January 7, 2002

Bluesocket uses embedded Linux to speed development for wireless gateways

Author: JT Smith

- By Daniel P. Dern -
Companies using Bluesocket's wireless
gateways may never know that there's Linux inside the box. But
Bluesocket CTO Dave Juitt and his engineering staff are very aware of it;
in fact, he deliberately chose Linux for use in the company's WG-1000 Wireless Gateway product, and is also looking ahead to using embedded Linux in its upcoming
next-generation product.

Wireless LAN technologies like the 802.11 (a.k.a. "WiFi") family and Bluetooth let notebook and handheld computers, and peripherals like printers and phone headsets, communicate with networks and other devices, through a wireless "access point" or router.

Wireless service is convenient, easy to deploy and affordable. There's no need for
notebook users to get up close and personal enough to an Ethernet hub to plug a
wire in, and no limit to users based on available hub ports. Wireless access
points and even wireless firewall/routers that can plug directly into to an Ethernet
port are available from companies like D-Link and LinkSys for less than $200.

But there's a price to pay for convenient network access in the potential for misuse. For most home and SOHO wireless LAN users, the encryption features built into the
wireless services are sufficient to provide privacy and keep out unauthorized users.

However, companies and carriers are quickly discovering that wireless LAN access
has some of the same management concerns that they experienced in adopting wide-area networks, LANs, and Internet access from the corporate network, notably
access management such as authenticating users, privacy, quality of service, and bandwidth management.

"Because you're dealing with such a skinny pipe being shared by possibly dozens or more users, you need all the management of bandwidth you can get," says Patrick Rafter, director of corporate communications at Bluesocket. (Remember the drain on corporate and university Internet connections due to Napster, or, back in the 1990s, by Web access in general?)

Bluesocket to the rescue

Bluesocket's WG-1000 Wireless Gateway offers one way to solve these problems for
wireless users. (Vernier Networks
and Reefedge, Bluesocket's competitors, use
different network architecture approaches.)

Topologically, a WG-1000 sits between the wireless base station access points
and the rest of the network, and serves as a packet-filter firewall for all
traffic going to and from the wireless users. The WG-1000 supports VPN-like
IPsec tunneling for wireless LANs, and also provides management features
common to networks such as role-based access control, quality of service, and bandwidth management.

Physically, Bluesocket's WG-1000 Wireless Gateway -- currently based on a
866MHz Pentium III with 256MB RAM -- comes as a 1U rack-mount enclosure,
allowing it to be installed in a standard rack in a wiring closet.

People with wireless-equipped notebooks and PDAs can, for example,
check email or use LAN/web-based applications while wandering from floor to floor,
or providing access control to Ethernet ports in semi-public spaces such as conference
rooms, cafeterias, etc. According to Rafter, one Bluesocket WG-1000 nominally supports up to ten 802.11b access points.

Bluetooth or 802.11, you choose

Because the WG-1000 isn't directly providing the wireless service per se,
it's independent of the radio frequency wireless technologies involved, meaning it should work equally well with 802.11, as well as Bluetooth,
or any mix thereof. Currently, Rafter says, "most of what's
out there is 802.11b," and, according to Juitt, Bluesocket has demonstrated
interoperability with Bluetooth as well as with 802.11b.

Bluesocket only began shipping its first production boxes in September 2001,
often letting prospects try them out for a month -- and nobody seems to
be returning them. The WG-1000 is currently being sold in more than 15 countries,
including Japan and New Zealand.

Organizations using Bluesocket's Wireless Gateways include everything from
major technology-using workplaces such as accounting firms like
KMPG Consulting, in their four-floor office in the United Kingdom,
through universities in the United States, Europe, and Japan.
Even Microsoft is using it, in its Boston-area Envisioning Center,
to let visiting business executives make use of the .NET demos, check email, etc.

The University of Texas at Dallas is using one to control the wireless access it has deployed in apartment buildings, which house a mix of students and other tenants, according to Doug Jackson, director of technology
customer services at the university. The authentication and privacy features to restrict
access only to students. The first complex has 530 residents, and 48 wireless
access points; Jackson says he's measured up to 172 simultaneous users going
through the Bluesocket gateway.

Similarly, Lasell College in Newton, Mass. is using a WG-1000 to provide controlled access to campus resources and the Internet for wireless users in the half-dozen areas the college has experimentally wireless-enabled, says Deborah Gelch, director of information technology at Lasell.

Linux enables rapid prototyping and system development

Although it's not visible either to users or even network administrators -- who
manage their WG-1000s through a Web-based interface -- there's Linux in
Bluesocket's boxes.

Bluesocket CTO Dave Juitt, who was Bluesocket employee No. 1, deliberately
chose Linux as the development and production environment, and expects to
use embedded Linux --
network-upgradeable firmware -- in the next-generation wireless gateway,
which is still under development.

"I've seen a lot of technology evolution and software," says Juitt, whose
experience in security includes working at MITRE, Digital Equipment
Corporation and GTE Labs. "I work from a systems engineering perspective
in terms of creating viable products."

To Juitt, "Linux is a wonderful operating environment that allows people to use
it as an underlying platform to create services and systems on top of. It's amazing:
if you need building blocks, are going to snap things together -- it's modular
below the line of what the end user sees, and is seamless above it.

Linux and Open Source give Bluesocket access to a wide range of
quality resources. "Thanks to the huge number of developers all revealing
each others' work, the quality of the code is very high to start
with, and the Linux community functions as extension of our own QA
department to test and reliable products to market more quickly," Juitt says.

This means that "if you do the system engineering right, you
can very quickly put together a viable environment, versus what, say, back
at Digital, would have taken man-years of effort. Linux reduces that to
man-months," he says.

"We went from prototype to product of the WG-1000 in six or seven months.

"I'm talking specifically about the architecture of Linux, not Unix; how it allows for modularity -- and the availability of integral parts --
and how integrating Open Source in Linux enhances things. Open Source is the lever that creates the value. There's a tremendous depth of knowledge that we can leverage. It's like having a worldwide engineering team."

In terms of Linux/Open Source resources (in addition to Red Hat Linux as the OS)
used by Bluesocket, "We rely on IPTables (the Netfilter framework was *very*
useful), MySQL, the Reiser filesystem, and CVS," Juitt says.

Juitt selected embedded Linux rather than, say, QNX, for the next product, because
"the embedded Linux environment is in our technology vector.

"Our early commitment to Linux defined our direction and will make it easy
to go toward embedded Linux." In turn, "an embedded Linux solution gives us
the development benefits of rapid prototyping, reusable components, and continued
access to the Open Source community.

"To be able to take a heavyweight operating system like Linux,
do the integration and system engineering, and refine it into an embedded
Linux appliance, is an amazing engineering path not available with any other
technology platform," says Juitt.

"Linux is turning out to be a rapid prototyping tool that gives you a complete
system engineering environment in which to create. We can do what we need
to do with all the heavyweight compilers, we've got all the languages available.
We can do a proof prototype, create an early release, and then take all we've
done and port it into embedded Linux to get performance."

Choosing Linux at the beginning has made it possible to evolve quickly into
the embedded systems approach, says Juitt. "My system engineering background says
you need to be able to see the whole system, the artist in me says you have to be able to get it onto the canvas quickly. You can't do that with MVS or VMS."

The Open Source aspect of Linux has been as important as its modularity,
Juitt says. "Linux is based on code reviews, so you know what's
going in is high quality. The peer review quality of OS is so strong, it's
a boon to get that access. You're integrating technology that has been reviewed,
and can be verified."

For a base distribution, Bluesocket uses Red Hat Linux. Bluesocket does have
proprietary software of its own, such as its control program, which the company has
been careful to segregate from the Open Source code.

"The tricky part for us is to keep from tweaking Open Source code,
to be able to maintain the integrity of all the Open Source software and
still have seamless integration with our software," Juitt says.
"If you're going to make use of Open Software, it's important to
play by the rules."

While Bluesocket is keeping its own software closed source, it has
been doing its best to also give some value back to the Open Source
community in the process of using open code.

"We've got a patch or two to the DHCP daemon we're using," Juitt says.
"We will be releasing the patch soon, and reviewing other contributions we can make."

Daniel P. Dern is a freelance technology writer.
Most recently he was executive editor of Byte.com. His Web site
is www.dern.com.


  • Linux
Click Here!