On any network, especially a wireless LAN, you should plan effective operational
support mechanisms to ensure that the network runs smoothly. Good operational
support will improve availability, performance, security, as well as reduce
costs of a wireless LAN. However, don’t depend on traditional wired-based support
tools. Wireless LANs offer challenges that traditional methodologies and tools
aren’t designed to handle.
Because of the use of radio waves, various conditions and events change how
a wireless LANs operates compared to a wired network. For example, the presence
of RF interference
the network to become inoperable. Alterations made to the facility, such as
new walls or the addition of metal storage racks, can vary the propagation of
radio signals due to attenuation
to the network.
An unexpected increase in utilization (such as a group of wireless users participating
in a video teleconference) may cause throughput issues, which can introduce
delays to users. Even worse, an access point may become defective and prevent
access to the network from certain parts of the facility. Inoperative access
for days, weeks, even months!
Some unseen events may compromise the security of a wireless LAN. As an example,
an employee within the company may deploy a small wireless LAN without coordination
LANs. These rogue access points introduce an un-secure interface to the corporate
network. A hacker may try to access network resources by intentionally installing
a rogue access point to intercept sensitive information or fake a connection
to a legitimate access point. In addition, somebody wanting to restrict usage
of the wireless LAN could try jamming an access point with strong radio signals.
These types of problems, which occur after you deploy the network, will wreak
havoc on users and IT staff unless there are tools in place to effectively support
the network. You certainly can’t install a wireless LAN and expect it to continually
run effortlessly on its own. Be sure to consider all possible operational problems,
and plan the implementation of a sound operational support system.
Implementing wireless LAN support tools
Traditional support tools are not effective toward supporting WLANs, mainly
because of WLAN-related issues. For example, rogue users and access points go
undetected by most wired system support tools. These tools also don’t do a good
job of pinpointing issues related to radio signals, such as RF interference
With proper support tools, you can proactively uncover network characteristics
before they introduce serious problems. The increase of packet retries on a
particular access point, for example, could indicate RF interference in that
area of the facility or collisions resulting from hidden nodes. The identification
of a rogue access point can pinpoint a possible security threat. Support tools
intended for wireless LANs identify and handle these types of troubles.
The primary features found in wireless LAN support tools, from companies such
as AirWave, Symbol
and WaveLink, focus on the monitoring
and configuration of access points and client devices. The use of these tools
certainly shouldn’t preclude the use of your existing enterprise management
systems. Choose wireless LAN tools that augment existing capabilities and interface
with your present support mechanisms.
Monitoring the Network
Monitoring requires periodically examining each access point and user and provides
complete visibility of all network devices, including connectivity status, availability,
performance attributes, and security settings. For example, AirWave offers an
AirMapping module that creates a map of the enterprise network. It indicates
possible channel interference and environmental factors that impact performance.
In most cases, you can set polling intervals in support tools to gather just
enough information from specific wireless devices. The problem with monitoring,
however, is that it introduces overhead on the network, which lowers throughput.
Too much monitoring can have negative consequences. So, use monitoring sparingly.
Most operational support tools have user-definable triggers that will automatically
alert IT staff via a console, e-mail, or pager if problems are found. For example,
support software may poll an access point if no beacons from that particular
access point are heard over a specific period of time. If the software polls
the access point and finds it to be inoperative, the support software will trigger
an alert. The software can generate a similar alert if it finds that an access
point’s configuration parameters don’t match security policies, which likely
means it’s a rogue access point.
Most wireless LAN support tools enable IT staff to remotely control multi-vendor
access points, providing access to security settings, RF channel settings,
service set identifier (SSID
(PoE) control, and network configurations. IT staff can use a centralized console
to perform configuration settings, instead of interfacing with each access point
separately. This certainly saves time and money.
Some support tools will configure new access points automatically when they
are found and make certain that current access points comply with security policies.
This ensures all access points are set the same, which improves security. For
example, the support software may discover if a particular access point has
been reset (possibly by a hacker). This situation is critical because the access
point may be operating with factory default settings, which generally doesn’t
include any form of security. Soon after discovery of the corrupt access point,
the support software will automatically reinstate the proper settings. This
ensures that the hacker won’t be able to use it as a non-secure entry point
to the corporate network.
Periodically the IT staff should update firmware to make sure that each access
point and user is taking advantage of the most current performance, interoperability,
and security enhancements made available by the vendor. The traditional method
for updating firmware is to manually upgrade each client device and access point
individually in order to flash in the new firmware changes. Some IT organizations
will avoid making upgrades because of the labor involved. Most wireless LAN
support tools, however, have centralized firmware update mechanisms that you
can schedule to occur automatically. This significantly reduces the time and
money necessary to update firmware throughout the wireless LAN.
Don’t underestimate the issues that may arise after you install a wireless
LAN. As part of your deployment plan,
define effective operational support by choosing tools that counter possible
contingencies. Don’t let unforeseen issues ruin your day.
Jim Geier provides independent consulting services to companies
developing and deploying wireless network solutions. He is the author of the
book, Wireless LANs
(SAMs, 2001), and produces computer-based training courses
covering wireless LANs topics.
Join Jim for discussions as he answers questions in the 802.11 Planet Forums.