Oklahoma City, for example, for a year has operated a 620 square-mile 802.11g wireless network for mobile computer access for the city police and fire departments. As convenient as this Tropos Networks-based meshed 802.11g is, interference problems are significant enough that mobile public-safety units have also been given mobile cards as a connectivity backup.
And latency issues associated with all the 802.11-based wireless networks used by the city are complicating Oklahoma City's security plans to transition thousands of employees from re-usable passwords to stronger token-based, two-factor authentication. Why? Wireless latency issues, says Steve Eaton, Oklahoma City's information security architect.
Wireless networks "have issues with firewalls and timing concerns," Eaton says, noting that latency -- the time it takes a packet to reach from one designated point to another -- is slower than in wire-only networks.
So when installing the Quest Defender two-factor authentication gateway the city selected, technical adjustments have had to be made to accommodate the latency lag time of wireless networks.
Others benefiting from the advantages of wireless say they are also cognizant of its challenges.
Since late last year, Lynchburg, Va.-based Liberty University has deployed hundreds of wireless access points on campus, and also uses the Aruba Endpoint Compliance System (ECS) for for students.
"The vast majority of our students are now on it," says Bruce Osborne, a network engineer at the university.
Each student needs an ECS software agent, says Jimmy Graham, Liberty's manager of network services, and if any of the roughly 10,000 students lack the requisite antivirus or security patches, they're isolated from wireless access until their computers obtain required security updates, which can be done online.
The tougher challenge has been getting VoIP phones -- in this case -- to work optimally on the wireless network. There are challenges related to latency and VoIP's high-bandwidth needs.
"We need quality-of-service to manage this," Osborne says. VoIP traffic over wireless will need to be given priority over other traffic, and until that is all sorted out, the majority of phones will remain wireline-based on the campus.
Sisters of Mercy Health System, the Hatboro, Pa.-based healthcare provider, is benefiting from IP-based phones over wireless in its installation of the Ascom IP DECT System wireless base stations and phones at a number of its hospital sites.
"We were looking for a wireless system and failover," says Felix Merlino, manager of telecommunications for the healthcare organization, noting integrator InfoLogix designed and installed it.
Hospital staff has welcomed IP phones over wireless as a good alternative to a paging system to contact needed medical personnel. While the wireless equipment doesn't interfere with any other hospital equipment, there can be issues with blocked reception, which have to be addressed by adjusting base stations.
The firmware for the IP DECT equipment has to be patched from time to time, notes Cory Lindley, the healthcare provider's senior telecommunications analyst, adding, "As we move further into the VoIP realm, I can see that will be a regular occurrence." Patching requires systems to be shut down and rebooted so it's important to have a second gateway as backup, he points out.
Just considering use of wireless access points in network design raises considerations in terms of the Payment Card Industry (PCI) security rules, says Bernie Rominski, IT security officer for Regis Salons.
The beauty salon group has about 8,000 corporate and franchise locations, most of which still use old point-of-sale dial-up machines. But Regis Salons is updating its network look with plans for a shared Web portal for business purposes and an Internet-based POS system that may include wireless LANs in the salons.
PCI rules for wireless indicate there needs to be a segmented network, Rominski points out, noting "The PCI Data Security Standard recognizes segmentation as a firewall." He adds that means each salon, if it uses wireless, will likely also install a firewall to be able to comply with PCI DSS.