Receive new posts as email.
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator.
Entire site and all contents except otherwise noted © Copyright 2001-2009 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Lexmark pushes out a passel of wireless printers: The models run from $130 to $200. The printers all handle two-sided printing, which, in Lexmark's words "saves paper and the environment." Whew, I was worried about the environment, and printing on both sides of a sheet of paper apparently saves it. Three of the models are multi-function printers (MFP in industry parlance), which print, copy, scan, and fax. Lexmark is calling them all-in-one (AIO), just to be different.
The X6570 ($150) has 28 ppm (page per minute) black and 24 ppm color printing (draft mode print numbers, naturally, a footnote explains). You can remotely control the printer to scan, fax, and read memory cards inserted into a media slot. There's a 25-page document feeder, too. The X7550 ($200) ups the rate to 30 ppm black and 27 ppm color while including an LCD display for photo preview via the media slot. The X4850 ($150) appears to omit the fax feature, although Lexmark is unclear about that.
Lexmark also added the Z1520, which is just a wireless color printer (30 ppm black, 27 ppm color) for $130. You can also get wireless-omitting versions of the AIO printers, too, that have various subtle differences to boot (the X5070, $90; and X5495, $100).
Interestingly, Lexmark only uses the terms 802.11b/g/n, and then only in a footnote. That makes me suspect that the printers haven't achieved Wi-Fi certification yet. They're not in the Wi-Fi Alliance's list of certified printers, although the previous X4500 series is listed. It's an odd thing today to see "Wi-Fi" products without the Wi-Fi brand.
Apple slips in 1000 Mbps Ethernet in its Wi-Fi router: Apple quietly upgraded its Draft N-based AirPort Extreme Base Station to full gigabit Ethernet support across its three LAN and one WAN ports today. While the company didn't release information separately, they contacted me to note the change, and the Apple Store's product listing has been updated. The new base station can be ordered right now.
The first release of Apple's Draft N base station was rather marvelous for its inclusion of a USB port to share multiple printers and hard drives; the company's decision to have both 2.4 GHz and 5 GHz radios inside; and the fact that Macs had been shipping with 802.11n inside, requiring just an enabler, released with the base station, to upgrade their performance. My primary complaint, however, was the mismatch between the company's widespread inclusion of GigE in most of its models long before the competition. With the drop in cost in GigE switches, it seemed odd for Apple to release a unit that was designed for homes and small offices that would underperform a $35 Ethernet switch.
I also suspected that the overall performance of the 802.11n draft that Apple is using was constricted due to internal Ethernet limits. In my testing for a review in Macworld, I was able to top 90 Mbps in Wi-Fi to Ethernet and Wi-Fi to Wi-Fi transfers. But Ethernet-to-Ethernet data was limited to just over 90 Mbps as well. Apple says that their new gigabit Ethernet base station is up to 50 percent faster for wireless-to-wired links, which would put it closer to 150 Mbps, a speed achieved on other GigE-based Draft N routers.
When testing the base station in February, I discovered that with NAT enabled to share access from an incoming WAN link, performance was restricted to about 30 Mbps from wireles LAN to LAN and 60 Mbps from wired LAN to WAN. Apple confirmed this was a bug that was due to performance issues in their NAT stack. Apple wasn't able to tell me if this limitation has been fixed, but I would imagine so.
This bug emerges in only two edge cases: Where a broadband connection exceeds 30 Mbps, which is true for some fiber and cable customers; or where a corporate or office LAN isn't supplying addresses to the computers connected via the AirPort Extreme. If NAT is turned off, the AirPort gateway has no performance limitations.
The price for the AirPort Extreme Base Station with Draft N remains $179.
It's pretty extraordinary when there's competition for giving away security: On the small-office/home-office (SOHO) end of the market for Wi-Fi security products, there's an increasing trend to just give away products that can help very small number of users in the hopes that those users then adopt the for-fee products when they grow in scale or need. But it's a very nice development for SOHO warriors, to be sure.
LucidLink joins this trend by dropping the price of their three-user package for secure WLAN connections from $99 down to zero. My guess is that it was a hard sell for that user category, and that becomes a great test tool for offices considering LucidLink. They can hook up this three-user version as a test before buying a multi-seat license. The three-user limit is simultaneous users. More can be registered in the system.
LucidLink is a locally hosted 802.1X server package that uses proprietary client software for Windows 2000 and XP to make the connection. The server software requires Windows 2000 (any edition), XP, or Windows Server 2003.
The next step up is a 10-user version of LucidLink for $449.
WiTopia joins several other companies in offering affordable WPA Enterprise service, personal VPN: The company announced two products to help small-to-medium sized businesses (SMBs) and mobile workers. SecureMyWiFi, is an outsourced 802.1X offering using WPA Enterprise offering that provides the RADIUS and keying back-end needed to have unique keys for each user on a network based on their credentials (username and password). The rates start at $29 per year for a single access point and up to five users; additional APs are $10 per year each, while additional blocks of five users are $5 per year each. The system uses standard 802.1X clients.
SecureMyWiFi competes against similar offerings from Wireless Security Corporation (WSC Guard) and BoxedWireless. In a comparison chart I put together as part of an article for Mobile Pipeline, I noted that a 10-user setup from WSC cost $449.99 for the first year while BoxedWireless would run $288 for those parameters. In contract, 10 users from SecureMyWiFi on a single AP would cost $34 for the first year, while even assuming three access points would only cost $54 per year. Move up to 25 users and WSC Guard $1,124.75, BoxedWireless $1,212, and SecureMyFi (assuming four APs for coverage) would be $74 per year.
Their personalVPN offering provides an SSL-based VPN service for $79 per year which works out to $6.58 per month. This competes primarily, in my knowledge, against HotSpotVPN.com, which costs $8.88 per month for a PPTP VPN. WiTopia's explanation that PPTP "is susceptible to hacking" is a bad summary of the issue. PPTP encryption can be cracked through poor password choice. HotSpotVPN, like all PPTP VPN service providers, enforces good password choice which fully defeats the cracking hole. personalVPN is available only for Windows XP, but WiTopia promises a Mac OS X version.
Normally, in seeing price discrepancies this huge, my reaction would be, "Who are these crazy people and what are they trying to pull here?" But then I look at the management biographies, find the parent company Full Mesh Networks has been around for two years, and realize these guys aren't smoking pot, they're dealing it as a gateway drug.
Psychopharmacopia references aside, Full Mesh is a full-service network IT and mobile worker support outsourcing firm that manages enterprise-scale resources. WiTopia lets them work with the very large, very undersupported SMB market--and provides those smaller customers with a taste of the larger picture. The pricing is part business model, part marketing, and may produce some large quakes in the SMB network service market for Wi-Fi offerings.
Four options are affordable for enterprise-grade security inside a small office: This article, which I wrote for Mobile Pipeline, addresses the four servers and services that have a price and focus square on the small business of 5 to 100 users. Above that range, and you really better have an IT department and integrate your directory services. But for a few dollars per user period (in house) or per month (hosted), a small business can have a level of Wi-Fi link security that approaches that of a large enterprise.
Reduced IT burden, increased security for the smaller enterprise: The overall IT burden for small businesses has grown ever larger, which is why it's heartening to see the latest in an ongoing series of efforts by Wi-Fi-related software developers and Wi-Fi hardware manufacturers to provide enterprise-style network offerings with small-business pricing and knowledge in hand.
Elektron from Corriente Networks is a proud member of that family of goods. This RADIUS server is designed with one purpose in mind, rather than the Swiss Army knife approach of Windows 2003 Server or Mac OS X Server: Elektron secures wireless networks using WPA (Wi-Fi Protected Access) Enterprise, a flavor heretofore out of reach of those who couldn't spend thousands of dollars on server software and wanted the largest array of standard 802.1X client support.
WPA Enterprise uses a secured login for each user that's coupled with a unique, regularly updated, long encryption key. This eliminates the problem of a shared key being stolen or socially engineered out of an employee. It also avoids having to enter a new key on every computer on the network whenever the shared key needs to be changed. WPA Enterprise rotates around identity instead of a key.
By using a robust WPA key that's unique, the wireless network layer can be virtually assured of full protection from snoopers. The same amount of care needs to be taken with physical intrusion, in which a cracker gains access to the Ethernet network, but it eliminates over-the-air risks.
Elektron brings this to a small office using standard protocols and software and a server that works under both Mac OS X 10.2.8 and later and Windows XP, 2000, and Server 2003.
Read the rest of this review after the jump...
Add to the mix of remote RADIUS servers for small-office WPA Enterprise: The folks at BoxedWireless are offering the back-end RADIUS authentication server needed to provide WPA Enterprise. The interesting twist with BoxedWireless is that they offer both EAP-TLS (unique certificate per computer) or PEAP (certificate optional on server) under 802.1X.
The EAP-TLS option is quite fascinating as the company is taking on the burden of running a public-key infrastructure (PKI) for you. It's usually beyond the means of most smaller companies and even large enterprises sometimes don't opt into building a PKI. With a PKI, BoxedWireless can let you use the most secure method of EAP encryption in which the server certificate is first authenticated after which the unique client certificate is delivered to the server for full mutual authentication. You can even issue temporary-duration certificates to particular users for guest or temporary access.
For an office of 10 users, the cost is $24 per month or just over $2 per user. They charge based on a range, such as 1 to 10 users or 51 to 100, so the cost per user varies based on which end of that range you're on. The worst case is still a few dollars per month per user.
BoxedWireless makes it easier to use a variety of platforms with small-office WPA Enterprise because you can use any standard EAP-TLS or PEAP client (with MS-CHAPv2 inner method). But they don't provide the extra in-house failover method offered by Wireless Security Corporation in WSC Guard, the other slightly more expensive outsourced WEP/WPA 802.1X solution. WSC Guard includes software that runs on the local network in case the Internet connection drops, the path to the Internet (i.e., the route between your network and WSC or BoxedWireless) is temporarily lost, or the remote 802.1X authentication server fails.
Update: Peter Judge chimes in on the issue of trust and reliability for services of this kind, especially where public keys, certificates, and encryption are concerned over at Techworld.com. Peter got the additional detail that authenticated users retain their access to the network in the event of an infrastructure failure: this makes sense as new keys are provided only through a rekeying process that requires the client's participation.
HP is adding Broadcom 802.11g chips to certain of its printers: This is part of a new trend, in which 802.11g-flavored Wi-Fi is just part of what comes with a peripheral or electronics device--it's not an add-on, an upgrade, or a driver-based doohickey. Instead, it's a fundamental part of the design of the product. For instance, the HP Photosmart 2700 All-in-One has a list price of $400, more than enough margin to afford to throw in a Wi-Fi option, and extremely appealing for the SOHO market that already has a Wi-Fi network and wants the flexibility of a printer, scanner, fax, and copier in one device. Once you have Wi-Fi, all resources become movable feasts, too.