Navigation
RSS Feed


HCW Tech Blog

For the latest info on computer hardware, tech, news, video games, software tips, and Linux, check out our new improved front page: HCW Tech Blog

Reviewed by: Bryan Pizzuti [02.18.03]
Edited by: Carl Nelson
Manufactured by: D-Link

MSRP:
Dual-Mode PC Card NIC: $129
Dual-Mode PCI Card: $129
Dual-Mode Router: $270

Discuss this article in the forum!
Registration NOT Required!

 

Introduction

The two latest wireless networking standards competing for center stage are 802.11g, and 802.11a.  Both offer the promise of higher speeds than 802.11b devices, but some other questions remain, such as compatibility.  Today, we will be looking at D-Link's Dual-Mode wireless networking gear which offer the option of using either 802.11a or 802.11b network connectivity.

Shouldn't 'a' come BEFORE 'b'?

Normally, yes, but in this case, no.  802.11b is the original WiFi, or Wireless Ethernet standard.  802.11a, however, is completely new, though some devices, like the D-Link ones we will be looking at today, offer dual-mode operation to be compatible with older wireless networks. 

Let's have a look at the current wireless networking standards: 

Wireless Standard

802.11b

802.11g

802.11a

Max speed

11 Mbps

54 Mbps

54 Mbps

Max encryption

128 bit

128 bit

152 bit WEP

256 bit AEP

Frequency

2.4 GHz

2.4 GHz

5 GHz

Compatible with

802.11b

802.11g, 802.11b

802.11a

As you can see, 802.11a has no built-in affinity for 802.11b, so there is some extra cost to add it on to a device.  It operates on a completely different frequency (5 GHz versus 2.4 GHz for "b" and "g" technology) and also supports additional encryption, in addition to just being faster than the original.  That makes it great for new installs, but not ideally suited for upgrades, unless they carry dual-band technology.  And everyone upgrading will have to go through and change their encryption settings to take advantage of them. We'll be testing D-Link's dual-band implementation and seeing how well an 802.11b device can work with the 802.11a network.

That additional encryption is very good news.  You may have heard that some magazines and review sites have started taking laptops around in their cars, and using high-gain antennas to try and break in to 802.11b networks. Admittedly, they found that many of them had implemented NO security at all, but even with 128 bit encryption, the right tools can crack through it in a couple of days.  The increase to 152 bit encryption should give would-be wireless crackers a harder time. 

Also, D-Link offers proprietary "Turbo" modes that allow speeds up to 72 Mbps in 802.11a mode, and D-Link's 802.11b+ technology supports speeds of up to 22 Mbps with compatible hardware, according to D-Link's data sheets. Since D-Link's router currently operates in both modes, it can transfer a total amount of data equaling 94 Mbps. Finnally, a wireless protocol can theoretically approach wired network speeds to be suitable for hi-res streaming video and audio.  Keep in mind, though that D-Link has a 256 bit encryption scheme for their 802.11b products, but not all companies have it implemented for their products, so it would be best to limit 802.11b encryption to 128 bit.  

The downside of 802.11a is it has absolutely NO interoperability with the 802.11g standard, and as designed, has no compatibility with 802.11b.  Only dual-mode devices, such as the devices D-link sent us can work together when they share 802.11b capability, and then only at 802.11b's maximum of 11 Mbps.

New Security

D-Link's NIC products support the new 802.1x user authentication as well as AES, the new Advanced Encryption Security Standard, which is trumpeted as "The highest level of network security available on the market."  Other than these, the ordinary 152 bit Wireless Equivalent Privacy is also offered, and the 802.1x authentication can work with that as well as AES.  The new 152 bit WEP also uses dynamic keying.

The AES standard itself supports up to 256 bit encryption (also 128 bit and 192 bit) and is based on a newer algorithm than WEP, which is designed to increase the speed of encryption and decryption, therefore reducing latency and bandwidth overhead.

802.1x is a new universal protocol for logging into several sorts of networks, but focuses on wireless as well as FDDI.  It allows devices with low processing power, such as wireless access points and WiFi NICs on compatible operating systems to integrate tightly with an authentication server, such as a RADIUS-based server, thereby requiring a wireless user to log in with a username and password before being allowed to join a wireless network.  This is a particularly powerful security option, and also fairly vital for many business applications of this technology. Of course, the downside, other than requiring a server to authenticate users (A Windows 2000 domain controller will perform this function) is the fact that, once a user is authenticated, the network is open, without encryption, and the radio signals can still be read and intercepted, given the right hardware.  This means that enabling AES or WEP is still required for further security.

This points to a fairly large problem with wireless networks, as opposed to wired networks such as fiber and Ethernet.  Because these signals are carried within a cable, physical access to the raw data signals is very difficult.  But wireless, by its very nature, means that the raw data is accessible to anyone within range of the transmitter, if they have a proper receiver.  Therefore, the data being transmitted must be protected sufficiently from those who could receive this data and attempt to read it.  But at least 802.1x makes it considerably more difficult for a rogue device to INSERT itself into someone else's network and make use of its resources, which is a critical step.  This makes it more difficult for roaming hackers with high-gain antennas to take control of corporate servers through wireless links, and do naughty things.  WEP and AES encryption add another layer of difficulty that must be bypassed, and another layer can be added into routers and access points that will only allow certain network cards to join their network.

By the way, it should be pointed out that D-Link's dual-mode router doesn't support 802.1x authentication security, nor AEP encryption; only WEP encryption is supported right now. At this time, if you are running a capable server and wish to use 802.1x, or if you would prefer AEP encryption, you must purchase one of D-Link's 802.11a access points instead. The 802.1x part makes some sense, as a router would be more focused on security of the main Internet uplink, but 802.1x would be useful for many small to mid sized businesses, especially those in close quarters with other companies, and wish to keep their wireless network secure. However, failing to include AEP encryption is a rather large oversight, since anyone can benefit from the advanced, faster encryption that AEP provides. We asked D-Link about the possibility of adding 802.1x and AEP support to the dual-mode router with a firmware update, and they said both would be supported in future firmware upgrades, but that it would be several months yet.

The NICs

The PC Card NIC is your general, run-of-the-mill Cardbus-looking card, containing 2 LEDs, to show card power and network activity. It's about average length, though the antenna portion is quite thick, and if it's placed in a bottom Cardbus slot, it will block access to the upper slot.  It's also incredibly lightweight compared to many other PC Cards, and seems to run quite cool. But what they did with the PCI-based version is really nice...

Next Page: (2)