The 802.11i authentication system is effective in a simple WLAN environment, but roaming introduces significant challenges. When users roam between WLAN cells, they need to re-establish their security credentials. The entire 802.11i authentication process can take up to 800 milliseconds, which is about four times too long for time-sensitive applications like VoIP. To combat this problem, the 11i committee added two special features, including a client caching mechanism that allows you to quickly re-authenticate to access points with which you have had a previous authentication. Contributed by Trapeze Networks, this system is reported to decrease authentication time to about 25 milliseconds.
While caching speeds up the process of re-association, it does nothing to address association with new access points. To address this issue, Cisco and Microsoft contributed a rather crude pre-authentication algorithm that anticipates roaming. While a number of committee members were openly critical of this system, the majority felt that it was better to have a limited pre-authentication standard than none at all. Additional work on this problem will continue under the auspices of the newly formed 802.11k committee. (Some day, we'll run out of letters in the alphabet for 802.11 committees.)
It's worth noting that 802.11i isn't a universally acceptable solution. It's tough to imagine, for example, a hotspot operator building its security implementation around 11i. That's because to be effective, you have to have some control over client configurations. But for enterprises willing to bit the bullet, it's a solid enhancement that should help overcome one of the biggest obstacles to WLAN deployment.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
