A year ago this month (http://www.wi-fiplanet.com/news/article.php/3373441) the IEEE ratified the 802.11i security standard for wireless LANs bringing us the ability to implement TKIP, easier setup using a pre-shared key, and the ability to use RADIUS-based 802.1X authentication, BUT, is anyone even using this technology.

I work in the field every day and I have yet to see this implemented. I was wondering, in what application the rest of the WiFi community was using it with if any.

Thanks for any feedback.

I'd also like to know the answer to this... it's amazing how much buzz some things get (like, VoIP) and how little it's actually used in the real world. That said, 802.11i/WPA2 is probably a victim of timing... it usually takes a few months after a tech spec if finalized for it to make it to products/services (802.11g and 11n excluded, obviously). When it takes forever for many 802.1X supplicants to build in EAP types that have been around for years, what hope is there for brand new fancy 11i?

I just read an article about Microsoft switching to all Aruba 802.11i switches and AP's (http://www.informationweek.com/story/showArticle.jhtml?articleID=164900890&tid=5978#_) so that’s pretty significant however these are all large scale campus and city type installations.

Not properly....


Right now we are trying to get the WDS, WPA, WLSE trifecta to work harmoniously.

Having close to 10,000 Cisco AP's (mostly 1200's.. some 350's) all over the country in various flavors of firmware and radios (B and G) is proving to be a daunting task. Not to mention the switches....

When we get the magic button working that will upgrade all this stuff to current firmware that works with VoIP and WPA...then maybe we'll go to AES

Ask me in about 5 years...

Certificate management is still a limiting factor to implementing 802.11i.

I have worked with many Enterprise companies and only a few have the infrastructure and staff in place to issue and manage certificates.

There is high cost involved in setting this up and lots of ongoing support.

Spiderbite... 10 000 APs? That's double the size of the network announced in the Microsoft release that FroZone posted.

Dare I ask what organization has a network that large?

Any thoughts of switching to a centralized architecture like Aruba the same way Microsoft did? I'm sure they felt the pain of WDS, WLSM, WLSE et al.

Cheers,
matt

You could ask, but I cant tell you for security reasons.

However, this makes us one Cisco's best customers for gear. Since we are that large we only use Cisco to keep some sembalance of structure and standard.

Unless Cisco buys it and incorporates the technology into one of thier doo-hickeys we cant use it.

Since Juniper will soon own the only FIPS 140-2 802.11i PC client and Cisco is the Gorilla in the 802.11i infrastructure, Cisco has lost half of their 802.11i solution. That is unless Cisco and Juniper announce a partnership....I don't think so either.

Steve Pherrhus