An Example of Wireless LAN Planning: Bonanza Corporation To understand the planning process better, let's walk through an example of wireless LAN planning at a hypothetical company calle
Trang 1Step 7: Communicating the Final Plan with Higher Executives and Potential Users
The wireless LAN deployment plan should be carefully documented to present an unbiased solutionthat provides reasonable benefits over a wired LAN It should address all the points discussed inthis chapter along with any future upgrade options that might benefit wireless LAN deployment andprotect the investment on the wireless LAN
We suggest that you share the planning document with executives and potential users to get theiropinion on your wireless LAN deployment plans
An Example of Wireless LAN Planning: Bonanza Corporation
To understand the planning process better, let's walk through an example of wireless LAN planning
at a hypothetical company called Bonanza Corporation Following are some of our assumptionsabout the Bonanza Corporation:
Bonanza has an office in San Francisco and another office in New York City
•
Step 1: Bonanza Wireless LAN Needs
Leah estimates that the users at the two LANs, San Francisco and New York City, need at least onefile server at each site; SF needs one printer, whereas NYC needs two printers; and both sites needInternet access She further realizes that she has to provide remote workers the ability to securelyconnect with the corporate LANs She decides to use virtual private network (VPN) gateways ateach site to provide such connectivity over the Internet She summarizes the wireless LAN asshown in Table 7.1
Table 7.1: LAN Needs at Bonanza Corporation
Network File Server To share files and documents
Network Printers To print documents
Internet Access
Trang 2Each site must have Internet access to interconnect LANs at both officesand to provide Web browsing services to local users.
VPN Gateways To provide connectivity to remote users
Leah figures that she needs to plan for two separate wireless LANs, one for each office, with wiredLAN extensions She plans to attach all stationary devices and computers to the wired LAN,whereas she plans to connect mobile devices with the wireless LANs She draws a diagram of thedesired LAN as shown in Figure 7.5
Figure 7.5: Overall wireless LAN at Bonanza Corporation
Step 2: Planning the Rollout
Since there were no networks in existence at either office, Leah decides that the two networks will
be rolled out in one stage, but she plans to conduct a pilot to demonstrate the system to her bossand get her approval on the deployment plans
Step 3: Site Survey
Leah performs a site survey by visiting each office She carries an AP with her and uses her laptopcomputer, equipped with a wireless LAN adapter and monitoring software, to figure out the deadspots and the best locations for the APs She realizes that the site in New York is organized in workcubicles, whereas the San Francisco site has individual offices She estimates that she would needfewer APs in the New York office than in the San Francisco office She draws a site map andspecifically marks the locations where she wants to install the APs and asks the facilities'coordinators to get approval from their building management She notices that the New York office
is situated in a high−rise building and needs a high level of security, whereas the office in SanFrancisco is situated in a Victorian house that would require less security She is happy to use WEPencryption She profiles the users as shown in Table 7.2 and Table 7.3
Table 7.2: LAN Equipment Profile at San Francisco Office
Trang 3DEPARTMENT NUMBER OF
USERS
COMPUTING DEVICE
NEEDS WIRELESS LAN
PDAs
Yes
LAN Servers and Devices (file servers
and printers)
Total LAN connections needed 33
Table 7.3: LAN Equipment Profile at New York City Office
USERS
COMPUTING DEVICE
NEEDS WIRELESS LAN
PDAs
Yes
LAN Servers and Devices (file servers
and printers)
Total LAN connections needed 43
Step 4: Setting Up Requirements and Expectations
Leah had a small budget to establish the corporate LAN She decides to establish minimumrequirements and expectations for her LAN and communicates these with her boss to ensure thatthere are not many negative surprises when actual deployment takes place The following were herminimum requirements and expectations:
The proposed LAN will not be a complete wireless solution It will be a hybrid LAN consisting
of both wired and wireless LAN−based technologies
•
Only those users who have mobile needs and require relatively lower network bandwidth will
be provided with wireless LAN technology Users with fixed workstations or devices would
be supplied with wired LAN connectivity solutions
Wireless LAN technologies are still evolving, and the initially deployed LANs might need to
be upgraded in coming years to provide higher bandwidth and speed
•
Trang 4Step 5: Estimating the Required LAN Hardware and Software
After the site survey and setting up minimum requirements, Leah estimates the equipment she willneed to construct the corporate LAN She estimates the required LAN hardware and software usingthe knowledge she gained about the two sites during the site survey and user−profiling Table 7.4shows Leah's estimate for the overall corporate LAN that she is planning to deploy
Table 7.4: Estimated LAN Hardware and Software for Bonanza Corporate LAN
Wireless LAN
Adapters
Network interface cards forproviding wireless connectivity tothe LAN devices
At least 11 Mbps Must bePCMCIA compliant
58
Access Points Wireless LAN access points
facilitate LAN connectivity amongthe devices operating in thewireless LAN
At least 11 Mbps with at least
300 meters' range in openspace
Industry standard Providesone VPN connection withremote gateway
Enhanced mobility Most of the LAN users are mobile professionals and commute between
offices and client sites Those who do not commute between various Bonanza facilities andclient sites often need to take their mobile computing units (laptops and PDAs) to meetingrooms where they require LAN connectivity With wired LANs, providing access to mobileprofessionals could be quite difficult, especially in conference rooms where wiredconnections might not be aesthetically appealing
•
Trang 5Ease of deployment and management Wireless LANs are far easier to deploy and
manage Leah thinks that the entire deployment process will take less than one−fourth of thetime that it will take to deploy a wired LAN To upgrade the LAN, Leah's assessment is thatonly a change of APs and network cards will be required No more pulling all the networkcable and reinstalling it again
•
Leah is comfortable with the ROI that using wireless LAN will provide Here are some of the ROIelements she considered (We avoid considering monetary values as they depend on labor cost andcurrent prices of networking equipment.)
Fewer cables involved Networking cables are often one of the costliest items in building a
wired LAN Since her plan includes limited wired LANs, Leah does not have to account forthe cost of wires and labor for running the wire throughout the Bonanza offices Leahconsiders this a big win for her ROI assessment
•
Enhanced productivity Leah is confident that ease of wireless LAN usage and increased
mobility of staff will greatly enhance productivity Staff would be able to share their ideas,salespeople would be able to perform live demonstrations of products, and engineers would
be able to brainstorm in larger groups in offices and in conference rooms Leah thinks thatthis enhanced productivity will indirectly affect the revenue generation process at BonanzaCorporation
•
Step 7: Communicating the Wireless LAN Deployment Plan with Executives
Upon completion of the planning stages, Leah writes a comprehensive document detailing theoutcomes of her research, the requirements she sees, and the estimated equipment that she willneed to build a secure wireless LAN for Bonanza Corporation Because such documents differ ineach deployment scenario and organization, we leave this exercise up to you However, we doencourage you to include all the information you gathered during planning
Summary
Planning a wireless LAN is an intensive and extremely important process that requires a goodunderstanding of networking concepts and the wireless LAN technologies A carefully plannedwireless LAN ensures proper operation upon deployment by addressing the needs of users,selecting the best fit technology, and providing a wireless LAN environment that can be extendedwithout much change to the original deployment Therefore, carefully planning a wireless LAN step
by step is extremely important and should always be included when building a secure wireless LAN
In the next chapter, we guide you through the steps that might help you shop for wireless LANequipment We talk about various networking equipment that you might need and their purposes
We also list some of the major network equipment vendors and their wireless products to give you
an idea of what is currently available in the market We also give you some shopping tips to helpyou choose the equipment that is right for you
Trang 6Chapter 8: Shopping for the Right Equipment
Overview
After planning your wireless LAN, you are now ready to shop for the equipment that you will use tobuild a secure wireless LAN When building a LAN, it is extremely important to make sure to buy thebest equipment within your budget that satisfies all the needs and results in a high−performanceand extensible wireless LAN
Today, shopping for wired LAN is much easier as the wired LAN technologies are very well defined.However, wireless LAN technologies and standards are still evolving, and with new standardscoming out every day and new features being added, it is a good idea to be careful when investing
in wireless LAN equipment This point is so significant that we have dedicated this entire chapter tohelping you understand your needs to be able to make the best decisions when purchasing wirelessLAN equipment We define shopping for wireless LAN equipment as a step−wise process: First youmake your shopping list from the information that you gathered in the planning phase; then, usingyour knowledge of wireless LAN technologies, you compare the available products in the marketwith your needs to figure out the best possible match for your deployment scenario; in the third step,you seek out the lowest price for the items that you need to buy; in the fourth and final step, youactually purchase the merchandise
In this chapter, we first talk about how to shop for the components that you need to set up awireless LAN that is based on an IEEE 802.11 standard We also talk about some of the majorvendors and their products to give you a concrete example Finally, we talk about the places on theInternet where you can buy the wireless LAN equipment for cheap without compromising theperformance of your wireless LAN
Making Your Wireless LAN Equipment Shopping List
If you planned your wireless LAN deployment, you should have a good understanding of the itemsthat you need to build your LAN To make your shopping list, you should list all items as identified inthe planning step on a piece of paper with your minimum requirements along with the quantitiesdesired For our Bonanza Corporation example, which we discussed in Chapter 7, Table 8.1illustrates the combined needs of the two LANs that Leah will be deploying
Table 8.1: LAN Equipment Shopping List for Bonanza Corporation
Wireless LAN
Adapters
Network interface cards for providingwireless connectivity to the LANdevices
At least 11 Mbps Must be PCCard compliant
58
Access Points Wireless LAN access points facilitate
LAN connectivity among the devicesoperating in the wireless LAN
At least 11 Mbps with at least
300 meters' range in openspace
Hubs To extend the physical wired LANs 10 ports 4
Trang 7DSL Modem To provide Internet access to each
LAN
DSL provider specific Bestspeed within the budget
2
Explore the LAN Technologies Available in the Market
After making the shopping list, the next step is to explore the technologies available in the marketthat satisfy your needs You should evaluate both the wireless LAN technologies that you need andthe wired LAN technologies that you will be deploying in your LAN
Wireless LAN Technologies
This book focuses on wireless LAN based on the IEEE 802.11 technologies In this section, we onlytalk about the currently available wireless LAN technologies that use the 802.11 standard Today,two major wireless LAN technology−based equipments are available, each based on an IEEEstandard These standards are the IEEE 802.11b and IEEE 802.11a
The IEEE 802.11b standard operates at speeds up to 11 Mbps Following are the highlights of802.11b 802.11a standard devices operate at up to 54 Mbps (see Chapter 3 for more information
on 802.11 standards) It is important to remember that the two IEEE standards, 802.11b and802.11a, are incompatible with each other A good idea is to always build a comparison matrix tovisualize the differences in the equipment properties that concern you the most Table 8.2 shows asample matrix that compares the basic properties of the 802.11b standard with the 802.11a
Table 8.2: 802.11b Compared with 802.11a
TECHNOLOGY STANDARD MAXIMUM SPEED FREQUENCY BAND GEOGRRAPHIC RANGE
The devices based on 802.11b arrived on the market earlier than 802.11a and are less expensivethan 802.11a−based devices However, 802.11a devices provide higher speeds, which might becritical in certain deployment scenarios
Wired LAN Ethernet Equipment Technologies
Since this book is focused on wireless LANs that are built on the 802.11 standard, also known aswireless Ethernet, we limit our discussion on wired LANs to Ethernet−based technologies (SeeTable 8.3.)
Table 8.3: Common Ethernet Standards
TECHNOLOGY STANDARD MAXIMUM SPEED
Trang 8Gigabit Ethernet LANs are operable with Fast Ethernet We suggest that you use Gigabit Ethernetadapters with devices that require high speed, and Fast Ethernet in computers that do not havehigh−speed LAN requirements For example, file servers should be installed with Gigabit Ethernetadapters, and desktop computers should be supplied with the Fast Ethernet adapters.
Virtual Private Network (VPN) Gateways and Clients
Virtual private networks are becoming extremely popular Most enterprise LANs deploy VPNgateways to allow remote workers secure access to the enterprise LAN VPNs consist of two basiccomponents: a VPN gateway, which is normally a hardware device and resides at the physical site,and the VPN client, which is normally a software application program and is installed on the usercomputers When exploring VPNs, you must ensure that the security algorithms supported by theVPN provide adequate security for your needs
Remote Authentication Dial−in User Service (RADIUS) Server
The Remote Authentication Dial−in User Service (RADIUS) server is used to authenticate remoteclients The 802.1X authentication protocol provides support for RADIUS servers 802.1X will beavailable in 802.11−based devices that will be released in the near future RADIUS servers areavailable from many different vendors There are also many open−source RADIUS implementationsthat provide comparable services and can be obtained without any cost Some well−known RADIUSimplementations are listed in Table 8.4
Table 8.4: Popular RADIUS Server Vendors
Cistron RADIUS Server
If you are interested in using the 802.11−compliant devices that provide security through the use ofthe 802.1X standard, you should plan on purchasing or acquiring a RADIUS server
Wireless LAN Supporting Operating Systems
Wireless LAN adapters require software drivers for the operating system (OS) that they need to beoperating under For example, if you have a laptop with Windows XP and a wireless LAN adapterfrom Cisco Systems, you will need software drivers for Windows XP from Cisco Systems Whenchoosing a wireless LAN adapter, you must always ensure that the vendor supports the OS youintend to use the adapter with Most 802.11−compliant device manufacturers support the followingoperating systems:
Microsoft Windows XP, Windows 2000, Windows 98, and Windows ME
Trang 9If your LAN has computing devices that utilize operating systems not listed here, you should certifyfrom the wireless LAN adapter manufacturer that your operating system is supported by the deviceyou are interested in buying Otherwise you should plan on buying an operating system that issupported by the vendor or choose a different wireless LAN adapter.
Major 802.11 Equipment Vendors and Their Products
Today, over 25 big vendors are providing 802.11−based wireless LAN equipment Thesecompanies range from some of the biggest names in the networking industry to small hardwaremanufacturers In this section, we list some of the well−known companies and their products to giveyou a baseline understanding of the products available today Following are some of the basicparameters that we list for each product to help you choose the right vendor and product:
Data rates Data rates are the speeds at which certain LAN equipment operate Different
models have different speeds For example, 802.11b has a maximum speed of 11 Mbps
•
Operating range The operating range is normally expressed as maximum number of feet
LAN equipment can operate with or without degradation of performance Different models ofthe same product, standard, or vendor may offer different ranges at different prices Youshould carefully select a LAN device to ensure that it will fit your needs
•
Models Different models normally come with different features Remember to write down
the model number of each product that you like, as the external packaging of two verydifferent devices might appear identical
•
Encryption key length Encryption keys provide security to wireless LANs Devices that
use longer encryption keys are supposed to provide higher security
•
Security protocols Security protocols provide the security mechanism that is used to
secure a LAN WEP and 802.1X are examples of security protocols that are used in wirelessLANs
•
Remote configuration Remote configuration normally refers to a feature that many LAN
devices provide that enables a LAN manager to configure and manage a LAN device from aremote location or from his or her desk This feature allows the expensive equipment toreside in a physically secured location, and the administrator does not have to enter into thesecure location to configure or manage the hardware This feature also enablesadministrators and network managers to manage a LAN device from a geographicallyseparated site
•
Cisco Systems
Cisco was founded in 1984 by a group of computer scientists from Stanford University Since thecompany's inception, Cisco engineers have been prominent in advancing the development of wiredand wireless network technologies The company's tradition of innovation continues today withCisco creating leading products and key technologies that will make the Internet more useful anddynamic in the years ahead These technologies include advanced routing and switching, voice andvideo over IP, optical networking, wireless, storage networking, security, broadband, and contentnetworking More information on Cisco Systems can be obtained from their Web site athttp://www.cisco.com/ Following are some of the wireless LAN products that Cisco Systemscurrently ships
All Cisco Aironet 350 Series client adapters and access points are IEEE 802.11b compliant TheCisco Aironet 350 Series was the first product to deliver a wireless LAN solution that offeredcentralized 802.1X−based security
Trang 10Data Rates 1, 2, 5.5, and 11 Mbps
Operating Range Indoor: 130 ft (39.6 m) @ 11
Mbps
350 ft (107 m) @ 1Mbps
Outdoor: 800 ft (244 m) @ 11
Mbps
2000 ft (610 m) @ 1Mbps
Models AIR−AP352E2C, the standard AP
AIR−AP352E2R−A−K9, the rugged
AP configured for operation in most
of the AmericasAIR−AP352E2R−E−K9, the rugged
AP configured for operation in most
of Europe and SingaporeAIR−AP352E2R−J−K9, the rugged
AP configured for operation inJapan
Encryption Key Length 128 bit
Security Protocols IEEE 802.1X (proposal includes
EAP and RADIUS) and IEEE802.11 WEP (Wired EquivalentPrivacy)
Remote Configuration Telnet, HTTP, FTP, TFTP, and
SNMP
CISCO AIRONET 350 WIRELESS LAN ADAPTER
Data Rates 1, 2, 5.5, and 11 Mbps
Operating Range Indoor: 130 ft (39.6 m) @ 11 Mbps
350 ft (107 m) @ 1 MbpsOutdoor: 800 ft (244 m) @ 11 Mbps
2000 ft (610 m) @ 1 MbpsModels
Trang 11AIR−PCM35x: PC Card (PCMCIA)Type II
AIR−PCI351X: peripheral componentinterconnect (PCI) Bus
Encryption Key Length 128 bit
Security Protocols Security IEEE 802.1X (proposal
includes EAP and RADIUS) and IEEE802.11 WEP (Wired EquivalentPrivacy)
Authentication Extensible Authentication Protocol
(EAP)
Agere Systems/ORiNOCO
ORiNOCO is one of the first manufacturers of wireless LAN devices based on 802.11 ORiNOCO isalso known to provide support for more operating systems than any other hardware vendor Moreinformation on ORiNOCO can be obtained from http://www.orinocowireless.com/
802.11b Products
Table 8.6 shows the major ORiNOCO products based on 802.11
Table 8.6: The major ORiNOCO products based on 802.11
ORINOCO AP−200 ACCESS POINT
Data rates 1, 2, 5.5, and 11 Mbps
Operating Range Indoor: 80 ft @ 11
Mbps
165 ft @ 1MbpsOutdoor: 525 ft @ 11
Mbps
1750 ft @ 1Mbps
Access PointEncryption Key Length 64 bit and 128 bit
Security Protocols IEEE 802.11 WEP (Wired
Equivalent Privacy)Remote Configuration HTTP (via Web browser),
SNMP, Telnet, and TFTP
ORINOCO WORLD PC CARD
Data Rates 1, 2, 5.5, and 11 Mbps
Operating Range Indoor: 80 ft @ 11
Trang 12165 ft @ 1MbpsOutdoor: 520 ft @ 11
Mbps
1750 ft @ 1Mbps
CardEncryption Key Length 64 bit and 128 bit
Security Protocols IEEE 802.11 WEP (Wired
Equivalent Privacy)
5−GHz Migration Products Based on 802.11b
The migration products normally include support for both existing and upcoming protocol standards.ORiNOCO AP−2000 Access Points is a migration product and provides support for both 802.11aand 802.11b standards through CardBus interface Table 8.7 shows the major 5−GHz migrationproducts based on 802.11b
Table 8.7: 5−GHz Migration Products Based on 802.11b
ORINOCO AP−2000 ACCESS POINT
Data Rates 1, 2, 5.5, and 11 Mbps −
Allows up to two CardBuscard installation forenhanced performanceOperating Range Indoor: 80 ft @ 11
Mbps
165 ft @ 1MbpsOutdoor: 525 ft @ 11
Mbps
1750 ft @ 1Mbps
Access PointEncryption Key Length 64 bit and 128 bit
Security Protocols IEEE 802.1X (includes
EAP−TLS and RADIUS)and IEEE 802.11 WEP(Wired EquivalentPrivacy)
Remote Configuration Telnet, HTTP, FTP,
TFTP, and SNMP