationwide• Integrate with cellular?
Cellular Networks
Enter: Goliath(s) Bad news for David….
Talks Weigh Big Project on Wireless Internet LinkThe Intel Corporation, I.B.M., AT&T Wireless and several other wireless and Internet service providers including Verizon Communications and Cingular are exploring the creation of a company to deploy a [nationwide] network based on the increasingly popular 802.11 wireless data standard, known as WiFi. [Project Rainbow]NYT July 16, 2002
Lucent Technologies teams with industry leaders tooffer secure mobile data solutions for enterprises… via Wireless LANs and 3G Networks PRNewswire JULY 17, 2002
TOSHIBA Mobility Communications System, which allows users to roam across 802.11b and 3G networks…, is slated for launch in the second quarter of 2003 Infoworld June 24, 2002
4. Network Management Signal integrity at the physical layer is rarely an issue.
Signals propagate reliablyMinimal wire-to-wire interference Bit errors usually traceable to logical layers (i.e. collisions)
Bit errors can be caused byConventional collisions (as in wired case)Reduced signal strength (e.g. user motion)Interference (e.g. distant AP, microwave oven)
• Foreign sources especially troublesome
Additional degradation due to capacity mismatch of wired vs wireless
Bandwidth hogsBroadcast overload
Automated physical-layer tools needed for large networks.
Building LAN
Building LAN
IVG #3
Rogue Access Points
AP AP RogueAP
PC
Cable or DSL
VPN GatewayCorporate
Intranet Netgate/YourKey
Rogue APs are Everywhere • Unknown/unauthorized installation• Naïve/malicious users • Gaping security hole• Detection
•Fairly easy on corporate premises•Extremely difficult at employee’s home
RogueAP
Home userVPN Gateway
HELP WANTED (Sept. 2003)Wi-Fi certified computer scientists and electrical engineers
1. Ease of UseTrue auto-configuration capabilityWalk-up subscription
2. SecurityEnhanced WEPStandards leadership
3. MobilityAlways-on --- Close and go; open and resume Economic viability of hotspotsIntegration with cellular networks
4. Network ManagementPhysical-layer managementRogue detection
We’re building a team of world-class self-starters who will shape the future of The Next Big Thing.
If you’ve got what it takes, we offer you a wide range of exciting opportunities in a dynamic, challenging environment. High-profile
Wi-Fi initiatives include:
Send your resume to:Bernie Ebbers, CEO
Wireless4U, IncP.O. Box 23
Hamilton, Bermuda
IVG #4
And speaking of rogues…..