If you listen closely, you can almost hear the sound of wireless LAN radio frequencies zipping network traffic through the air. Well, of course you can't literally hear RF waves, but wireless LANs (WLANs) are certainly being planted in IT networks from east to west. One of the most exciting technologies available today, wireless networks are being implemented by organizations of all sizes and verticals to improve productivity and decrease costs.
In this first article of a two-part series, I will describe some recent standards affecting WLAN technologies and discuss the standard components of a typical WLAN solution. Additionally, I will address the issue of security on a WLAN. My next article will take a detailed look at WLAN benefits and offer a cost comparison between a wired and wireless LAN.
Understanding the different flavors of 802.11
To know where we are with WLAN solutions, we need to take a quick look at how the technology has evolved. By now, most of us have heard of the 802.11 WLAN standards established by the Institute of Electrical and Electronic Engineering (IEEE). Before 802.11, all radio-frequency wireless network communications was proprietary. 802.11 established the standards for WLANs that vendors and manufacturers follow to ensure interoperability. Entire books have been written in an attempt to clarify the various specifications and differencing between the 802.11 protocol families. Table A briefly outlines the differences among the four.
|Date established||July 1997||September 1999||September 1999||January 2002—draft specification|
|Compatibility||802.11 only||802.11g||802.11a only||802.11b|
|Data transfer||1 and 2 Mbps||Up to 11 Mbps||Up to 54 Mbps||Up to 54 Mbps|
|Frequency||2.4 GHz||2.4 GHz||5 GHz||2.4 GHz|
|Modulation||FHSS and DSSS||DSSS only||OFDM||OFDM/DSSS|
Less confused? I didn’t think so. It takes a lot more reading and research to fully understand not only the differences but also the pros and cons of each standard. The main thing to know is that the current de facto standard being adopted by most vendors and organizations is 802.11b. The next few months will more than likely reveal the slow adoption of 802.11g products based on its higher transfer rate and compatibility with existing 802.11b specifications.
WLAN components and topologies
Now, let’s take a look at the typical components that make up a basic WLAN solution. It's important to remember that wireless local area networks are just that—local. They are used within a single building or in a campus area building-to-building connection. WLANs are most often used on mobile systems as an extension to a wired LAN, as illustrated in Figure A.
|Example of a standard wireless LAN topology|
You need to be familiar with three types of WLAN components:
- Wireless network cards
- Wireless access points
- Wireless bridges
Wireless network cards come in a couple of flavors, including a PCI card for workstations and PC cards for laptops and other mobile devices. They can act in an ad hoc mode, as in client-to-client, or in a pure client-to-access point mode. In an ad hoc mode, the wireless network card is configured to talk with other wireless network access cards that are within its range. This functionality will vary depending on the product and the 802.11 specification being used. Client-to-client (also known as peer-to-peer) WLANs are useful for small roaming workgroups of desktops or laptops that do not require access to the LAN backbone. The plug and play capabilities of most wireless network cards make this type of setup rather simple.
Most wireless network cards will connect to an access point. An access point is essentially a hub that gives wireless clients the ability to attach to the wired LAN backbone. The use of more than one access point in a given area is facilitated by the use of cell structures, which are similar to what cell phone providers use to maintain your coverage area.
A site survey can determine where to place access points within a building to create a map of the areas (cell structures) that will require wireless LAN access. The data transfer rate for each wireless client will be determined by its location within the cell structure. Locations closer to the center of an access point radius will experience higher throughput than those that are closer to the outside of the cell coverage area. This is facilitated by auto shifting, which allows the data rate to downshift based on distance from access point. Again, this functionality will vary depending on the product and 802.11 standard used.
One of the greatest benefits to roaming mobile users is the ability for one access point to hand off communication to the next access point in the roaming cell. Known as seamless roaming, this allows the user to move from cell structure to cell structure without losing connectivity to the network.
Wireless bridges enable high-speed long-range outdoor links between buildings (Figure B). The high-speed links between the wireless bridges deliver throughput several times faster than T-1 lines at distances up to 25 miles. Based on line-of-sight, wireless bridges are not affected by obstacles such as freeways, railroads, and bodies of water, which typically pose a problem for copper and fiber-optic cable. Wireless bridges are often the ideal choice for campus environments where the cost of multiple T-1 lines or fiber runs can be very costly.
|Wireless can also be used for building-to-building connectivity.|
The question of wireless security
No wireless project should be implemented without a lengthy discussion of security. Over the past year, much has been written about the vulnerabilities of 802.11 wireless LANs. Older forms of security on WLANs included the SSID, which was not really a security method at all, since the SSID can easily be retrieved by sniffing the network.
Authentication based on MAC filters was found inappropriate because they, too, could be sniffed on the network, and the allowable MACs could be spoofed. Newer 802.11 security uses 128-bit Wireless Encryption Privacy (WEP) for data encryption, along with shared key authentication. Unfortunately, researchers have recently identified holes in WEP that let attackers learn the keys used to encrypt 802.11b traffic.
So how does an organization protect its wireless LAN access? The IEEE has a new security standard called 802.1X that may provide the best solution. The 802.1X standard takes authentication away from access points and places it in an authentication server such as RADIUS or Kerberos. It uses the current Extensible Authentication Protocol (EAP) commonly used in PPP to control access. The 802.1X standard allows for the use of dynamically generated WEP keys on a per-session, per-user basis in place of a static WEP key placed in the access point. There are still weaknesses with this technology, and it has yet to be ratified and implemented by many vendors. So, at this time, encryption (usually in the form of VPN), traffic filtering, and other basic security restrictions on wireless network access in sensitive areas are still the best options for ensuring a secure wireless network.
As changes are in the works to establish new 802.11 standards and improve security, wireless LANs are moving into corporate America at an increasing rate. Who knows? In a few short years, wireless networks may be as commonplace as their wired counterparts.