Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Cisco LiveCast – 31.01.06 Transcript Good morning, and welcome to this, the third Cisco LiveCast. This session is entitled, enabling the mobile work-force. My name is Andy Oldfield; I am the manager of the Wireless Technology marketing team, responsible for European and emerging markets at Cisco Systems. This session is a live session, it works very well if you all ask questions, bare in mind that your questions can only be seen by us, not by everyone else viewing, so please feel free to ask anything you like. When we talk about mobility, the first thing that people think about are mobile phones. In the UK we’ve had high penetration of mobile phones in both business and consumer for a long time. In fact it’s been said that everyone who is going to buy a mobile phone in the UK has already bought it, and is widely acknowledged as a good business tool. We are also seeing it, as apart from usage of it as a voice tool that it is starting to be used as access to data, primarily for web access, with 3G services. We also see that items like the Blackberry are being used more and more for downloading email and other devices that can access data back on a corporate network; they are really a truly mobile device. When we really look at mobility what we are thinking about in a business environment is Wifi, also known as Wireless LAN. This is driven primarily by the access to the network from clients. There are clients in every type of device now; it is probably not possible to buy a laptop, or even a desktop that doesn’t have a Wifi client. When you buy a broadband service at home you’d probably receive a wireless networking device on it. So we can look at this as being client driven. And primarily starting from the consumer end of the business and now moving into the true business environment. What at first became just a toy for access, an easy method of moving about the building, has now become a true business tool. This tool delivers several advantages. So productivity being one, access to information when you’re not at your desk, when you’re in a meeting or moving around the building, at a very simple level, this can be a real productivity gain. This helps us to extend the network, previously we looked at Wifi or Wireless LAN as just a pure overlay network but now it is becoming more and more an extension of the wired network. Some of the questions coming in are: “Why do I need a wireless network when I have already wired my building?” If you think about how you wire a building you look at where people’s desks are and possibly some common areas, although that is pretty rare. So when people are moving into meeting rooms or other common areas they don’t have access to data. If you have an element of wireless in your building then it will allow areas that are not wired to be covered, otherwise you would have to totally flood wire every area of your building. This is very much true for data, but if you were to look over voice over wireless networking, then of course this becomes even more important. Simply because you would have to wire everywhere for voice, whereas if you were using voiceover wireless LAN, then very simply you can use wireless technology to cover common areas, rest rooms, printer areas etc. Some other questions: From Francis: “I’m looking to order a pocket PC, is this the same as a Blackberry?” A Blackberry is a very specific device that is marketed and sold as a service to allow you to download your emails. A pocket PC is, as the name implies, a small form factor PC, that will possibly have wireless connectivity and you can run Window’s operating system or other applications, so you could in fact access data with a web browser, you could in fact run a small email client on there to access your emails. Simon: “Cisco tends to supply solutions to large companies, what can you provide for my small business?” The great thing about wireless networking is it covers the whole gambit from consumer all the way through to very large enterprise and service providers. So the type of network you deploy is very much dependent on the size of your company and what you are trying to achieve. A wireless network, consists very basically of an access point, which is the radio, that’s then connected onto the wired network and then your client, which can be, as we discussed, in many form factors and either has a Wifi client card built into the motherboard, it may be an option card inserted into a PC or it can be a USB wireless client card that you can plug into a USB port. So we can offer solutions that cover a whole range of complexity and scale for any network. Next question from Stuart: “Are wireless networks secure?” Well interestingly enough this is probably one of the biggest perceived barriers to adoption for a wireless network is the risk of security breaches. In the past when wireless networking was being evolved there was a limitation on the type of security that could be employed on a wireless network. This lead to some well-publicised hacker tools being made available that would allow wireless networks security to be breached. A couple of years ago, the industry came up with a much much stronger solution, that allowed secure authentication, that’s the determination of, is the user allowed on this network and also encryption to allow the information that’s being transferred over the air from a client to an access point to be encrypted. This information is fully secure now and we can safely say that wireless networks are secure. Of course the big problem and many breaches that occurred were due to the fact that people did not enable the security. This is very much like sitting in a car with a seat-belt and not wearing it. So the truth is that most breaches will occur because security is not implemented rather than the technology not being available to allow it. So we now build an extension to the network that’s secure. If you are looking at security then it’s an end to end solution. You have to have security from the client, through the access point, onto the wired network and all the way through to the server. So when you are evaluating wireless networking, make sure you look at the whole of the connection, make sure that there are no weak points in the chain. All of the network as to be secure and it all has to be working in a coordinated manner. Next question, from Jay Jay: “We use WEP, that’s Wireless Equivalent Protocol, for our wireless network, one of my geek friends says this isn’t secure. Is he right?” Well, WEP is a protocol that can be potentially breached. However, there is a stronger version of WEP that is 128bit, so what I would say is that if you are going to deploy a wireless network then the strongest security that you can deploy at that stage is better than no security. So if you are going to use WEP please use the 128 bit version. Potentially it could be insecure, but that would require someone to be launching a specific attack and capturing the information to be able to crack the security. This in general is not what occurs, as I said before, people tend to go for networks where security isn’t enabled. When we look at extending the network further we should look at some of the advantages that we get from wireless networking. So if we think about access, access to data, what does that give us? Well, it gives us the ability to go and access a common source of information, one of the biggest problems as a business we can have is inaccurate information, or missing information. In fact inaccurate information is probably worse than no information at all. If a business has paper based or book based, or whatever format of information lying around, then it is very difficult to control. Businesses these days tend to be moving towards a centralised repository of information that can be electronically updated. Of course this is great if you are plugged into a wireless network, sorry this is great if you are plugged into a wired network, but if you don’t have access to that wired network then a wireless network is the answer. If you have maintenance engineers or a mobile work force this becomes even more important. We’re use to wireless networking at home, we see wireless networking being deployed within business, but we also have access to public hot-spots. These are provided by service providers, BT Open Zone for example, T-Mobile etc, that are held in airports, hotels, coffee shops of various brands etc where you can access a public network from your mobile device, Laptop or PDA etc. The ability to be able to get access to your corporate network is key here, because you want to be able to get information that you wouldn’t be able to get to in a normal environment. The big question, Tim asks: “How can security be maintained from public WiFi hotspots?” The point about it is you are then on a public network, so you’re accessing that network from your device over a shared and open medium, which is the air, onto a public internet access. If you want to connect back to your corporate network, the best way it to establish a VPN session. This is a Virtual Private Network session. This is effectively a secure tunnel, from your device, your laptop or whatever, through the public Internet, into your corporate network. This means that that session is completely encrypted and completely secure for yourself and only for your use. And in this way you can access securely your corporate data knowing that no-one else can access that data as it transits for public network. Charles asks a question: “I find it painful connecting in different locations, including Europe, any advice?” This depends very much on how you’re accessing the network, so typically what happens is there are a number of networks available throughout Europe and the UK and you have to subscribe to each individual one. So you can go to a site where they have a BT network, another site will have Swiss mobile network, Swiss Com network etc, and so each one you have to connect to it and pay a premium price to be able to use that network. One way around this is to look and see if there are any virtual service providers that you can subscribe to, that will effectively, you pay them one fee, or a usage fee and they sort out the back-end payment to the service providers that you are going to access if you are travelling. This is very important to allow easy access; the challenge is to find a virtual service provider that covers as many of the national service providers where you are going to visit. So it’s important to work out what services you are going to need to access and then talk to the service provider about how they can help out. Nigel asks a question: “Can people see my shared folders if I am connecting on a public hot spot?” They cannot see your shared folders if you are tunnelling securely through the public Internet onto your corporate network. If you are accessing that as just a pure Internet access then all of the restrictions and security caveats apply, in that anyone who can access that session on the Internet can see what you are doing. This is why we recommend that you tunnel through in a secure manner, to your corporate network or to your home network. You will find that many of the wireless access devices that you deploy at home now have the capability to become a VPN termination device. This means that you can establish a VPN client through to that device. The other thing is to look at is SSL. This is whenever you are on a website, if you are buying something on a website you will notice there is a little padlock in the lower right hand corner of your web browser this means you have established a secure session through to that website. That is an encrypted session and therefore no one else can see that, so either SSL or something like an IP sec VPN, I know this is all acronyms but this is the way the industry describes it. A virtual private network will allow you to have a secure session. Question; “Is the VPN rate cost-effective for a small business?” There are two ways of deploying a VPN, you can take a VPN service from a service provider, which is what I presume Tim is referring to here and that is going to depend very much on usage and where you access from. It is very similar to a mobile phone; in terms of if you are roaming abroad then the VPN can be more expensive. It also depends on the amount of usage you make and the sort of deal that you can establish with your provider. The other alternative is to do it yourself and it’s not that complex to do. As I mentioned, many of the consumer class products actually have VPN capability in it, Cisco itself of course sells VPN solutions built into either its routers or as a stand alone device that cover from small to medium businesses all the way to very large enterprises. So there are easy solutions for you to deploy, in either a consumer or a business class solution. Peter asks a question: “Can a public wireless network be used for voice phone-calls?” This refers to a technology called Voice Over Wireless LAN. It uses Voice Over IP. So firstly obviously a GSM or 3G mobile phone cannot be used on a public wireless network because it is a totally different radio technology. There are several ways that you can use Voice Over a public wireless network, for example many people use SKYPE or similar Internet based telephony, this uses Voice Over IP and if you have wireless networking as your transport medium rather than being plugged physically into a broadband line then of course you can use that. You can also buy specific devices that are also Voice Over Wireless LAN IP based. The challenge here of course is these devices are typically tied into a corporate telephony system and use a specific protocol, so unless you can establish a connection through the Internet to your corporate network then of course it’s going to be rather difficult to establish a voice call. We are also going to be seeing the release of dual mode phones, so these are GSM phones with WiFi in them. Again, the WiFi, or Wireless LAN piece is really a enterprise or business class tool that will require connection back to corporate network. If you are going to use Internet based telephony then there are a few things you need to take into consideration. First and foremost will be quality of service. There is no quality of service on a public Internet. So therefore your challenge will be not only the same as when you are on a wired broadband linked to the public Internet but also if you are on a public hot spot then there are other users on that hot-spot vying for the bandwidth that is being used by that access point. So your quality may deteriorate and you will have no control over it. The other area that we have talked about is security, so you need to consider how you will be able to secure your voice calls that are going across the public Internet. This is again a similar issue to wired but again you are in a far more hostile environment if you are in a public hot spot, because there are other people sharing that bandwidth. Sam asks a question: “How do I tell if there is unauthorised wireless in my business?” That is a very good point. Access points can be deployed on any wired network and an access point is the radio piece that connects into the wired network, as soon as you’ve done that you’ve effectively left open a wired port for anyone to access, especially if as discussed security is not enabled. The key thing here is, the only way to really detect wireless is with a wireless network. So what you’ll find the difference with business class wireless networks, they have the capability to do intrusion detection and also intrusion prevention. The specific thing we are talking about here is called rogue access point detection. Basically you can deploy a wireless network that is available for both access by clients and at the same time can be scanning the airwaves to check whether there are any unauthorised access points on the network. Even if you determine that your business will absolutely not allow wireless in the building or on the network at all you should still protect yourself by deploying a wireless network in intrusion detection mode, so that you know that all the time the airwaves are being scanned to ensure that no access point has been put on the network, illegally I guess is the best way to put it. It’s all very well to go around with a hand scanner and check whether there is wireless there but unless you have people continuously walking around and continuously scanning then there is always the chance that someone will put an access point on but maybe for the very best of reasons, just a short time to make their life easier while they are moving around, and then they’ll take it off again and you wont know. If the security is not enabled then you’ve left a wide open network. Matt asks the question: “Can you use a mobile phone on a Wifi network?” As discussed earlier, no you can’t. A mobile phone uses either GSM or 3G technology and this is a very different radio technology to that which is used on a WiFi network. A WiFi network uses two frequency’s to deliver different classes of performance. You can have 802.11b and g this is used in 2.4 Giga Hertz or you can have 802.11a which is 5 Giga Hertz. The difference between them is the through put that can be delivered. If there are any more questions please keep them coming. In the meantime let’s talk about what else we can use a wireless network for. We mentioned about access to data, we’ve mentioned about roaming use, so pure access either within the office environment or outside the office. What we are seeing also being deployed is guest services; this is where a network is made available to visitors to your company. It is a virtually segmented network, so it can run on the same wireless infrastructure as you deploy for your own corporate use, but it only allows them access to specific areas. Take for example many people have contractors or outsourcers working in their company and they don’t want to give them access to the corporate information because of course the corporate network holds the crown jewels of your business, i.e. your corporate data. But to be able to carry out their job these contractors or consultants need the ability to access the Internet either for research or to tunnel through the Internet as described by the VPN session to their own corporate network to retrieve data. Guest access allows you to deploy this sort of solution and is built into the Cisco solutions so that you can specify that they an only connect to the public Internet and they cannot get access to your corporate data. We also find that many company’s like to offer this service to visitors to their premises. So if you are in a type of business where you have many visitors coming in and attending meetings, events seminars etc you may want to offer this service as a benefit to them coming to see you or in fact you could outsource this to a service provider who could run it as a viable business. Also, we are finding that various vertical businesses are homing in on what’s called location based services. This is the ability to be able to track an active Wifi client, whether that’s a laptop, a Wifi phone, or a RFI de Tag that can be attached to a device or a person. For example in a healthcare environment they need to be able to track the common equipment that’s requires, that’s very expensive and also pretty rare, so efficient usage means that you have to be able to find it quickly and then bring it to the site where it is required, so that you don’t have to over-equip. Also a lot of this equipment and in many other industries has a very high maintenance schedule. Equipment needs to be maintained on a very regular life-cycle but finding equipment to start with often takes longer than actually maintaining it. So the ability to be able to connect a location based service in with your work schedule will give true benefits. For example in hospital we are told that to maintain expensive equipment, often it takes three to four hours to find the equipment and one hour to maintain it. So this means that an immediate benefit, productivity benefit can be gained if we hook one WiFi based location in with the maintenance application. Taking that thought a little bit further we also have the ability to be able to push content to a specific device based on where its location is. One of the problems once you have a Wifi extension to your wired network is that you can end up with too much data. All of the information that is available on the wired network now becomes available on your portable device. The problem will be that getting to the information whilst you are mobile is crucial for you to do your job will take more time then will be saved by accessing the information. By using location based services, what we can do is determine where the person is, and for example if it’s a maintenance engineer going to say maintain a lift, they get to the lift and they will be able to pull up the maintenance records of that lift, they will be able to pull up the maintenance manual, they will be able to pull up all sorts of spares information for that device. And that’s all that they need at that stage, they don’t need the information about what’s on in the staff canteen that day and all the other extraneous information that is sitting around on your corporate network. A question here from Dave: “You mentioned a health-care environment, are Wifi devices safe to use with medical equipment?” One of the reasons why WiFi is being deployed widely in healthcare is because of the issues with using GSM in a hospital environment. The band width and frequencies that a GSM device uses, that’s your normal mobile phone, can actually interfere with medical equipment. Because Wifi uses a different frequency then it is non-interfering with other devices, so one is the safety aspect of healthcare, the other reason is if you look at the problems that are trying to be solved then you have some very key people and assets that you need to be able to contact and find where they are and get them to specific places at certain times. So this could be emergency theatre nurses, consultants, doctors etc, you need to be able to find them quickly and move them around. However, most hospitals are large campuses with many buildings and often the wards are spread apart. So Wifi enables us to be able to reach all of those areas that would not be cost effective to do with a wired network. Another question coming in: “Can Wifi networks interfere with each other?” Yes they can, quite simply because it is a free medium. The area is an open medium to everyone, however, what this means is that when you come to deploy your wireless network, then you treat it as any other network, so you properly project manage it, you ensure that it is conforming to your security policy and the difference with wireless as opposed to wired is you need to do a radio frequency survey. This RF survey will determine what areas will be covered by the wireless access point and make sure there is no interference between access points. So there are various channels which the access points can be tuned to so that they don’t interfere. But a professional site survey with RF equipment is absolutely essential if you are going to put a robust and reliable network together. As we can see we’ve looked at a number of different alternatives here as to how you can deploy a wireless network. The key thing is to consider now that wireless is a mature and secure technology. It brings business benefits in terms of productivity, flexibility and adaptability. If you are going to roll out a network then you can often do it quicker with wireless than you can with wired. If you have an environment that is not cost effective for wired or there are restrictions because of building construction, or restrictions because of other types of building constraints, it may be a listed building for example, then wireless can often be the only solution. What we need to say is that whenever you are considering deploying a new application, whenever you are considering extending your network then wireless should be part of your project plan. Please make sure that you deploy wireless the same way that you deploy wired. That it is considered, its project managed and that you get a proper site survey done. If all of this is taken care of then you will end up with a network that is reliable and secure and brings you some real business benefits. We’ve now reached the end of our LiveCast, thank you very much for listening, thank you very much for all your questions. To listen again click on the link which appears and go to the website you can download a Pod cast or transcript of today. Once again, thank you very much and happy wireless. Goodbye.