jump to navigation

WiFi Q&A

July 1, 2004

As wireless networking becomes more and more interesting to organisations, the questions naturally start flowing. Here’s a list of questions from IS managers of mid-size companies-and some answers.

We already have a wired network fully in place. Does it make sense to consider Wi-Fi?

Your should consider Wi-Fi if you have laptop users who need to carry their laptops into common areas, like conference rooms, where wireless is far more convenient than wired access; or if you have executives who travel across offices and want connectivity in another office. Even with just one or two laptop users, the low cost of Wi-Fi enabling a conference room (around Rs 5,000, for an access point) makes it worth it.

Wi-Fi can also help you in two other ways: by extending your existing wired network to places that are not currently wired or are hard to reach, and providing services that are not currently feasible via a wired network

The former is easy to understand - by using Wi-Fi, you can provide network services in areas within your premise that were not included in the original cabling plan. This includes areas outside the building (such as balconies, terraces or even lawns), where it is not feasible to lay permanent wiring.

The latter is slightly more interesting. You could, for example, deploy Voice-over-IP (VoIP) phone services on your premises, using several VoIP phone models now becoming available. Another service would be roaming, mobile connectivity, such as Personal Digital Assistants (PDAs), transport vehicles that cannot be wired to a spot (such as forklifts), security devices (such as cameras), etc.

Who should do the implementation?

If you just want a small setup (like extend connectivity within a conference room or a small office), then this is something your system administrator (or even you yourself) should be able to do with the greatest of ease. Today’s Wireless LAN (WLAN) equipment is so simple to use that in most cases, it is just a question of plugging it in and following the prompts.

In the less likely case that you need a campus-wide, full service WLAN, it is best you get professionals to come in and set it up, as there are some aspects of WLAN implementation that are beyond the scope of casual technician. One requirement would be a radio survey that maps the various parts of your campus in terms of accessibility via the WLAN (radio strength). This information allows a network designer to correctly place and mesh access points across the campus for uniform service quality.

What will it cost?

That depends on your requirement. WLAN equipment is getting cheap, but there are various classes of equipment. Corporate access points can be far more expensive than SOHO (small office/home office) oriented wireless routers. Also, the numbers involved will decide the over all cost.

But if you look at a small (and fairly typical) setup of maybe 3-4 users, needing to access the internet via a wireless router, you can expect the router to cost you around Rs 7,000 to Rs 8,000. If you already have Internet connectivity in your wired network, then you already have some sort of router: you just need to ad a Wi-Fi access point (Rs 5,000).

Many current laptops have built-in wireless; if yours don’t, you need a network card (around Rs 2,000 per laptop).

Do I need a license?

In India, you can deploy 802.11b (the basic 11 Mbps version of Wi-Fi) freely indoor or within a campus. Outdoor usage beyond a campus, or the use of other standards like 802.11g (the 54 Mbps version), requires a license.

This is, of course, surreal-both versions use the same frequency range. We expect that 802.11g will soon be de-licensed as well, at least for indoor use.

All this applies to indoor or in-campus use. If you want to flood the neighborhood with Wi-Fi, you need a license.

So you can buy 802.11g equipment if you like, but to use it without a license, you must use it at the lower 802.11b speed. Until 802.11g is “opened up” in India.

What are the products available? Which do you recommend?

Today, Wi-Fi equipment is reaching commodity status. Lots of vendors are entering the market every day, and of course the gray market is flooded with products. Some well known names are, D-Link, Linksys (from Cisco), Netgear, and Multi-Tech, all of whom have well-priced products, all with the proper approvals required for operation in India. (In an informal survey, Dataquest found D-Link’s product range and availability to be a little better than the others’ during the course of the former’s Project W Wi-Fi related activity, but others may have caught up now).

It is difficult to recommend any particular product at this stage. Price plays a major role here - most products in this category tend to perform similarly. However, in our experience, the product range and availability seems a little better with D-Link than with the others.

Can I start in a low cost and scalable way?

Of course. That is the recommended way-get comfortable with the technology by setting up a few access points, wireless-enable a few people, work out the kinks in the system, get familiar with the issues, and explore the possibilities. This can easily be done with low-end equipment and little investment. Eventually, you can get a full-blown system set up, possibly by professionals. Your original investment won’t be lost, since in most cases it can easily be integrated into the new system.

All it takes is a Rs 5,000 access point plugged into your conference room or reception area, to start with.

How do I tackle security?

You may not need to be severely paranoid about security for basic small network use. Most access points will give you two or three types of security, such as WEP encryption, and MAC-based filters. These are mostly adequate, but be aware that if you plug in Wi-Fi products into your company network, you do need to have basic security that is considered normal on the network anyway-such as strong passwords to your servers, and ensuring that your Windows PCs and laptops are not sharing folders and files.

In most cases, your existing network administrators will have enough knowledge to deal with security - if not, they can easily be trained in the additional aspects introduced by the WLAN. For a larger WLAn deployment, or for a business-critical network, you may need to get the help of a network professional.

How do I tackle security with minimal user harassment?

Using switches, extreme firewalls and a very clear understanding of what you are doing, you can ensure that people can “just use it” without too much setup time. However, understand clearly that the lower the “harassment”, the higher the risk involved. It is best you let a network administrator take a call on this.

If all you’re providing on your Wi-Fi network is Internet access in a small room, and the access point is not connected to a local area network or a server, you may even choose to disable security features like WEP, provided: (a) your laptops are protected as described above, and (b) you’re sure the signal is not leaking out of the room! In such a case you can actually reduce the access point’s signal power level, from its interface. In such a scenario, you are trusting users who are actually in the room (who might anyway have used wired access, too).

What are the pitfalls?

Speed, for a start. If you are used to a 100 Mbps wired network, or even a 10 Mbps switched network, be aware that you will experience lower speeds if you share an access point between multiple users. This does not matter for Internet connectivity, where your Net access bandwidth will be much lower anyway, but for accessing files on servers and PCs on your LAN, you’ll notice the difference.

Security, next. A WLAN can be accessed by anyone-including people you do not want to have on your network. Security is a key issue if you have a company LAN, with or without servers-if you aren’t careful, you might end up having your network compromised.

Next to this, issues you will face are signal strength-concrete walls, foliage and trees, etc. can all block the wireless radio signals, causing speeds of access to reduce, or access to be lost entirely. Correct placement of access points will handle this problem.

Be aware of the fact that mixing 802.11g (54 Mbps) and 802.11b (11 Mbps) clients can sometimes cause everyone’s access to drop to the lower 802.11b speeds. This is a technical shortcoming of current equipment. To avoid this, you can force your access points to work only in the faster 802.11g. This will, however, lock out any 802.11b clients.

How can I optimize the network?

Avoid setting very high expectations. This is probably the most effective optimization method. Many people expect their new WLAN to operate at wire-speeds-something that is simply not possible given the current wireless technologies.

Make sure that people who need heavy-data access (like access to databases, or where a lot of file transfer takes place) are connected to the wired networks, to avoid “flooding” of the available wireless network bandwidth.

Consider auditing usage (tools for this are available)-if you find a user “hogging” bandwidth, you may have to introduce some form of bandwidth management (which could be as simple as denying that user access to the WLAN).

Remember that security is a process, not a result. Therefore, it helps to keep checking things now and then-looking for unnatural traffic, etc. Also, disallow services that your users won’t be using (e.g. on an Internet-only access WLAN, disallow access to your corporate database and file servers), etc.

Prasanto Kumar Roy contributed to this article, which first appeared in the June 15 issue of Dataquest.

Comments»

no comments yet - be the first?