But such large-scale wireless deployments raise security concerns, and with good reason - the Wired Equivalent Privacy protocol, predecessor to the 802.11i standard ratified last year, has been shown to have serious flaws that can be exploited, and its weak authentication methods have made wireless networks vulnerable to attacks. Capital One and Microsoft hope to avoid these problems by using 802.11i-compliant equipment. The standard defines a method, called Wi-Fi Protected Access 2, or WPA2, for authenticating and encrypting wireless LANs.
At the heart of Microsoft's wireless LAN deployment is Aruba's switching system, which centralizes 802.11i security functions, including wireless encryption, authentication and user-access controls. This means Microsoft will be able to control and encrypt all its wireless devices centrally. Aruba CEO Don LeBeau believes a combination of centralized control and tight security is what many businesses will require in wireless LANs.
Revenue for the worldwide, wireless LAN security market is expected to reach $279 million by 2009, compared with $41 million in 2002, according to a new report from research firm Research and Markets (Dublin, Ireland). Capital One has built a "rigorous security infrastructure" that includes an enterprisewide intrusion-detection system, Capital One's Bailar notes. In addition to encrypting communications between the wireless network and mobile devices, Capital One enforces security policies, such as minimum password length and limits on the number of unsuccessful log-ins from centralized servers.