Aruba Networks is an innovative wireless LAN developer known for quality equipment and being concerned about wireless security. So much so that Microsoft has contracted Aruba to replace all existing wireless devices on their networks with Aruba equipment.Aruba is taking a different approach which by design removes all of the responsibility for creating the secure VPN tunnel from the remote worker and places it on a specialized remote access point (RAP). Remote AP Module is the new software application that makes any existing Aruba access point special. To quote Aruba:
Remote AP software module enables any Aruba access point to be securely and easily connected from a remote location to an Aruba mobility controller across the Internet. Ideally suited for small remote offices, home offices, telecommuters and mobile executives. Aruba's Remote AP software module extends the mobile edge to any remote location by enabling seamless corporate wireless data and voice wherever a user finds an Internet-connected Ethernet port.
Many people would say no big deal, just use a VPN client application on the computer. That may be true, but just ask any experienced business traveler or remote worker what they really think having to use a remote access client. It's painful, too slow, and can cause a host of other frustrations.
Many see Aruba's approach as a win-win situation. The remote worker's only concerns quite simply become where to plug the RAP in and making sure to log on correctly. Most network administrators will be beside themselves as this design employs centralized management and security, leaving little to chance or fate depending on your viewpoint.
To summarize the benefits:
- Authentication can be handled through a variety of options such as Captive Portal, 802.1X, MAC-based, RADIUS, LDAP and SecureID.
- Mobile User Security is derived from identity based per user security policies that stay with the user.
- Key and Security information is centrally located and not stored on the remote access point.
- Wireless Encryption in all of the latest versions such as 802.11i and WPA2 is supported.
- Almost no intervention is required from the remote worker to gain access to the company network.
There are a couple of drawbacks of Aruba to consider as well. First, the central office or VPN location is required to have an Aruba wireless network deployed or at least add an Aruba controller on the network's Internet perimeter. Also, all remote workers will require a RAP. This means the business travelers as well. The AP 41 access point is the logical choice and it weighs about a pound. Still many would groan at the thought of having to lug one more thing with them.
It isn't hard to see that this new technology will elicit many opinions from both sides of the aisle. I would be very interested to hear any comments from both business travelers and network administrators.
Michael Kassner is currently a systems manager for an international company. Together with his son, he runs MKassner Net, a small IT publication consultancy.