Model: CSD
Engine and CSD Agent
Pros: Integrated platform, flexible, easy to deploy.
Cons: No encryption, rogue AP detection not fully integrated.
Roving Planet’s Central Site Director (CSD) is a comprehensive wireless LAN
management, control and integration platform fitting for just about any enterprise
or public hotspot.
The CSD brings together all wireless management functions in a centralized
manner that reduces total cost of ownership. With the CSD, users have a platform
that provides a complete line of wireless management functions that make up
for limitations in conventional access points. The CSD offers a single common
platform, avoiding the need to deal with weakly integrated components that competitors
tend to offer.
The CSD has native support for a wide range of authentication services, such
as RADIUS,
LDAP, and Active Directory
along with authentication protocols like PEAP, LEAP, TTLS,
802.1x,
and EAP-MD-5. The CSD also enables authentication through encrypted (SSL) browser-based
login via a customizable built-in Web portal, digital certificates or MAC ID,
and ships with on-board RADIUS. Authorization mechanisms deny access to applications
from ineligible users and devices in a variety of ways, such as by port, IP-port
pair, protocol, and subnet.
The monitoring capability of the CSD is substantial. Real-time monitoring,
display, and logging of all users and devices keep track of user activity, permissions,
status, and location. Administrators are able to view the bandwidth utilization
and other network activity by user, group, application, or access point. CSD’s
reporting functionality includes pre-built reports as well as customizable reporting
and data export to third-party applications. Roving Planet says additional interfaces
to CiscoWorks
and HP Openview are coming in the
near future.
To aid in operational support, the CSD allows administrators to view multi-vendor
access point configuration parameters, such as transmit power, radio
channel, and firmware version. The CSD automatically discovers all access
points and organizes them by logical groups defined by the administrator. Centralized
configuration of all access points makes updating firmware and changing configurations
very easy.
Bandwidth management is made available by the CSD which allows administrators
to limit and prioritize traffic by user, group or application. Bandwidth is
optimally allocated at each access point based on load, users and applications,
which can adapt to the changing radio environment. This is certainly critical
when supporting VoIP and multimedia Web browsing amidst other lower end applications
such as e-mail or when there are multiple enterprise applications available
through the wireless network.
The CSD offers excellent support for multiple organizations and WISPs by enabling
segments of users to operate as discrete entities on a single wireless LAN.
A Website redirect mechanism routes users to their applicable portal based on
log-in credentials. The CSD makes it possible to manage each segment of users
separately with support for third-party authentication and billing systems.
These types of features are extremely advantageous when multiple WISPs need
to operate over the same wireless LAN, companies want to have a common wireless
infrastructure for both private and public applications, or enterprises needing
to keep business units separate.
An open architecture enables the CSD to act as integration point for all wireless
systems and applications. A well-defined API allows integrators and WISPs to
include unique features. In fact, Roving Planet and associated partners are
actively using this API to extend functionality rapidly as new requirements
arise.
Besides having a solid set of security and management features, the CSD is
easy to deploy. The CSD operates as a bridge instead of gateway, which is simpler
to integrate into an existing network. This works well because the administrator
is more familiar with taking care of network configurations, such as DHCP and NAT, through the existing
network.
An issue with the CSD is that it doesn’t offer encryption. In other similar
products, however, I’ve found that administrators generally use VPNs and WPA
instead of the vendor supplied encryption methods. Roving Planet has partners,
though, that can supply specific encryption if necessary for your wireless network.
Another problem I found while testing the CSD is that the rogue access point
detection is not fully integrated; it currently runs as a separate system. It’s
extremely important that companies continually monitor for unauthorized access
points. Roving Planet claims that fully integrated rogue access point detection
will be available by the end of the first quarter of 2004.
Overall, the CSD certainly has the right combination of features to support
enterprise and public hotspot applications. If you’re in the process of deploying
a wireless LAN, I highly recommend considering the CSD. You’ll find that the
comprehensive set of features from this single platform will likely solve most
if not all of your requirements.
Jim Geier provides independent consulting services to companies
developing and deploying wireless network solutions. He is the author of the
book, Wireless LANs
and offers training
focusing on wireless LANs.