Networking

3Com AirConnect dossier

In our latest Daily Drill Down covering wireless networking hardware, James McPherson takes an in-depth look at 3Com's solution: AirConnect PC cards, Access Point, and software.


Over the next few years, chances are high that you will begin administering wireless networking clients. To help prepare you, TechProGuild has been running some wireless reviews. Recently, I evaluated the Proxim Symphony HomeRF wireless networking system. Now 3Com has sent their 11 Mbps, 802.11b wireless network for review, the AirConnect 11 Mbps PC Card (model 3CRWE737A), and Access Point base station.

The AirConnect products are corporate solutions suitable for industrial settings, complex networks, and corporate campuses spanning acres. The PC Card lists for $220 (U.S.) and the Access Point retails for $1,195 (U.S.), but if you shop around, you should be able to find the PC Card for under $170 and the Access Point for less than $900. Is it worth your corporate dollar? Read on.

AirConnect technology overview
To help with this review, and with questions about encrypted, packetized radio-communication protocols, 3Com provided expert assistance from Paul Keane, a 3Com product engineer. His assistance was greatly appreciated, as it let me go straight to the horse’s mouth for clarification.

The AirConnect devices operate on the 2.4-GHz frequency band using the IEEE 802.11b communication standard. This is an internationally accepted standard, granting it a bit more credibility and respect from the business world, not to mention interoperability. Apple originally pushed 802.11b into the limelight when they included 802.11b networking on their laptops under the AirPort brand. Since then, a number of other manufacturers, many of which had 802.11b products prior to Apple’s introduction, have begun promoting their products more extensively. You can read the 3Com white paper about IEEE 802.11b here.
Interested in reading more about wireless networking? Try these TechProGuild features:
Interference
The 2.4-GHz band is getting very cluttered. Many cordless phones and all microwave ovens operate on that spectrum, as well as HomeRF and 802.11. Interference is a strong possibility, but 802.11b tries to minimize it by splitting 2.4 GHz into multiple channels and using a variety of transfer speeds.

Roaming
The 802.11b specification is a cellular system, enabling the use of multiple base stations to increase total coverage. Clients automatically negotiate a connection with the nearest compatible base station to maximize connectivity. The system has additional roaming features to allow clients to cross-network subnets and move between routers.

Security
Because different wireless networks could overlap, the base stations have a network identification number (referred to as a wireless LAN, or WLAN, area) to keep clients from wandering into the wrong network. As a result, the security conscious should change their WLAN area from the default number to prevent others from “wandering” into their network. You can also configure specific wireless clients to allow or disallow them access to your network.

Since wireless networking is broadcast to everyone in range, anyone with a receiver has the potential to eavesdrop. To counteract this potential problem, 802.11b includes packet encryption and the option to change security keys—and you should change those keys. There have been recent reports that imply cracking the encryption used by 802.11b will be easier than first suggested. This has yet to be proven, but rotating the encryption keys will help keep your network secure.

Description
The appearance of the AirConnect Access Point is similar to other nonrack-mounted networking hubs (Figure A). With dimensions of 7.5 inches wide and 6 inches deep, the Access Point is slightly larger than most hubs. Its 2-inch high antenna marks the Access Point as a wireless device. Naturally, it includes the standard link, activity, and error lights for debugging.

Figure A
The AirConnect Access Point is about the size of a standard 4-port hub.


The Access Point includes hardware to mount the unit on a wall or ceiling mount, as well as a special power adapter that will let the 10BASE-T cable provide power to the unit in locations away from a power supply. (Note: The 10BASE-T adapter cannot use a crossover cable to power the Access Point. Doing so will damage the unit.) The power cable is just over 8 feet long and uses the standard three-prong computer power cable, so it can be extended.

The PC Card is similar to other wireless PC card adapters, but it includes a pair of LEDs on the antenna, which is a very welcome addition (Figure B).

Figure B
The sturdy antenna and LEDs make the AirConnect PC Card a cut above.


Other wireless PC cards tend to leave off the LEDs. You can see the PCI version in Figure C.

Figure C
The PCI card is just as sturdy as the PC Card version.


The antenna connects to the PC Card using a pair of metal sockets, which seems fairly solid. The AirConnect seems durable, barring the application of significant force to its antenna.

Abilities
The adapters are, as far as your computer is concerned, just another Ethernet adapter (Figure D). Clicking on Properties lets you set your AirConnect Wireless LAN Service Area. Clicking on Advanced allows you to select additional settings for Mobile IP, Encryption, and the WLAN Adapter (Figure E).

Figure D
This is the Windows 98 Network applet showing the AirConnect PC Card adapter.


Figure E
Advanced Properties settings give you the ability to set your WLAN service area, as well as set encryption, power settings, mobile IP, and others.


The AirConnect software provides several welcome testing and monitoring features. With the included network profiler, it is a more-than-complete, if perhaps a too-complicated, solution for all wireless needs. (Click here to see sidebar.)

AirConnect Access Point
The Access Point is very feature-rich. It includes a number of privacy features, such as the ability to use access control lists (ACLs) to lock out particular devices or allow only a select number of devices access. Various types of packet-filtering options are available, including the option to route packets via a modem attached to the serial port.

Despite the extensive number of features, there were several noticeable absences, all of which work to dampen some of my enthusiasm: Without support for PPP over Ethernet (PPPoE), the Access Point is incompatible with many DSL connections. Its inability to act as a DHCP server necessitates the need for a server. It’s impossible to use the Access Point to perform network address translation (NAT).

Each Access Point supports over 60 clients. These base stations are designed to work in very large arrays, covering multiple acres of floor space to serve hundreds of clients.

If you’ve read any of my other articles, you’re aware of my fondness for security. The default installation uses 40-bit keys—insufficient to deter a truly dedicated data thief but more than sufficient to stop a curious teenager who’s figured out how to put his wireless card into promiscuous mode. Fortunately, the U.S. version I tested included 128-bit encryption, which would significantly slow down most data thieves. Nevertheless, because the system uses static keys that have to be manually updated (preventing automated security updates), cracking the security is simply a matter of processing time.

Speaking of security, I don’t recommend using the Web interface to administer the Access Points. The mini Web server does not support SSL encryption, so the administrator password is transmitted in clear text. Anyone with that password can shut down the entire wireless network by doing something as simple as changing the WLAN area or changing the security keys. If someone using the administrator password updates the password and uses the Update All Access Points feature to propagate his changes, you’ll be locked out. Resetting the Access Point requires contacting 3Com technical support for instructions—which were intentionally left out of the user manual—as 3Com wisely decided that including them posed a security risk.

Configuration
The Access Point, which must be installed first, can be configured two ways: via serial connection or via a Web interface. The default method is to use a 9-pin serial cable and a terminal program for setup. The installation CD also includes a configuration for HyperTerminal (for the less technically minded).

The serial interface is easy to use, with menus logically laid out and your command sets indicated at the bottom of the screen. In many cases, the screens displayed brief descriptions explaining options.

Using the optional Web interface is only possible if your network is compatible with the default configurations. This interface is much less intimidating and easy to navigate but does not include the option descriptions. An online Help feature is available but requires having the files installed on your PC. I personally prefer to use the included .pdf manuals. Virtually all features of the Access Point can be configured, and you can access all monitored statistics. If you use the Web interface, remember that it does not encrypt the system password.

In all cases, you must have the system password to make changes. Don’t lose it. If you do, you’ll need to contact 3Com technical support.

Installation of the PC Card was a breeze: Boot the computer, run the installation CD, insert PC Card when prompted, reboot, and add a dash of the Windows install CD to complete.

Performance
I tested the equipment under different electromagnetic conditions to simulate various office situations. Industrial situations hold a completely different set of conditions, and each location is unique. If you plan on using the AirConnect equipment in an industrial setting, please use the included Site Survey software or hire a Site Survey team. (Click here to see sidebar.)

The stated true performance of the AirConnect system, and all 802.11b devices, is 5 to 6 Mbps at maximum speed (11 Mbps). This is because the system uses a preemptive packet collision avoidance system rather than packet collision detection employed by wired networks. This preemptive system has an overhead that seems somewhat exorbitant when small numbers of clients are in use. Nevertheless, if you remember that each Access Point is analogous to a 63-port hub, you can see how collision avoidance becomes more necessary as the number of clients increases.

Like a hub, the Access Point shares bandwidth. This means that if you have 60 clients running on a single Access Point, each one would only get about 0.10 Mbps (12 KBps). Of course, this does give each one the equivalent of his or her own ISDN connection, so they won’t really notice the limit when accessing the Web or using most types of client-server software. Videoconferencing, however, is probably not an option on a widely used Access Point.

Minimum electronic interference
I placed the adapters and host computers approximately 20 feet from the gateway with two nonstructural walls in between. The only active electronic devices were the local file server (without monitor), a 5-port hub, the Access Point, and a few fluorescent lights. This is as clean of a condition as you can expect in a home or office. The results are listed in Table 1.

Table 1: Minimum electronic interference test
Adapter Setting Transfer Rate Mbps Transfer Rate KBps Ping Time (Milliseconds)
Maximum power consumption 3.2 400 4
Automatic mode 3.2 400 5
Minimum power consumption 2.0 250 10

These results are a little lower than I expected, but they’re not disappointing. Only on network file-sharing operations (like network installs) is a 3.2-Mb connection going to be an inconvenience. Ping times were unaffected under automatic and maximum power consumption modes, and even the minimum power mode provided Ethernet-class latencies.

Maximum electronic interference
To test a high interference setting, I placed the adapters as before. This time, however, I cranked up the juice. Static generators consisted of a 21-inch monitor located about 18 inches from the gateway, a desktop PC, the file server and hub, a 32-inch TV, the computer and Symphony adapter, and the coup de grace, a 300-watt microwave about 15 feet down the hall operating on High. (I thought about scuffing my feet on the carpet and arcing into the doorknob but figured that was going too far.) I expect that this is more indicative of the working conditions with which this device should expect to contend. As expected, bandwidth and latency suffered some. Table 2 shows the results.

Table 2: Maximum electronic interference test
Adapter Setting Transfer Rate Mbps Transfer Rate KBps Ping Time (Milliseconds)
Max. power consumption 2.4 300 4
Automatic mode 2.4 300 5
Min. power consumption 1.7 225 10

Network performance dropped 25 percent with active interference. Packet loss occurred with some regularity, and the wireless link dropped from 11 Mbps to 5.5 Mbps more than once. Of course, not many places will have this type of concerted interference to deal with, but don’t be surprised if people near the kitchen complain from time to time.

I was initially disappointed at the idea of only half the feasible bandwidth until I realized that the worst I could throw at it would only slow it down to half speed, which is still a throughput high enough to completely monopolize a T1 internet connection. At that moment, I realized how much this technology could spoil a person.

Range test
The typical maximum office range of 25 meters (75 feet) for an 11-Mbps connection might be a tad optimistic. My office is not that large (8 meters x 12 meters), yet I managed to find a place where the AirConnect could not connect at faster than 5.5 Mbps. In other words, your mileage may vary and you would be wise to expect 802.11b devices to have a maximum 11-Mbps range of 12 meters.

My open line-of-sight connections were limited to about 125 feet (40 meters). The connection remained 11 Mbps. I increased the stress by walking around a nearby building, and the connection dropped down immediately to 5.5 Mbps. It didn’t stay there long, as the numerous intervening brick walls, interior walls, and electrical conduits caused the connection to wobble between 2.2 and 1 Mbps. Packet loss was an issue but was only noticeable to local servers; Internet sites performed as usual.

Issues
I have high expectations for most products, even more so for an established manufacturer like 3Com. No performance problems cropped up with this one; in fact, the devices worked flawlessly for the two weeks I tested them. And I did use them—constantly. My laptop saw more use than ever before as I could wander about at will, always connected. It was addictive.

I have a huge issue with the lack of security on Access Point passwords, though. At no time is the password encrypted; it is always broadcast in clear text. Anyone with that password can reprogram the Access Point. Using the option to propagate changes to other Access Points, a hacker could hijack the entire network.

I also question 3Com’s decision to have all encryption disabled by default. While I understand that some users may be confused by the security settings, the security settings are quite simplistic. The only potential pitfall is not using the right encryption key, but this is just a matter of clicking the right button. Only people who change the encryption key will have to make any significant effort.

Also, some network statistics aren’t reported correctly. The encryption statistics report no encrypted packets sent, but it also reports encrypted packets received. According to 3Com, this is an error in the UI.

Final grade
The Access Point is a complex component, on par with the 3Com SuperStack series of Hubs. The price is steep, but when you compare one $900 Access Point (capable of handling 63 clients) to three $200, 24-port SuperStack hubs and the associated wiring, you can see the value—especially in particularly wide open areas that would require long cable runs.

The 3Com devices are significantly more expensive than their competition. Online, you can find 802.11b PC cards and Access Points for $115 and $300, respectively, saving $50 per card and over $500 for the base station. Whether their devices are up to the same standard is impossible to tell as of yet, but 3Com has put a lot of effort into their products, and the 3Com name has a lot going for it.

The performance was quite acceptable, and the network-side options were excellent. The features were thorough for those seeking to build a wireless campus. Mobile IPs enable incredibly large (physically or IP-wise) networks to work across routers. ACLs, packet filtering, and the ability to propagate settings across the network are requisite for anyone running a complex network.

Client software was more than complete. The network profiler is a vital tool but is more complex than I think necessary. The necessity to have telephony and dial-up networking upgrades on a Windows 95 system seemed extreme. Including the Site Survey application and the diagnostic features of the Status Monitor, however, are valuable bonuses.

Documentation was poorer than I’ve come to expect from 3Com. I found a few noncritical errors between the Quick Start guide and the user manual. The lack of documentation for the Windows CE platform was disheartening.

I give the Access Point a B. It’s a workhorse that lacks a little polish. The PC card and client software receives an A-; the cards worked wonderfully, but I was troubled by the complexity of the Mobile Connection Manager (MCM) software. This software is necessary for Windows 9x machines whose users have to switch connections. With so many current and future Windows 9x systems on laptops, the complexity of MCM will be a real difficulty for end users. The Proxim HomeRF I reviewed included an incredibly easy-to-use variant of the MCM that worked perfectly. Therefore, I know it is possible to build and relatively inexpensive. Nevertheless, MCM software is targeted at mobile users who visit a large number of diverse network environments and need full functionality.

The 3Com AirConnect product line is excellent for corporate wireless programs spanning large areas or multiple buildings, such as a corporate campus. The feature set is appropriate for organizations with an existing network and IT staff that can ensure the advanced features provided will be taken advantage of.

For small or midsize offices looking for integrated solutions, check out 3Com's other 802.11b base station, the Home Gateway. The Home Gateway supports NAT, acts as a DHCP server, and supports PPPoE and VPNs. The upgraded version of the client software, which will include peer-to-peer networking using wireless adapters only, will be more suited to those looking for an integrated solution. (As of this writing, the upgrade, scheduled to be released February 2001, has not yet been released.)

AirConnect is 3Com's 18-wheeler of networking; it rattles a bit and may not be the easiest to drive, but it will get a whole lot of data where it’s going.

Equipment testedAirConnect Wireless LAN PC Card, model 3CRW737A Rev. BAirConnect Access Point3Com AirConnect software version 1.5 (Site Survey, Status Monitor, drivers)
SpecificationsCellular system allows roaming between Access Points and across network segments
Range (per cell)
  • Maximum clear open air: 300 meters
  • Typical Office Max (11 Mbps): 25 meters
  • Typical Office Max (1 Mbps): 90 meters
  • Maximum clients per cell: 63
  • Packet encryption with configurable keys: 40 bit international, 128 bit United States

Multiple bandwidth modes
  • Original 802.11: 2.2 Mbps (0.26 MBps), 1.1 Mbps (0.14 MBps)
  • Updated 802.11b: 11 Mbps (1.4 MBps), 5.5 Mbps (0.7 MBps)

Access Point features
  • DHCP client and server operation
  • SNMP-enabled
  • Access control lists for user administration
  • Packet-filtering services include forwarding of trapped packets via modem
  • Network statistics
  • Accessible via serial port, telnet, and Web
  • Dual antennas providing signal diversity to help isolate signals
  • Mobile IP services to allow roaming between Access Points on different routers
  • Network statistics available through Web interface
  • Configurations can be propagated to other Access Points

PC Card featuresSix power settings: Continuously Active Mode (CAM) and five Power Saving Polling (PSP) modes. PSP modes cause the client to power down and wait a number of network cycles before requesting data. CAM clients request data every cycle.
Software
AirConnect Status MonitorAs the most significant part of the included software, this versatile application provides quick and easy access to almost any information or setting pertinent to the operation of the adapter.
  • Bandwidth mode
  • Ping times and lost packets to a particular host
  • Number of local Access Points
  • Signal strength to Access Points
  • Signal noise of each Access Point
  • Communication channel in use
  • Data transfer statistics
  • Power mode used by the PC Card

Mobile Connection ManagerAn undeniably powerful, but also overly complicated, network profile utility was included that enables Windows 9x/Me portables to readily migrate from location to location without requiring network reconfigurations. The system supports all networking devices, including modems and remote printers. Unfortunately, this requires installing telephony and dial-up networking upgrades to Windows 95 clients to support the variety of services. This software is useful to anyone who travels to a large number of network sites. It includes the ability to import and export profiles, which can help standardize system configurations. Future versions need to be easier to use.
Site Survey softwareThis package focuses on placement of Access Point units to provide consistent coverage of a facility. It consists of the Status Monitor software with a more flexible interface and logging to evaluate the connection quality between multiple Access Points and record the test client’s location. Site Survey is a useful tool to help identify dead zones within a coverage area.You can contract a Site Survey team from 3Com services.
DriversDrivers were included for Windows CE 2.0, 95, 98, 2000, and NT. No documentation was included for the Windows CE drivers. According to 3Com, v1.5 drivers are compatible with Windows CE 2.11. New v2.0 drivers, which were due to be released February 2001, will support Windows CE 3.0.
New featuresSupport for peer-to-peer connections between individual AirConnect PC and PCI adapters will be included in the version 2.0 drivers, which were due out February 2001.The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.

Editor's Picks