Nortel pushes WLAN for enterprise campus

The ability to roam around an office while continuously connected to a wireless LAN could be extended across whole buildings and campuses with a set of products Nortel Networks Ltd. announced today.

The company will ship in June a network switch that can handle as many as 500 secure WLAN connections across multiple access points. That platform will be at the heart of a broad set of WLAN offerings called the Nortel Networks WLAN 2200 line, designed for carrier hot-spot deployments as well as enterprises.

As more enterprises make wide use of WLANs, integrating them with the overall network will be increasingly important, according to some industry analysts. Many vendors are getting ready to roll out systems that can centralize security and management of WLANs, they said.

The Nortel switch, called the Nortel Networks WLAN-Security Switch 2250, is at the center of a lineup that will include access points, clients and technology for mobile IP phone calls.

The switch is designed to manage and control secure access to a WLAN infrastructure that may consist of many access points on different floors and in several buildings. It will let users continue a network session as they carry a notebook PC or other device around a building or campus, and keep all the same network privileges, said Anthony Bartolo, director of product marketing for WLAN solutions at Nortel in Brampton, Ontario. A roaming user's connection will stay up even if the network has been divided into different subnetworks for each floor or building, a move many administrators make for ease of management, Bartolo said.

Through user authentication functions and encryption technologies such as IPsec and Secure Sockets Layer, the switch can make sure only the right users get on the network and that their communications are protected, Bartolo said. It can also hand off some functions to Nortel's Contivity security gear in enterprises already using that equipment.

The switch can carry 200M bit/sec. of encrypted traffic and can handle 500 users at a time. For more users, enterprises can set up multiple 2250 switches, and those switches can balance the load among them. It can be used with any vendor's standard WLAN, and will ship June 30 with a list price between $6,000 and $7,000.

Nortel's 2200 line will support both IEEE 802.11b and faster 802.11a connectivity. The company's new WLAN-Access Point 2220 is a dual-band device that can also be upgraded to support future technologies including the upcoming 802.11g standard, according to the company. It can also be equipped with dual software images, one active and one for backup, so technicians don't have to rush out to restart a failed access point, Bartolo said. The access point ships May 30 for a list price of $899. Nortel will also introduce a dual-band client card, the WLAN-Mobile Adapter 2201, that fits into a CardBus slot. The card will be priced at $259.

A software client, the WLAN-Mobile Voice Client i2050, can be loaded on PCs or personal digital assistants equipped with telephony components and make them work as IP phones. This lets enterprises give each employee a single extension that travels around the site and lets them bypass cell phone service costs, Bartolo said. It will cost about $100, he said.

WLAN infrastructures will have to become more sophisticated as wireless matures from a point solution in certain locations to a major part of networks, said IDC analyst Abner Germanow, in Framingham, Mass. (IDC is a division of International Data Group Inc., the parent company of IDG News Service and Computerworld.)

"It might not be something an enterprise realizes they need when they put in the first access points. ... As the number of access points goes up, there's an inflection point where management becomes a problem," Germanow said.

Nortel's new line seems to be a hybrid step on the way to the next generation of WLANs, in which most of the intelligence will be centralized, said Ken Dulaney, an analyst at Gartner Inc. in Stamford, Conn. Enterprise edge switches will support both wired and wireless interfaces, which will be controlled by the same box and with the same security, he said.

The Johns Hopkins University Bloomberg School of Public Health in Baltimore has set up WLANs in most of its facilities, said Ross McKenzie, director of information systems at the school. They are all part of a single virtual LAN, but the antennas' signals don't reach from building to building, so employees and students need to close down a session when they leave one building and start a new one when they get to where they are going.

Seamless roaming between sites isn't often necessary now but would become essential if the medical school were to adopt IP telephony, McKenzie said. His department is testing IP telephony now and he sees it as potentially a good way to save money.

"If we were to move toward IP telephony, wireless would have to be part of it, but we haven't quite gone there yet," McKenzie said.

Stronger authentication and authorization of users is a key goal, McKenzie said. For cost and ease of management, he would like to put most of that functionality in the infrastructure rather than in virtual private network client software. The school uses Wired Equivalent Privacy but is looking toward possibly having users register the devices they use and then go through a password-based authentication system to get on the network, he said.

"I don't want to have to go touch 1,700 or 2,000 clients with software," McKenzie said.

Copyright © 2003 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon