Aruba CEO: Need for new WLAN security model
Dominic Orr, Aruba Wireless Networks CEO, says that enterprise WLANs are going to become less interesting because of the increasing commoditization of WLAN gear and the advent of the 100+ Mbps 802.11n standard. Both developments will combine to make wireless connectivity a routine part of the enterprise network infrastructure.
What will remain interesting and challenging, Orr says, are the corrections and improvements to traditional conventions and architectures for network authentication and security. "The security architecture for wired nets, based on using physical port-based conventions, won't work," Orr said. "You need specific, user-oriented identification, content and location data [to secure the net]," he said.
Orr predicts that eighteen months after 802.11n is standardized, the WLAN will no longer be an interesting business because it will be increasingly commoditized. This very commoditization, however, will create a very large hole in the traditional enterprise security model, a model which assumes that the person at the far end of a wire linked to a specific switch port is the person who is supposed to be sitting at that desk. Orr told Newsfactor that what was needed was secure mobility as a logical add-on to the enterprise network. This secure mobility will become more urgent as more enterprise workers become mobile: Currently only about 5 percent of workers are mobile, but this will increase to more than 20 percent in two or three years, Orr said.
This is where Aruba comes in. We note that most WLAN innovation has been at Layers 1-3, owing to the focus on wireless Ethernet connectivity. Aruba is focusing on Layers 4-7 in its WLAN controllers and accompanying thin APs. "Our goal is mobile access control: Who is this person [on the wireless link], what is his role in the organization, what device is he using, what applications?" Orr said.
Cisco and Check Point Software Technologies are addressing the issue of mobile security in different ways, but Aruba is not worried. "They're all Layer 1 and 2 networking devices," he said. "Cisco has initiatives in security, content networking and connectivity technologies. We just don't see how this will all come together." Aruba, though, cannot stand still or become complacent, and the privately held Aruba is, therefore, seriously exploring an initial public offering.
The last words are Orr's: "We create a mobile edge to the network...We are front-ending the network for network access control, security, authentication, user privileges. You want the network infrastructure to recognize the user, his role and profile, and then treat him accordingly."
For more on Aruba's secure mobility strategy:
-see this detailed Newsfactor article