×

TMCnet
ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells
 

Feature Article
May 2004


Lessons From The Wireless Edge

Enterprise-grade wireless local-area networks (WLAN) are a high-growth area, driven by the need for mobility and always-on connectivity, offering a new dimension in productivity for business users. Gartner Group says that, �The notion of �office� is just the act of paying attention to work through always-on access,� and suggests that enterprises could expect a 22 percent productivity improvement by introducing WLANs. WLANs can provide mobile, high-speed connectivity not only in conference rooms but across the enterprise; not only for data but also for telephony. So what have we learned from WLAN enterprise deployments to date, that will make it easier for us to reap the benefits of WLANs, while managing the Total Cost of Ownership of this new networking technology?

Lesson #1: Understanding What You Are Trying to Do
Three key questions you may want to ask yourself are Who? What? Where? Who are the targeted users? Executives? Knowledge workers? Visitors? What applications will need to be supported and through which devices? Will you need to provide access to both general office apps such as e-mail and to business apps such as Supply Chain Management? What about opportunities for converged communications? In most general office environments, WLAN deployment is driven by data with incidental voice support � after all, in most cases mobile users have cell phones as well, and except for very large campuses, coverage is adequate. In some environments such as in a point of care solution in a hospital, we can anticipate lots of mobile voice and data usage. In yet other environments, voice may be the dominant application with a low level of data traffic (e.g., barcode readers and price checks), as would be the case in a retail environment. �Where?� is heavily influenced by �who?� and �what?� In the short term, are you focused on conference rooms, classrooms, or executive suites or is there a need for building, campus, or enterprise-wide roaming? If voice is a planned requirement, then ubiquitous coverage becomes a necessity given the user expectation to be able to walk and talk without interruption. Understanding your requirements is critical in making the optimal use of WLAN technology.

Lesson #2: Getting the Coverage You Need
WLANs are implemented using multiple Access Points (APs) to provide the required coverage. Omni-directional antennas are most often used with a range of 50 to 100 meters, in all directions. Weakening of the signal (e.g., trying to get through pillars or floors) or undesirable reflections (off walls and partitions) result in smaller and less regular coverage areas, these being highly dependent on the nature of the material encountered. Which radio channel a given AP uses can be configured (e.g., to avoid interference between adjacent APs), or which RF power should be configured to maximize the coverage and avoid gaps. Overlapping AP cells of coverage are created when multiple APs exist around the floor or building, creating roaming coverage for mobile users. Given the three-dimensional nature of radio waves, providing coverage in a multi-story building is problematic with only three non-overlapping channels supported by the most widely deployed WLAN standard (IEEE802.11b). IEEE802.11a is better suited for high-density deployments with its 13 channels (in the United States). The latter also has the advantage that each channel is up to 54Mbps, compared to 11Mbps for 802.11b. However, given the installed base of 802.11b devices, the ideal solution is one that supports dynamic 11a/b/g operation. Site surveys are an important step in planning WLAN AP deployment for the desired coverage.

Lesson #3: Power over Ethernet for Deployment Ease
Early WLAN systems were based on extending AC power and Ethernet connectivity to every AP. Bringing AC power to every AP is a major upfront cost and bottleneck to rapid expansion. The Power-over-Ethernet standard (IEEE802.3af) enables much easier AP deployment and is supported by current generation of APs and Ethernet switches. That said, in some environments where coverage is needed but no LAN infrastructure exists, it may be easier to get AC power than Ethernet connectivity. Examples include: shopping malls, and service yards. WLAN mesh networks are emerging to address this need. Wireless mesh networks consist of a peer-to-peer Access Point architecture � with smart antennas, integrated routers, and adaptive routing and security capabilities � to backhaul data wirelessly to wired broadband networks, minimizing the need for expensive (in these environments) wired connections to every AP.

Lesson #4: Capacity Planning
54Mbps per channel capacity with 802.11a or 802.11g is more than adequate for a single user used to 10/100 operation from his or her desktop. But unlike wired switched Ethernet, which dedicates the bandwidth to the user, 802.11 is a shared media with bandwidth a function of number of users and how far the user is from the AP. In general, the full capacity is available only for the first tens of meters from the AP, decreasing in steps to 1Mbps for 11b and 6Mbps for 11a or 11g to the edge of the cell. Contention for the radio channel is resolved for these variable speed users using a technique called Carrier Sense Multiple Access/ Collision Avoidance. This operation introduces additional overheads (over and above Ethernet frame overheads). The end result is that the optimal throughput achievable using the maximum Ethernet frame length of 1,500 bytes is closer to 30Mbps for 11a and 6Mbps for 11b. For much shorter voice packets, these values drop to roughly one quarter of these values. For data traffic, wired Ethernet and DSL equivalency requires on the order of 4 and 1 Mbps capacities respectively, while voice calls require 100�200Kbps, depending on coding scheme and sampling rate. The above provides a rough methodology to engineer the WLAN, based on projections on the number of voice and data users and the anticipated usage across the coverage area. If additional capacity is needed, then additional APs can be deployed. As mentioned above, 802.11a/b/g systems are preferred, 11a to avoid interferences, 802.11g for higher capacity and backward compatibility with 802.11b. Finally, capacity planning can be enhanced through the use of directional antennas which constrain the radio signal to a narrower beam pattern (horizontally or vertically) and minimize interference with adjacent cells.

Lesson #5: Securing Your WLAN
Security exposures of using WLANs have been well documented, including threats from �war-driving� and �war-chalking� and the malicious insertion of rogue Access Points. Wired Equivalent Privacy (WEP), the primary security mechanism shipped with most WLAN products, has proven to be non-secure. The future is based on the universal deployment of WPA (WiFi Protected Access) along the path to the IEEE802.11i standard.

It is therefore not surprising that industrious enterprises have adopted various security solutions to their WLAN deployments. One brute force technique is RF isolation complemented by physical security. This approach attempts to isolate the WLAN radio signals from the outside world, as might be possible in a military base. Another method of blocking unauthorized outsiders from taking advantage of the open air availability of the signal is to surround the perimeter of the corporate grounds with APs that effectively �jam� the internal signal from any outsiders. Clearly such approaches are of limited applicability in the enterprise environment. In response to enterprise needs, WLAN vendors have developed their own security solutions. Most are vaguely �standards-based,� are not interoperable with other vendors� solutions, and carry a high price tag. Some are not that secure! Often these solutions are implemented in the Access Points themselves complicating management, increasing costs and sometimes requiring hardware upgrades. Clearly, these stop gap approaches incur a total cost of ownership penalty and are difficult to evolve.

One approach that has proven secure is leveraging VPN technology already used by many enterprises for remote user and remote office access over the Internet. Enterprises that have deployed remote access and more recently branch office VPNs have extended these implementations to include WLANs. These have either leveraged their investments in Secure IP Services Gateways, or deployed additional units closer to the WLAN APs. Users trying to access the network via the WLAN are first authenticated (exactly as if they were accessing the enterprise across the Internet), their information is encrypted, and all communication logged by the VPN system. This approach solves many of the challenges of enterprise WLANs. Other security areas that need to be addressed include deployment of personal firewall and anti-virus software in mobile devices, and solutions that automate unauthorized AP detection.

Lesson #6: Keeping An Eye On TCO
What have we learnt about architecting WLAN solutions with an eye to minimizing the total cost of ownership? Central to this discussion is how to optimally distribute routing and intelligence between AP�s and the wired network. Continuous upgrades and churn required to add functionality to APs has severe operational implications, given their widely distributed nature and limited accessibility on the ceilings and hallways of the enterprise. The costs and complexity of WLAN Access Points can be kept down by minimizing the intelligence of these highly distributed network elements, to only those functions which need to be distributed. For example, Access Points should support functions to make effective use of the radio spectrum by providing power management and seamless roaming between 802.11 radio bands. They also need to have basic security and traffic management functionality. However, much of the intelligence required to integrate WLANs into the enterprise can be centralized, and realized via what can be called a WLAN Security Switch. The latter can provide functions such as Access Point load balancing, a full range of user authentication and security capabilities, unauthorized Access Point detection, enterprise-wide roaming, and mobile adaptive tunneling dynamically adapting security and performance levels to meet application needs.

Lesson #7: Planning for Convergence
Wireless IP telephony represents a convergence of two important and rapidly growing technologies. Mobility and always-on access is one of the drivers behind this convergence. Users have had mixed results in running voice over WLANs. Firstly, demos on an otherwise empty network will obviously work. Some enterprises have successfully deployed converged WLANs, leveraging proprietary QoS implementations. However, the future is clearly in standard-based interoperable solutions. In mid-2004, multi-vendor QoS-enabled WLAN interoperability will be provided via the WiFi Alliance�s Wireless Multimedia Enhancements (WME) and will set the stage for converged WLAN networks. Once implemented in both WLAN Access Points, and deployed ubiquitously across the enterprise, wireless IP telephony will enter the mainstream.

CONCLUSION
WLAN will extend the reach of wired infrastructures in the office and provide mobility for future applications. It is a powerful means of connectivity when you�re not at your desk or when you need connectivity when there aren�t any wires in place. The lure of WLANs is not unlike the lure of Ethernet and IP networking of old: connectivity is king and security, manageability, and flexibility are afterthoughts. Like many networking technologies, you need to plan and engineer the network to meet your needs and make some choices to ensure on-going evolution in the context of the overall enterprise environment. This ensures that WLAN solutions you deploy today will grow and adapt as the enterprise moves towards network, communications and application convergence.

Tony Rybczynski is Director of Strategic Enterprise Technologies at Nortel Networks. He has over 30 years experience in the application of packet network technology. For more information, please visit www.nortelnetworks.com.

If you are interested in purchasing reprints of this article (in either print or HTML format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460

[ Return To The May 2004 Table Of Contents ]



Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
MSPWorld
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas