Rolling out a wireless LAN within your organization can provide numerous benefits — but it's more complicated than just plugging in a wireless access point (WAP). You need to address a number of factors in the planning stage to ensure both accessibility and security. Deb Shinder lists some critical factors to consider as you prepare to go wireless.
There are a number of reasons for a company to implement wireless networking. Wi-fi makes it much easier for workers to connect to the LAN from their laptops in conference rooms, break rooms, and other areas that may not have wired Ethernet jacks (or may not have enough for the number of people present).
A wireless network also provides a way for you to allow visitors to access the Internet with their laptops or handhelds (for example, to check their e-mail).Rolling out a wireless LAN within your organization, however, is more complicated than just plugging in a wireless access point (WAP). You need to address a number of factors in the planning stage to ensure both accessibility and security. Here are some of the things you should consider as you prepare to go wireless.
Note: This information is also available as a PDF download.
#1: Determine who will use your wireless network
The first step in planning your wi-fi deployment is to determine who will be using your wireless network. This can affect network design. If the wireless network is primarily to give visitors Internet access, you will want to isolate it from your wired LAN, perhaps by placing it in a DMZ. If the wireless LAN is for the use of your workers, you will need to give them access to resources on the wired corporate network without compromising the security of the main LAN.
If both outsiders and employees need wireless, you may want to establish two separate WLANs to meet the needs of each.
#2: Define the purpose(s) of your wireless network
The next step is to look at what type of traffic will flow over the WLAN. This analysis is necessary before you can properly plan for a reliable user experience. For example, if you plan to implement real-time communications such as VoIP over the wireless network (VoWLAN) or engage in video conferencing over wireless, you will need to consider quality of service (QoS) and network management tools to ensure that voice transmissions work properly.
#3: Determine bandwidth needs
Remember that wireless is a shared bandwidth technology. Thus, bandwidth needs are dependent on the number of simultaneous users as well as the type of network traffic being transmitted. You can use a packet analyzer to help calculate the amount of bandwidth required for specific applications. Some wireless equipment vendors provide planning tools that can help you estimate your bandwidth needs. You can also use the method described here to calculate the bandwidth capacity you need. Be sure to plan not just for current needs but for future growth, as well.
#4: Compare wireless standards
There are several different wireless standards, commonly identified by the numbers assigned to them by the Institute of Electrical and Electronics Engineers (IEEE). IEEE 802.11 defines wi-fi standards, and there are basically four standards in use. 802.11b was the most common; it provides for the lowest cost but is limited to 11 or 22 Mbps data transfer speed. It has now been replaced in many cases by 802.11g, which is backwardly compatible with b and provides for faster performance: up to 54 Mbps. Many modern laptops come with wireless network cards that support both b and g.
802.11a also supports up to 54 Mbps, but it has a shorter range than b/g. Because it operates on the 5 GHz frequency, while b and g operate at 2.4 GHz, it uses equipment that is not compatible with b and g. It does, however, have the advantage of less potential interference from the wide variety of devices that also use the 2.4 GHz frequency.
The newest wi-fi standard is 802.11n. It is also backwardly compatible and offers speeds of 100 Mbps and over. It has a somewhat longer range, but it is currently the most costly. Wi-fi equipment (access points and network adapters) that support n are just beginning to become available.
There are other wireless technologies such as Bluetooth (for very short range communications) and WiMax (for longer range networking), but companies will generally use one of the varieties of wi-fi for their wireless LANs. If you're rolling out a brand new wi-fi network now, it may be best to go with 802.11n; however, you'll also want to consider existing equipment (such as laptops and handhelds that only support b/g).
#5: Consider coverage issues
In a large building, you'll need multiple access points to provide wi-fi coverage throughout. You'll need to do a site assessment to determine where access points and repeaters (devices that boost the signal) should be placed to eliminate gaps in coverage. High gain antennas can also extend the wireless signal range, and they come in both omnidirectional and bidirectional varieties.
You should also consider whether there are areas that you don't want covered, such as the parking lot. It's possible to use certain materials on walls to block RF signals. There is even a type of coating that can be painted on to block signals.
#6: Address interference issues
Because wi-fi is transmitted via radio signals, those transmissions can experience interference if other devices in the vicinity are transmitting on the same frequency. The 2.4 GHz frequency that's used by 802.11b, g, and n technologies is also used by many common electronic devices, such as microwave ovens, cordless phones, and garage door openers. You may be able to set the equipment to different channels to avoid interference.
You should perform a site survey before deploying the wireless network to ensure that devices operating on the same frequency are not placed in close proximity to your WAPs. Spectrum analysis tools can provide graphic diagrams of existing RF signals.
#7: Choose a wireless equipment vendor
Selecting a vendor of wireless equipment is an important step in planning your wi-fi rollout. There are many hardware vendors that make WAPs, wireless routers, repeaters, antennas, and wireless network adapters. These include Cisco, D-Link, and many others.
The Wi-Fi Alliance certifies products to ensure that these products have been tested and meet their reliability and compatibility standards. Although certified products from different vendors should work together, you may find that using products from the same vendor makes deployment go more smoothly and makes technical support of users easier.
#8: Select the best security mechanisms
Security is a big issue that must be considered in rolling out a wireless network. Because wi-fi signals are transmitted over the air, they are more vulnerable to interception and deliberate disruption than are packets sent over a wired network.
Wireless security mechanisms include strong authentication and encryption schemes. Wi-Fi Protected Access 2 (WPA2) encryption with Extensible Authentication Protocol/Transport Layer Security (EAP-TLS) authentication using RADIUS servers as defined by the 802.1x standard is a good practice for protecting wireless networks from unauthorized access and interception. For even stronger security, you can use two-factor authentication via smart cards or tokens. You can find additional information on securing wireless networks here.
#9: Ensure that IT personnel are trained to maintain your WLAN
Before rolling out the wireless network, you need to make sure that your IT personnel have the knowledge and skills to maintain, administer, and troubleshoot the wireless LAN. Wireless equipment vendors offer training and certifications. For example:
- Cisco certification for Advanced Wireless LAN Field Specialist.
- Planet3Wireless Certified Wireless Networking Professional (CWNP) and Certified Wireless Network Administrator (CWNA) certifications in wireless networking
#10: Conduct a pilot program before rollout
Finally, before rolling out wireless access throughout the organization, it's a good idea to conduct a pilot i, offering wi-fi in a limited area to a limited group of users. This will allow you to identify potential issues and detect security or usability problems. You can then address them on a smaller scale.
Debra Littlejohn Shinder is a technology consultant, trainer and writer who has authored a number of books on computer operating systems, networking, and security. These include Scene of the Cybercrime: Computer Forensics Handbook, published by Syngress, and Computer Networking Essentials, published by Cisco Press. She is co-author, with her husband, Dr. Thomas Shinder, of Troubleshooting Windows 2000 TCP/IP, the best-selling Configuring ISA Server 2000, and ISA Server and Beyond.