|

CWNP (Certified Wireless Networking Professional) is widely recognized as the IT industry standard for vendor neutral enterprise Wi-Fi certification and training.  CWNP publishes videos, white papers, blogs, and other materials that assist the networker in learning Wi-Fi technologies and preparing for CWNP certification exams. The WiSE article series is one of these CWNP thought leadership content initiatives.

|

About the WiSE Article Series:

|

Wireless is inherently complex; its study spans at least two engineering disciplines: Electrical Engineering and Computer Science. Add to this the nuances of various standards, vendor implementations, RF environments, and protocol interactions, and it is not uncommon to feel a little lost in understanding the various aspects of Wi-Fi network operation. In this series of short articles, we explain various Wi-Fi subtleties, to work toward a better understanding of Wi-Fi network deployments.

The WiSE article series editor is Tom Carpenter and the first 5 WiSE articles feature AirTight Networks wireless subject matter experts as CWNP guest bloggers.

|

1) Wi-Fi Throughput Algebra – Simplified

Author: Bhaskaran Raman, PhD.     Read WiSE article 1

In this first article in a multi-part WiSE Article Series, Bhaskaran Raman explains the formulas you can use to estimate throughput on WLANs. This article simplifies Wi-Fi throughput algebra, to give a rule of thumb for what throughput to expect when taking into account at least the first order factors which affect all environments and tests.   Read WiSE article 1

|

2) Wi-Fi Subtleties Explained (Parameters that Matter)

Author: Bhaskaran Raman, Ph.D.     Read WiSE article 2

This second article talks about parameters that impact Wi-Fi throughput. You may be surprised to learn that it’s not all about the lower layers (Physical and Data Link), but the TCP communications have a significant impact as well.   Read WiSE article 2

3)  Wi-Fi Subtleties Explained (Channel Bonding)

Author: Bhaskaran Raman, Ph.D.     Read WiSE article 3

In this third installment of the WiSE article series from AirTight Networks, channel bonding is considered. Some surprising results will cause you to rethink your network design plans and possibly how you will implement newer 802.11 technologies.  Read WiSE article 3

|

4)  Wi-Fi Subtleties Explained (Quality of Service [QoS] Controls)

Author: Hemant Chaskar, Ph.D.     Read WiSE article 4

Quality of Service (QoS) is another aspect of the network performance that is relevant for applications such as VoIP over Wi-Fi. In this context, QoS is provided by prioritizing the packets belonging to specific applications such as VoIP over others so that they encounter minimal latency in transit. It takes three different sections of the data path to use three different techniques for the end-to-end handling of wireless QoS-sensitive packets, as discussed below. The idea of this article is not to provide overview of standard Wi-Fi QoS mechanisms such as WMM, but to point out some subtleties in using them in the network.   Read WiSE article 4

5)  Interference from Non-WiFi Sources, Part 1

Author: Bhaskaran Raman, Ph.D.     Read WiSE article 5 – part I

RF interference is an important concern in Wi-Fi networks. Such interference can come from two types of sources: Wi-Fi or non-Wi-Fi. In this and the follow up article, the focus is on subtleties pertaining to non-Wi-Fi interference sources.  Read WiSE article 5 – part I

Full list of CWNP WiSE articles

Check back often as new articles are published on a regular basis.

|

About the AirTight WiSE authors:

|

Bhaskaran Raman is a scientist at AirTight Networks, working on high performance Wi-Fi architecture. Bhaskar received his M.S. and Ph.D. in Computer Science from the University of California, Berkeley, in 1999 and 2002 respectively, and his B.Tech in CSE from IIT Madras, India in May 1997. He was a faculty in the CSE department at IIT Kanpur from 2003-07. Since July 2007, he has been a professor at the CSE department at IIT Bombay. His research interests and expertise are in wireless and mobile communication networks. Bhaskar was a recipient of the IBM Faculty Award in the year 2008. He has published research papers in various IEEE and ACM conferences and journals, and is on the editorial board of ACM Computer Communication Review.

Hemant Chaskar is VP for Technology and Innovation at AirTight Networks. In this role, he looks after AirTight’s technology R&D and also performs roles in product design, business development, and various customer facing activities. At AirTight, Hemant has been working on Wi-Fi networking and security for the past 8 years; and has held positions at Nokia Research and Lucent Technologies prior to that. He holds Ph.D. in Electrical Engineering from the University of Illinois at Urbana-Champaign.

Additional Information

Follow CWNP on Twitter

Contact Tom Carpenter – WiSE Article Series Editor

More information on CWNP certifications

Follow Airtight on Twitter

Contact Bhaskaran Raman and Hemant Chaskar at AirTight Networks

Pravin Bhagwat 802.11ac, 802.11n, Best practices, Wireless scanning, Wireless security, WLAN networks, WLAN planning CWNP, Tom Carpenter, WiSE

By Hemant Chaskar

The building of the bill of materials (BOM) is an important factor in the Wi-Fi project plan. The cost of APs and the cost of other components in the Wi-Fi architecture contribute to the overall BOM. There are two types of large Wi-Fi deployments that we often see: distributed and dense. Examples of the distributed deployment are clinics, insurance offices, bank branches, retail stores, hospitality providers, etc. The number of sites in the distributed Wi-Fi can run into 100’s, 1000’s, or as in case of some of our retatil customers even 10,000’s. Dense deployments are typical of campus environments in which there are few campuses – each with large number of APs. There could be 100’s, or 1000’s of APs that may be required to cover a few campuses.

To compare and contrast BOM for different types of AP platforms for large distributed or dense deployments, we can think of these deployments in units of sections. For the distributed deployment with a number of sites and a few APs per site, the section can be a site such as insurance office, bank branch, retail store, etc. For the dense AP deployment, the section can be a floor of a multi-storied facility, part of the floor (e.g., East, West, North, South sections of floor plan), etc. For each such section, one can compute the number of APs which can be deployed in each section to stay within the overall Wi-Fi budget (the budget also has to account for the cost of Ethernet drops required for APs). For apples to apples comparison, let us say that the customer can negotiate the same street price for different types of APs. The tables below show how much functionality can be achieved with a given number of APs, in each section, and for different types of APs. Conversely, one can also think of it as how many APs per section are required to achieve certain functionality within each section.|

1) Dual radio APs without support for dedicated scanning radios (where only background scanning is supported)

|

2) Band-locked dual radio APs which can be either AP on both radios or WIPS sensor on both radios

|

3) Band-unlocked dual radio APs with per-radio AP or per-radio dual band WIPS sensor configuration option

|

|

Clearly, for secure Wi-Fi deployments, the dual radio AP platform with each radio independently software configurable as AP or as dual-band WIPS sensor gives maximum value for the given BOM in terms of both traffic capacity and security. This mode of operation is only possible with specialized AP platforms with band-unlocked radios. Let me elaborate below on what it means for the radios to be band-locked versus band-unlocked.

Dual radio APs with band-locked radios: Most dual radio enterprise APs are dual band, dual concurrent, but have band-locked radios. What it means is that one radio is configured for 2.4 GHz operation and the other for 5 GHz operation at boot time. So, once one of the radios is configured as AP in one band (say 2.4 GHz band), the other radio cannot scan channels in the 2.4 GHz band for WIPS functionality. The other radio can only scan 5 GHz channels as it is band locked to 5 GHz. As a result, these AP platforms cannot support the most efficient option 3) described above and it is then required to dedicate one full dual radio device for WIPS with one radio scanning 2.4 GHz channels and the other scanning 5 GHz channels for security monitoring (i.e., degrade to BOM inefficient option 2) described above).

Dual radio APs with band-unlocked radios: Some differentiated dual radio AP platforms such as AirTight APs allow each radio to be independently software configurable as AP or as dual-band WIPS sensor.  So when one radio is configured in one band as AP (say 2.4 GHz band), the other radio can still scan both 2.4 GHz and 5 GHz bands. It takes RF expertise to design such APs. Such APs can support all of the above three deployment options, and in particular, uniquely support the most efficient option 3) described above.

|

|Follow AirTight Networks on Twitter

|

In addition to AP platform consideration, there are additional Wi-Fi architectural factors which also affect total cost of solution:

|

a) Controller vs controller-less architecture: This is particularly important in distributed deployments. Controller architectures, originally designed for campus deployments, require per-site controllers  to achieve full functionality of AP. Deploying centralized controllers at headquarters talking to APs over WAN links does not offer robust functionality in distributed environments. See my earlier blog post: Is your cloud Wi-Fi genuine, or is it controller over WAN imitation? Per-site controller requirement increases the total BOM, particularly when the number of APs per site is small (can you imagine 100 controllers for 100 site deployment with 3 APs per site!). On the other hand, controller-less Wi-Fi with smart edge APs does not incur this additional cost.

b) Centralized control as add-on versus built into solution: Large deployments require centralized console for configuration, management and reporting. Wi-Fi architectures with controllers embedded in APs, originally designed for small localized deployments, are not adequate for large deployments. These AP-embedded controller solutions require additional on-site management server assets for centralized control and may even require appliance controllers to fill the functionality gap between AP-embedded controllers and appliance controllers. These additional on-site server components add to overall cost. On the other hand, cloud managed Wi-Fi does not incur additional cost for centralized management. I have discussed differences between true cloud managed Wi-Fi and Wi-Fi solution with mere word cloud in it in one of the earlier posts: Different shades of cloud Wi-Fi: Rebranded, Activated, Managed.

c) Security as add on versus integrated into architecture: Some AP vendors offer WIPS as add-on to Wi-Fi infrastructure. These architectures require additional WIPS appliances and licenses to enable WIPS which can cause BOM to go up. On the other hand, if WIPS is built into solution it does not require additional appliances and licenses.

|

|As we saw, there are several factors such as AP capabilities and overall Wi-Fi architecture which can cause BOM for large Wi-Fi deployments to vary over a range as much as 2X. By making the right choices on each of the above fronts, the BOM can be significantly reduced, while obtaining the maximum value from the deployed Wi-Fi infrastructure. AirTight secure Wi-Fi can help to meet these goals – with band-unlocked dual radio APs, smart edge controller-less Wi-Fi architecture, HTML5 based central management console in the cloud, and the only top rated WIPS built into the solution.|

Hemant Chaskar 802.11ac, 802.11n, Best practices, mobile device management, WLAN networks, WLAN planning

We often hear that WiFi network performance degrades due to radio interference. We also hear that interference is a complex beast which cannot be easily tamed. There are two types of interference sources which affect WiFi network performance – non-WiFi sources and WiFi sources. This post provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers. The WiFi interference sources will be discussed in later post. 

Overall, some awareness of environment around WiFi network coupled with some simple network planning steps can help win over non-WiFi interference to great extent. Additionally, ability to detect high interference levels on WiFi channels helps detect “unmanaged” sources of interference such as jammer or any unknown source. Many WLAN and wireless security systems today have ability to monitor interference levels on channels on 24×7 basis to facilitate such detection.

Hemant Chaskar Best practices, WLAN planning baby monitor, bluetooth, cordless phone, interference, jammer, microwave, oven, spectrum analysis

Attendees will learn:

• The difference between active and passive approaches to wireless intrusion prevention
• The core capabilities of different approaches to wireless intrusion prevention
• What to look for when testing systems to assure that there are no gaps in WLAN security
• How to judge when you need more capabilities than you currently have

Della Lowe Wireless security, WLAN planning active AP detection, Cam Table, passive AP detection, WLAN security

AirTight’s director of technology joins HP ProCurve executives for two informative sessions at the HP Technology Forum in Las Vegas
June 15-18, 2009, Mandalay Bay, Las Vegas, Nevada, USA
Session: Wired/Wireless Management
Speakers: Dr. Hemant Chaskar, Director of Technology, AirTight Networks, Carl Blume, HP
This session offers timely advice for managing wireless and integrated wired/wireless networks from the perspectives of security, policy enforcement, performance optimization, and scalability.

Session: Wired and wireless Security
Speakers: Dr. Hemant Chaskar, Director of Technology, AirTight Networks, Mauricio Sanchez, HP
This session will present some differences and commonalities between protecting your network in a wireless versus a wired environment. It will outline the fundamentals of a comprehensive, multi-layered network security strategy and will drill down into some specific IDS/IPS (intruder detection system/intruder protection system) solutions that are particularly useful for combating wireless threats.

Della Lowe Wireless security, WLAN planning Overlay WIPS, security policy, WIDS, WiFi

Another article in the series by Joanie Wexler.

“There are several ways to scan your 802.11n air environment for nasty goings-on. At a glance, the options seem pretty straightforward. However, you need to look carefully under the hood to draw a true apples-to-apples comparison of the accuracy and cost of the various offerings.”

http://www.networkworld.com/newsletters/wireless/2009/033009wireless1.html?page=1

Mike Baglietto 802.11n, Wireless security, WLAN planning 802.11n

Interesting article from Joanie Wexler on the real costs of adding wireless intrusion to your WLAN. She compares a similar configuraion from several vendors.

http://www.networkworld.com/newsletters/wireless/2009/042709wireless1.html

Mike Baglietto Wireless security, WLAN planning Wireless security