Cisco’s Wi-Fi Challenges

When representatives of a major vendor of Wi-Fi equipment come to you and say
they have a good story to tell about how the company uses Wi-Fi in its own operations,
you can be forgiven for reacting a little cynically at first.

Well, of course, they use it in their own operations. Why wouldn’t they?
They don’t have to pay for the stuff. In the case of Cisco
Systems
, though, the story really is compelling.

The company started with 802.11b WLAN pilots in several offices around the
world four years ago, before Cisco acquired the Aironet products it now sells
so successfully. Based on the results of those pilots, the company decided in
late 2001 to go with a global deployment.

"We’re talking ubiquitous coverage and comprehensive entitlement,"
says Oisin Mac Alasdair, Cisco’s Sydney, Australia-based global program manager
for wireless architecture. "It was quite a significant decision."

Once the decision was made, the deployment went very quickly: four months to
install 85 percent of the company’s sites around the world. Today Cisco has
300 locations up and running — with virtually every square inch of office space
covered — in 120 countries.

Every employee is offered wireless access and a wireless device. The standard
issue computer at Cisco is now a laptop and all new laptops are purchased with
Wi-Fi connectivity built in.

A few employees who don’t need it don’t use it, but with 32,000 employees worldwide,
the company’s WLANs actually support between 35,000 and 38,000 registered devices.
Some employees have multiple Wi-Fi devices — a laptop, plus a PDA, for example.

It’s not that Cisco was looking to replace wired networks — it also, of course,
sells wired networking gear.

"We always went out with the intention that this would be complementary
infrastructure that would enable people to be more productive," explains
David Castaneda, the company’s lead infrastructure architect for enterprise
mobility.

"It’s a mobility enhancement tool. We have staff that go into a lot of
meetings. This allows them to be untethered but still productive."

The decision to go all out with wireless at Cisco was supported by a study
the company commissioned in late 2001 from UK-based NOP
Research Group
. NOP interviewed companies that had implemented WLANs to
find out, among other things, what kind of benefits they were seeing.

End-users interviewed claimed wireless LANs allowed them to be connected an
additional 1.75 hours a day. The increased connectivity increased productivity
by 70 minutes a day, for a 22 percent productivity boost on average.

NOP further calculated that, given an average salary of $64,000, the annual
productivity improvement per user was worth $7,000 on average. For "the
average large corporate organization," this means a productivity improvement
of as much as $6.3 million a year.

Cisco, to its credit, is a little more conservative. The company has calculated
that its employees have gained an extra 10 minutes of productivity per day,
which translates to a cost saving of $2,852 per employee per year. Still pretty
good.

The WLANs are certainly well used. Mac Alasdair’s group earlier this year surveyed
its internal clients. Over 90 percent said they used the WLANs on a regular
basis, and 27 percent said they used only wireless for connectivity.

"The project has been a run-away success from our point of view,"
Mac Alasdair says. "We certainly never expected 27 percent of employees
to be using wireless as their only connectivity method."

While the intent was always that the wireless networks be an overlay to complement
existing wired networks, Cisco is now thinking about moving to wireless
only in some smaller offices, Castaneda notes.

Right from the start, the company made bold decisions about how to implement
the WLANs, decisions that could, again, be interpreted cynically because they
involve deploying more infrastructure than many WLAN implementers might deem
necessary.

Following from the strategic decision to go with ubiquitous coverage and universal
entitlement, the company decided to ensure maximum throughput everywhere in
each facility, and to strictly maintain a users-to-access-points ratio of 25:1.

It’s not even possible to log in to a Cisco WLAN at less than full throughput.
If a client device tries, it’s blocked. There was a reason for this strict approach,
Castaneda explains.

"There’s a degree of social engineering involved here," he says.
"By ensuring that they get [maximum throughput] you head off any potential
negative user experiences. Obviously connecting at 1 or 2 Mbps is not going
to give a very positive impression."

The project team also saw a clear justification for deciding to stick with
a 25:1 access point-to-user ratio. "The 25:1 ratio made it easier to adopt
a baseline site survey approach for every office building," Mac Alasdair
explains. "It may have cost us an additional amount of money, but we recouped
that money by having a more stable network in the end that didn’t require as
much troubleshooting later."

Ubiquitous, full-bandwidth coverage and the 25:1 capacity planning rule also
reduced the temptation for employees to install rogue APs, he notes. "It
may look like a higher cost item, but, again, we saved in the long run because
it helped reduce the number of rogue AP deployments."

That had obvious security implications — and not just preventing break-ins
through unsecured rogue access points, Mac Alasdair points out. Undetected rogues
are also often used, intentionally or unintentionally, in denial of service
attacks.

Security was of course a major consideration. Cisco naturally implemented its
own enhanced WEP (Wired Equivalent Protocol) technology, as well as technology
for dynamically managing the distribution of WEP keys.

As in all WLAN implementations, though, security concerns had to be balanced
against usability and productivity objectives. "We could have included
a VPN (Virtual Private Network) overlay, for example, but that significantly
reduces productivity and usability," Mac Alasdair says. "So we chose
not to."

Cisco took a perhaps surprising decision on its approach to implementation.
It hired "trusted third-party partners" to do the lion’s share of
the work.

"We obviously have highly skilled engineers in Cisco," Mac Alasdair
says. "But we felt that this was not a good use of their time." It
might have made sense to do it all in-house if the implementations were all
in the U.S., Castaneda adds, but this project would have involved sending very
expensive engineers to virtually every corner of the world.

The Cisco project team took a first cut at establishing how many access points
would be needed in each facility, based on the local population, and where they
should probably go in the building based on floor plans. Then the trusted partner
went in and did a full site survey to establish exact numbers and positioning.

Local cabling companies were subcontracted to install necessary Category-5
cables and power. Cisco project personnel did the configuring of the access
points, which were then installed by the implementation partner. Finally, the
partner did a post-implementation audit to make sure everything was working
as it should.

The trusted partner approach is one Cisco recommends to its customers too,
Mac Alasdair points out — even those with big IT departments. "A high
number of deployments that rely on a company’s own skills fail as compared with
those that use skilled, experienced implementers," he notes.

One key lesson learned and applied in the global WLAN deployment at Cisco was
the need to standardize. A single standard configuration for clients and access
points means it’s now relatively simple to push out software and firmware updates,
Castaneda points out.

Another lesson: keep user expectations in line. In Cisco’s case it meant making
sure employees realized they would not be able to use voice on these networks
or video, and that they wouldn’t be able to roam from building to building without
re-logging on.

Of course, nothing remains static. Cisco is already looking at adjusting the
25:1 rule precisely so that it can accommodate higher-bandwidth applications
such as voice and video. It will likely move to a 10:1 ratio, Castaneda says.

Cisco does have one internal 802.11a deployment in Japan today, but is in no
hurry to roll out 11a globally. The cost would be prohibitive so soon after
the initial 802.11b deployment.

Cost is a factor for Cisco, but it’s not the hardware costs. It’s the
people costs for designing networks, configuring equipment and installing it
— a combination of opportunity costs for Cisco employee time and real dollars
out the door to trusted partners.

That is true for customers as well, though, Castaneda point out. "The
cost of [WLAN] hardware is minimal compared to support and deployment costs."

Within the next 12 to 18 months, Cisco will migrate globally to 802.11g, a
much lower-cost upgrade, and eventually it expects to deploy an 11a/g infrastructure,
possibly with 11a reserved for voice and video and 11g for data.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web