Aruba Boasts iPhone Support

If there was any doubt that sharp competition and jostling for positioning occurs in the enterprise WLAN market today, Aruba's announcement regarding compatibility with the Apple iPhone removed any traces.

Cisco Systems last week released a security bulletin that addressed three ARP (Address Resolution Protocol) vulnerabilities found in many editions of its enterprise WLAN controllers. More specifically, one of those ARP vulnerabilities plagued Duke University during the month of July when some iPhones were introduced on campus. Kevin Miller, a member of Duke's IT staff, initially pointed his finger at Apple in an interview with Network World. The story was eventually picked up by The Associated Press and the issue grew to epic proportions.

Cisco and Apple hunkered down together on the problem, and it quickly became clear that Cisco had a bug in its ARP handling capabilities, brought to light by Apple's use of a newer mechanism for handling network reconnections found in RFC 4436. Apple came out looking clean, while Cisco 'fessed up and came out with a patch last week to address it in releases 3.1, 4.0, and 4.1 of its software.

Cisco's fierce competitor, Aruba, wasn't able to let the issue lie and released an announcement regarding its own systems' compatibility with the Apple iPhone. The release makes specific mention of DNA IPV4, an element of RFC 4436, as well as ARP. According to an Aruba spokesman, the company was "flooded with calls" after the Duke incident. What's ironic is that this isn't a partner program or certification that Apple volunteered to join, but something Aruba initiated on its own. "We're proactively looking for newly introduced devices to test -- regardless of whether the manufacturer is in our partner program -- to head-off support calls," said Michael Tennefoss in an e-mail.It's worth noting that Aruba didn't issue a press release regarding a cross-site scripting attack listed on several security mailing lists and tracking sites.