A different take on Wi-Fi security: instead of just focusing on securing the connection, make smart choices about what parts of your network you make available wirelessly.

Did Wi-Fi take off before it was ready for prime-time?

In terms of functionality, no. It's fast, it's easy to set up, and it generally works as "advertised." However, when it comes to security, it might be said that, yes, Wi-Fi wasn't quite ready for adoption by the masses.

EARLY IN 2001, an analysis of 802.11b's Wired Equivalent Privacy (WEP) security algorithm by a UC Berkeley research group revealed serious flaws in Wi-Fi security. However, technology in this day and age evolves quickly. New security mechanisms are set to fill WEP's under-sized and short-lived shoes.

Security solutions, such as Wi-Fi Protected Access (WPA), have been announced and released. However, WPA requires a firmware upgrade and these things take time to disseminate across the large population of deployed devices. Until WPA is widely deployed, the only native security option for many users is WEP.

Although some may argue using WEP can lull users into a false sense of security, I maintain that at a minimum, WEP effectively posts a "do not disturb" sign, which might be useful for legal reasons. Also, if WEP is the only thing you can afford, its (free) price tag is attractive. After all, if you never bothered to use free and built-in security mechanisms, you'd never lock your car door at night, right? Locking the car door doesn't offer 100 percent security, but because it's easy and free, we do it anyway.

Here's the real question: What steps can you take on your wireless network to go beyond the functional equivalent of locking the car door? This article focuses on new and interesting wireless architecture solutions that will help you keep an eye on security. You'll also get to see a couple of these approaches in action.

WPA, next-gen security

On April 29th, the Wi-Fi alliance announced the first round of products that had completed compatibility testing and could be labeled as having WPA, the replacement for WEP. WPA is a subset of the IEEE's 802.11i Working Group. Rather than wait for the full 802.11i specification to be finalized (2004 at the earliest), the Wi-Fi Alliance bundled the completed portions of the 802.11i protocol for immediate deployment. The improvements WPA introduces should fix all known flaws in WEP (as of the time of this writing). However, architecturally speaking, using WPA keeps you on the path of trusting the wireless link. This is fine if you have a high degree of control over the client devices and you can dictate the hardware and software being used, but not everyone has that luxury.