ipUnplugged and NetMotion grant wireless users room to roam

When you weigh just the benefits of mobility, flexibility, and productivity, going wireless is a no-brainer. But factor in roaming issues, spotty coverage on the corporate campus, and security vulnerabilities, and the decision can get complicated.

I looked at roaming solutions from ipUnplugged and NetMotion designed to solve these problems. Although the products take slightly different tacks, they share the same goal: to provide secure, continuous connectivity to corporate applications over inherently insecure and disparate wireless networks.

Both solutions appear equally matched when it comes to meeting subnet roaming expectations, enabling wireless sessions to move across router boundaries without breaking the connection. Both have components that can be deployed on pretty much any Intel-based hardware; both require a software client.

However, they also share a couple of major flaws. They support only a Windows-based mobile infrastructure and are limited to networks that can transport IP.

Overall, NetMotion Mobility 5.01, a software-only solution, has a larger array of authentication infrastructure support to manage users and groups. However, it’s also much more expensive than a similar deployment with ipUnplugged’s combined Roaming Gateway, Server, and Client offering.

ipUnplugged

ipUnplugged leverages standards-based MobileIP and IPSec technology to create a solid, seamless roaming solution using what is truly a mobile wireless VPN. Most interesting is that moving over different media types appears truly seamless. Although ipUnplugged does not offer application persistence to the degree that NetMotion does, it is still a serious and reliable WLAN mobility solution.

A typical deployment of ipUnplugged consists of a Roaming Gateway appliance, the Roaming Server —both of which are managed via a Web-based interface —and the Roaming Client.

During my tests, I didn’t have a problem with roaming as much as I did with application persistence. Unlike NetMotion, ipUnplugged doesn’t proxy for a client, so when a client application is cut off from its server, the client’s virtual adapter is still up, but the session is no longer there. Depending on the robustness of the application, it may several minutes before it terminates.

Getting up and running with the Roaming Server was a fairly quick process. The server is the central location for network configuration, security, and client management via a Web-based interface. Annoyingly, ipUnplugged requires at least an SMTP infrastructure to function properly.

During installation, the Roaming Server installs its own RADIUS (Remote Authentication Dial-In User Service) server where users and groups are managed. Although I could have also tied my RADIUS server to that of the Roaming Server’s to support guest users, the ipUnplugged installation provides all subsequent authentications. Unfortunately, ipUnplugged supports only RADIUS and SecureID but no other authentication methods.

The Roaming Gateway forwards traffic from app servers to the Roaming Client over whatever transport media may be present, including GPRS, and CDPD (Cellular Digital Packet Data). The gateway, which typically sits between the enterprise network on either the Internet or on a DMZ (demilitarized zone), has a built-in stateful firewall. The server automatically generates the firewall rules during the process of creating the gateway.