I spend a lot of my time in coffee shops when I’m not on the road. It’s easy to just pop in and get some work done while I enjoy a fine cup of caffeinated goodness and contemplate the meaning of life. I usually spend my contemplation time right away, since my laptop and mobile device have to take upwards of a minute each to connect to the wireless AP in the coffee shop. And that’s with me coming as often as I do! I still need to connect to the SSID and hit the captive portal for my device MAC address to be authenticated.
It’s even worse when I go to unfamiliar places that use things like social Wi-Fi logins or other data collection mechanisms. It’s so bad in today’s world that I would rather use my LTE hotspot rather than deal with draconian measures designed to profile me. And when you look at the number of Wi-Fi networks that don’t have any kind of protection, it’s drastic indeed.
The key issue for businesses like this is the age-old contrast between security and ease-of-use. Networks need to be more secure in order to save us from leaking data all over the Internet. But having those protections in place increases the complexity of connecting to those networks. And users that have to jump through hoops to use your wireless won’t stay long. How can a business or chain of stores provide the kind of frictionless connectivity that users have come to expect without spending hours and significant amounts of money doing the technical research to build their own solution?
Wherever I May OpenRoam
Cisco has been doing a lot of research in the field of offering seamless roaming. All the way back in 2011 I remember hearing about 802.11u, which was originally designed to improve interoperability between external networks in wireless. 802.11u was implemented by the Wi-Fi Alliance as Hotspot 2.0, which is the basis for Cisco’s newest solution – OpenRoaming.
OpenRoaming is designed to help you implement seamless roaming between networks with one enrollment and identity solution. Rather than having to remember credentials for a variety of networks and passwords for SSIDs everywhere, Cisco makes it easy. OpenRoaming can take a variety of well-known identity methods and use them to authenticate and enroll devices. Once the enrollment process is completed, devices that have been authenticated through the OpenRoaming process are connected to networks with no fuss or muss.
This great video from Matt MacPherson illustrates the great technology that Cisco has been building:
I have first-hand experience with OpenRoaming from Cisco Live 2019. I got an email from Cisco that there was an OpenRoaming beta test going on. Not one to shy away from breaking new and exciting things, I signed up the week before I left for San Diego. When I arrived on Saturday morning for my first meeting, my iPad and iPhone automatically connected to the OpenRoaming SSID (which was hidden) and authenticated me to the network. Instant and easy. It was so seamless, in fact, that I didn’t know where to look for the SSID and password for the main conference Wi-Fi because I didn’t have to look for it!
The possibilities of OpenRoaming are endless in my mind. Retail establishments can have users set up and authenticated to one branch location and use those same credentials across all the networks that they have. Starbucks or Dunkin would be able to have you join instantly! The same goes for carriers like AT&T or Verizon. I know that AT&T used to use the SSID “attwifi” everywhere to offload traffic from mobile devices. They still do use it in places but it’s fallen out of favor for a variety of reasons. Imagine using “attwifi20” and making it OpenRoaming-enabled. Now, any time you get close to a provider that partners to offer a service like this you can connect and not worry about anything! And, with the advent of 5G, you can authenticate back and forth between wired and wireless networks easily without the minutes that it could take to dismiss captive portals or wait for the backend to take care of doing the heavy lifting each and every time you walk up to the door.
OpenRoaming isn’t the only option out there for this kind of connectivity. The big competitor is Passpoint, which is backed by mobile providers and companies like Aruba. Passport is very much tied to mobile devices right now, as the cellular device ID is used as your identity. With OpenRoaming, you can use a variety of identity stores to authenticate other devices, not just mobile phones. That kind of flexibility makes OpenRoaming a better solution for enterprises that would need to be more inclusive of the types of devices that make up their workforce. You can be sure that almost everyone has a mobile phone today, but you can’t be certain that they aren’t also bringing a table and a laptop along for the ride.
Bringing It All Together
Fast and easy works on so many levels. The less I have to worry about signing up and operating my connectivity the more time I can spend doing work or contemplating the existence of snapping turtles. Worrying about SSIDs and social Wi-Fi logins just makes me irritable and more likely to snap at other people. OpenRoaming isn’t the solution for every situation where you might need open, identity-based login for wireless. But it can fill a need on the larger end of the scale. If you’re a university or a retail chain with a nationwide footprint you definitely need to check it out.
For more information about OpenRoaming from Cisco, you can check out their info page. You can also find coverage from their Mobility Field Day 4 presentation from Haydn Andrews, Scott Lester, and Episode 10 of the Contention Window Podcast
- Dealing With the Heat - April 6, 2020
- Framing Data Fortresses with Fortanix - April 2, 2020
- Drilling Down with XM Cyber - March 26, 2020
- Community Construction Isn’t Just Numbers - March 19, 2020
- Itential – The Network Glue You Need - March 17, 2020
- Building Secondary Security for IoT - March 10, 2020
- Confidence in The Cloud with NetApp - March 3, 2020
- The Power of Communities – An Interview with David Penaloza Seijas - March 2, 2020
- Moving Past The Edge with Aruba SD-Branch - February 26, 2020
- Does SPB Mean “Secure Path Bridging”? - February 12, 2020