Best Practices for D eploying W ireless LA N s Best Practices for D eploying W ireless LA N s Best Practices for D eploying W ireless
LA N s Best Practices for D eploying W ireless LA N s
An overview of An overview of An overview of An overview of special special special special considerations considerations considerations considerations in in in in WLAN implementations WLAN implementations WLAN implementations WLAN implementations
As wireless LANs (WLANs) continue to grow in popularity, particularly in enterprise networks, the As wireless LANs (WLANs) continue to grow in popularity, particularly in enterprise networks, the As wireless LANs (WLANs) continue to grow in popularity, particularly in enterprise networks, the As wireless LANs (WLANs) continue to grow in popularity, particularly in enterprise networks, the ability to do away with massive amounts of cablin ability to do away with massive amounts of cablin ability to do away with massive amounts of cablin ability to do away with massive amounts of cabling to the desktop is one very obvious advantage. g to the desktop is one very obvious advantage. g to the desktop is one very obvious advantage. g to the desktop is one very obvious advantage. There are many more. Mobile, ubiquitous access to enterprise IT systems throughout the global There are many more. Mobile, ubiquitous access to enterprise IT systems throughout the global There are many more. Mobile, ubiquitous access to enterprise IT systems throughout the global There are many more. Mobile, ubiquitous access to enterprise IT systems throughout the global enterprise yields a more productive and efficient workforce, allowing employees to access resources enterprise yields a more productive and efficient workforce, allowing employees to access resources enterprise yields a more productive and efficient workforce, allowing employees to access resources enterprise yields a more productive and efficient workforce, allowing employees to access resources without being without being without being without being tethered to a traditionally static wired network connection. tethered to a traditionally static wired network connection. tethered to a traditionally static wired network connection. tethered to a traditionally static wired network connection.
Since the introduction of IEEE 802.11 based W LA N s, m any docum ents have evaluated the Return on Investm ent (RO I) and cost/benefits of deploying W LA N s across horizontal m arket segm ents. O ne docum ent in particular, released by the W ireless Local A rea N etw ork A ssociation (w w w .w lana.com ), found that the average RO I of W LA N s w as 8.9 m onths. A recent independent study by N O P-Technology W orld found that the annual estim ated RO I of a W LA N is $7,550 per em ployee: the result of both cost savings and productivity gains. Such docum ents underline the m any advantages of W LA N s. To ensure that these advantages and the corresponding RO I are realized, it is im portant to exam ine and evaluate a num ber of key issues before im plem entation. The follow ing docum ent prepared by Signa Services, a hardw are-neutral W LA N educator and professional services organization exam ines these issues.
The Existing N etw ork Infrastructure The Existing N etw ork Infrastructure The Existing N etw ork Infrastructure The Existing N etw ork Infrastructure W hile the m ajority of netw ork topologies and protocols in use around the w orld today are both Ethernet based and utilize a TC P/IP protocol stack the m ost readily supported configuration by m ost W LA N vendors a thorough exam ination of the existing w ired infrastructure is w arranted. The attractiveness of W LA N s has alw ays been the ability to augm ent or supplem ent existing w ired LA N s in difficult-to-w ire locations. H ow ever, w iring rem ains a consideration w hen deploying W LA N s, as the infrastructure m ust be extended to the system s access points. Subsequent access points m ay be deployed w irelessly via a w ireless distribution system (W D S), how ever this configuration too m ust be carefully considered. C abling is also very im portant if youre planning to deploy Pow er over Ethernet (PoE) functionality. This feature allow s for both data and pow er to be delivered via C at5 cabling, doing aw ay w ith the expense of delivering A C pow er to individual access points that m ay be in difficult to reach places. This ultim ately results in low er deploym ent costs. If youre planning to deploy a system that incorporates PoE you should be aw are that this renders a W D S im possible. Thus its im portant to carefully exam ine the different benefits of these configurations before m aking a decision.
Based upon a sound business case to im plem ent a W LA N , an organization m ust also be aw are that the system w ill never behave or perform precisely like the w ired netw ork. For exam ple, w ireless Ethernet (C SM A /C A ) differs from w ired Ethernet (C SM A /C D ) in their access m ethods. A nother exam ple is TC P/IP: its inherent back off algorithm s w ill actually degrade the perform ance of w ireless clients w hen attem pting to retransm it lost packets. U nderstanding how a W LA N and its clients w ill perform w ill allow an organization to better design and im plem ent a viable and feasible w ireless netw orking solution.
The proper extension of technologies and corporate policies to the w ireless clients (i.e.: security policies, like RA D IU S and VPN ) m ust also be exam ined.
Segregation of the w ireless clients, often referred to as com partm entalization, helps w ith perform ance issues as w ell as adm inistration and troubleshooting.
M ulti M ulti M ulti M ulti- -- -Site C onsistency Site C onsistency Site C onsistency Site C onsistency Today, m any com panies have global offices w ith a globally m obile w orkforce. The W LA N setup m ust reflect this to ensure ease of use for the m obile w orkforce. If settings rem ain consistent throughout offices, users w ill be able to seam lessly connect to enterprise-w ide resources w ith little to no re-configuration dow n tim e. N ot only w ill m obile w orkers experience less dow n tim e, IT staff w ill be relieved of technical support requirem ents w hen m obile w orkers enter rem ote offices. This should be considered for rem ote offices, hom e offices and rem ote dial in access to a corporate netw ork. A s m ore and m ore w orkers request w ireless netw orks at hom e w ith a direct link into corporate netw orks, IT staff need to ensure settings and configurations are sim ilar and thus transparent to the w orker.
M obility and Roam ing M obility and Roam ing M obility and Roam ing M obility and Roam ing M obility is w hy com panies go w ireless. A nd yet m any discover that the w ireless coverage is inadequate or ham pered by "dead-spots". A site survey explored in a later section can help to m inim ize and even prevent this. H ow ever, the restriction of m obility is alw ays a possibility w ith w ireless netw orks. M any IT personnel are unaw are of the lim itations posed w hen roam ing w orkers cross over subnets. M ore im portant, som e of todays security solutions do not permit users to cross over subnets or even to leave a specific coverage area. C onsequently both standards based and vendor specific roam ing capabilities m ust be closely exam ined. In larger cam pus type settings, IP addressing and user m obility across various netw ork segm ents w ill becom e increasingly im portant. Em ploying a robust security solution w ill also becom e increasingly com plex. It is therefore critical to partner w ith a W LA N provider that is highly experienced at providing robust m obile solutions w ith the required built-in security.
A ccess Point and W ireless C lient M anagem ent A ccess Point and W ireless C lient M anagem ent A ccess Point and W ireless C lient M anagem ent A ccess Point and W ireless C lient M anagem ent Vendors have packaged their products w ith utilities that not only address the site survey, but m anageability and adm inistration of the W LA N . Just as critical is the value of pre/post sales support and the specialized expertise and skill set that an organization can provide. W hen deploying a W LA N , look to partner w ith a com pany that can support the entire w ireless infrastructure, including services such as a 24/7 help desk, rem ote adm inistration capabilities and RF diagnostics.
O f particular concern is in certain applications vendor specific utilities and specs m ay not be applicable. For exam ple, w hen deploying a W LA N in a public area such as an airport, a vendor specific utility m ay not w ork for all clients because travelers w ill not all have the sam e product. C onsequently, generic w ireless characteristics need to be retrievable and m onitored. This is a very im portant issue for adm inistrators and service providers.
W hile w ired and w ireless Ethernet differ in their access m ethods, adm inistrators should expect the sam e degree of m anageability from w ireless netw orks as w ired netw orks. The softw are that an adm inistrator uses to m anage the w ired netw ork should also lend itself to m anaging the w ireless netw ork. This allow s the enterprise to standardize the m anagem ent platform . In addition, the ability to m anage, upgrade, and configure groups of access points and clients greatly sim plifies W LA N adm inistration. O rganizations should thus ensure that the W LA N allow s this functionality.
W hile the W LA N architecture w ill vary betw een sm all, m edium and large installations, a controller- based architecture should also be considered. This controller can take the form of hardw are that sits on the netw ork or softw are that is loaded onto a resident server w ithin the netw ork. These products not only deliver value added functionality such as M obile IP, and robust security offerings, they deliver a m ethod of m anageability and adm inistration.
W ireless C ard Interoperability W ireless C ard Interoperability W ireless C ard Interoperability W ireless C ard Interoperability 802.11b cards from various vendors can provide very different range lim its. A ccess points m ay provide coverage to one client and deny it to another in the sam e location. This is the result of the basic radio frequency (RF) perform ance of the radios transm itter/receiver. Som e vendor radios can boost their pow er for greater coverage perform ance. For this reason, the location of access points m ay differ betw een public and private im plem entations. In the case of a cam pus environm ent, w here both the access point and client w ireless netw ork interface card can be ensured and standardized, the coverage and perform ance / bandw idth is constant.
M any are unaw are that features over and above the IEEE 802.11b / 802.11a standard, such as EA P Security, are not interoperable am ong different vendors. In addition, features such as load balancing w ill not w ork w ith a m ix of client radios. It is therefore im portant to differentiate betw een the 802.11 standard and vendor proprietary features. Because m any W LA N installations are based on the features and functionality of the infrastructure products (access points) its im portant to ensure
that the vendor's client radio can be m ade available in a w ide range of clients, from notebook com puters to PD A s and inventory tracking handheld term inals. This is not alw ays the case.
Bew are of creating a "closed system " w hich w ill lock the W LA N into a vendor specific solution. This is particularly problem atic in public areas, w here various radios w ill be present.
For the m ost part, products that have obtained W i-Fi certification w ill, at a m inim um , guarantee a basic level of interoperability.
Security Security Security Security W hile in recent m onths the security offerings inherent in 802.11 based products have experienced a great deal of criticism due to their vulnerabilities, som e basic security offers should be em ployed: ESSID , Packet Filtering W EP 128, and M A C C ontrol List.
A s discussed earlier traditional w ired netw orking security policies m ust also be ported to the w ireless infrastructure. W hile Signa does not endorse any one particular solution, there are several enterprise standards, like EA P, RA D IU S and VPN , available from a num ber of vendors. A gain, security solutions m ay differ depending on control over the client card deploym ent.
Site Survey Site Survey Site Survey Site Survey The site survey (SS) is of param ount im portance to the success of the W LA N im plem entation. A SS can provide details about coverage and bandw idth perform ance at different locations w ithin a cell. It also indicates w here access points should be located. A ccess point density w ill increase if an all tim e 11M bps coverage area is required: a properly com pleted SS w ill clearly indicate w here the fall back data rate of 5.5, 2 and 1M bps areas are.
A great deal of inform ation can be obtained from a SS: even m ore im portant is how that inform ation is analyzed to support the follow ing: cell planning; cell search threshold; range and throughput; interference/delay spread; bandw idth m anagem ent for applications like voice over IP; access point density and load balancing.
Surveying for the "w eakest link" is another im portant activity. This requires a consideration of different radio cards (discussed earlier), as w ell as the devices them selves and how they house the transm itter/receiver (radio). For exam ple: surveying w ith a laptop w ith an exposed radio w ill not accurately illustrate the coverage that a traditional A ID C term inal w ill experience. This enhanced perform ance also holds true for clients that utilize antenna diversity.
W ith the lim ited channel availability, channel usage and selection are param ount. It isn't sim ply a question of installing m ore access points to provide m ore perform ance or greater coverage. The lim ited channel capacity of 802.11 based W LA N s does not allow for an infinite num ber of access
points and overlapping coverage w ithin a given area. To optim ize the W LA N , w ork w ith providers that have an intim ate understanding of the behavior of radio frequency and w ireless standards. This becom es even m ore im portant w hen deploying dual radio access points.
A ntenna Selection A ntenna Selection A ntenna Selection A ntenna Selection A ntennas deliver flexibility and robustness to any W LA N . H ardly referenced w hen discussing W LA N s, it is the antenna that optim izes certain applications such as building-to-building bridging. Because w ireless is a very dynam ic m edium , w e can by utilizing high or low gain antennas alter how the signal propagates. This in turn focuses an RF pattern and energy dow n a long narrow hallw ay rather than into w alls, w hich w ould w aste energy and/or cause m ulti-path interference.
It should also be noted that antenna diversity offers substantial benefits to a W LA N im plem entation, providing the luxury of m ore than one antenna and the ability to select the best antenna for usage. Im plem enting antenna diversity requires detailed know ledge of RF properties and how the antennas should be deployed. A ntennas placed too close to one another w ill actually cause degradation of the RF perform ance as opposed to helping it. U tilizing antenna diversity w ill also have an im pact on how a site survey is perform ed and its results.
The design, im plem entation and support of w ireless netw orks is an extrem ely specialized field. It requires an in-depth understanding of the special challenges of this technology just som e of w hich are explored in this paper. The ability to identify and effectively address these challenges can m ean the difference betw een a successful W LA N im plem entation and one that fails to deliver the expected benefits and returns on investm ent.
About Signa Services: About Signa Services: About Signa Services: About Signa Services: Signa Services is a member of the Psion PLC Group of Companies. Its global network of wireless local area network professionals provides WLAN professional services to clients around the world. Signa leverages the experience and expertise of Psion Teklogix a Psion PLC companythat has developed leading wireless solutions for industrial environments for more than 20 years. Signa Services is a hardware-neutral WLAN professional services organization with a long-standing track record of performance and innovation in the wireless network industry.