Security

3 Questions: Thin access points push functionality toward network core

Fat access points were not created to provide pervasive wireless connectivity throughout the enterprise. APs may be the answer.

By Terry Sweeney

With Norm Meisner, vice president of worldwide sales, Chantry Networks. The success of enterprise wireless LANs will, to a great degree, depend on whether vendors can offer highly efficient, secure, and easily managed systems. Chantry is one of several companies aiming to do this with "thin" access points that push most functionality toward the core of the network, where it can be more easily consolidated.

This interview originally appeared in the IT Business Edge weekly report on Empowering a Mobile Workforce. To see a complete listing of IT Business Edge weekly reports or sign up for this free technology intelligence agent, visit www.itbusinessedge.com.

Question: What is the problem with "fat" access points?

Meisner: Fat access points have been around for a few years. They were originally created to provide wireless connectivity at specific points in an enterprise, say a conference room or a cafeteria. They were not created to provide pervasive wireless connectivity throughout the enterprise. The limitations are that they are stand-alone devices that are independently configured and managed and do not [allow the network to] scale to hundreds or thousands of APs. They do not support mobility from one access point to another without complete re-authentication.

Question: How should IT managers planning a WLAN approach the issue?

Meisner: What they should do if they are going to put in a large-scale wireless network is think about how they built their large-scale wired network. They should put routers at the core to segment the user population and segment the traffic and provide a strong demarcation point to the outside world. Then they should put the APs out at the edge to provide the connectivity to the client devices. This provides scalability for the enterprise and the capability for centralized management and control and complete mobility for the client devices.

Question: Do folks with fat access points already installed have to rip them out?

Meisner: The fat access points already in your environment can be reallocated to areas where being a point connection to the network makes sense, like a branch office. The rest of the enterprise can put in thin APs that are managed and controlled by network appliances like routers in the data center. The central management and control of APs provide security by adapting to the security plan that the enterprise already has. Fat APs introduce new firewalls, new VPNs, whereas thin APs communicate with the centralized router, which authorizes users through the already existing VPN structure.
0 comments