Tag Archives: mDNS

Google and Apple Should Be Giving Network Admins A Cut

It’s a bit curious how at least part of the relationships between device providers and customers are catalyzed by unsung heroes in the equation: wireless network administrators. The contemporary model seems to go like this:

  • Big company teases out an upcoming product release with well placed leaks and sneak-peaks
  • Media fan-boys and fan-girls promote the living bajeezus out of the new devices before and after release, rarely mentioning   their technical shortcomings in any meaningful way
  • Customers fall in love with the new toys; usually the romance starts on the home network
  • Customers high on their new-found gadget love rush into the work environment with their slick new products.  And banking on the accuracy of incomplete articles like this, get frustrated when said gadget doesn’t spring to life on the business network
  • A call goes out to the WLAN admin, who has to decide whether a one-off work-around and likely violation of  organizational policy is in order to get the device in service

Let’s talk about the Chromecast specifically. First and foremost, I love mine. It gets a tremendous amount of use at home. On the work WLAN, it’s not so pretty. Many enterprises disallow ad hoc wireless networks, and the Chromecast needs ad hoc connectivity for at least some of it’s functionality. Then there’s the same issue that Google Glass, early AppleTVs, cheap wireless printers (and not so cheap wireless printers), and a raft of other popular devices that users want to bring to work suffer from; they don’t do any sort of real wireless network security. If you have a mechanism in place to provide MAC exceptions on open or PSK-based network (which isn’t always the case), you can accommodate some of the toys. Unless, like with Bonjour-based devices, mDNS requirements and home-centric network requirements cause you to jump through more hoops on your carefully-designed WLAN. We won’t even get into legacy client chipsets that need data rates that most of us vacated five years ago to gain better performance from our expensive wireless networks.

No matter the exact tech details that lead to tension between consumer devices and business WLANs, there are only two paths to resolution:

  1. Device makers stop screwing over network admins, and bake in compatibility for ALL networks, not just the one behind my cheesy little Linksys router. Or…
  2. Wireless network solutions come with enough sophistication to let toy-toting users get their own limited devices on the air, while also preventing the devices that can use real security from following the toys down the same logical path, while bridging multiple operational realms so the full-blown secure client can interoperate with gadget that has to be handled differently.

Hats’ off to WLAN vendors that are moving their own cheese closer to #2, but that sort of sophistication comes with a lot of cost to the customer and complexity that wouldn’t be required if #1 was simply provided by the Googles and Apples of the world.

As it is, there are a lot of WLAN admins out there right now struggling to accommodate wonderful new devices that we should all be celebrating for what they bring to our users, but we really are getting the short end of the stick. If we can’t accommodate the Chromecast or whatever, we’re viewed as obstructionists that can’t appreciate disruptive new tools. If we can get them going onesy-twoseys, we stand on a slippery slope of support nightmares when the devices misbehave (or lose their settings on power down), or when all of the sudden we’re making MAC exceptions and special ACL/firewall rules all over the place and bypassing our own security perimeter to accommodate the inadequate devices.

So uh, Google and Apple- please pick up a WLAN calendar- the industry is fast entering the 5th generation of WLAN technology. So why are two of the richest companies on the planet still putting out products that can’t go past 2nd generation security?

If you’re not gonna spend the bucks on finishing  development on the products that you absolutely must know are going to find their ways onto our business WLANs, how ’bout putting us WLAN  admins on your payroll? After all, your success frequently comes down to our creativity in addressing your shortcomings.