Top Tips for Wireless Networking

Top Tips for Wireless Networking by PW Wireless Networks

It’s a wireless world outside, with mobile phones, Blackberries, Netbooks, iPADs and more, relying on various wireless data networks to connect and communicate. Adding or upgrading your WLAN (Wireless Local Area Network) inside the business adds flexibility, convenience, and keeps data available everywhere inside and outside your company. However, it also increases the responsibility of the network to perform with no disruptions or downtime. To help you get the most out of your wireless network we have put together our Top Tips when adding or upgrading a WLAN for your business.

Wireless Signal Obstacles

Wireless networks aren’t magic, they’re radio. Just as your car radio signal drops because of distance or obstacles like buildings, mountains, and tunnels, your wireless network signal has limitations. In fact, a WLAN signal is much less robust than a radio station because of the frequency used. While a mountain will block a radio station, a filing cabinet might block your network connection.

The most common wireless network types (802.11b and 802.11g) are “two wall” technologies. This means the signal can only go through two normal walls before it becomes too degraded for use. Extra thick walls, or plaster walls with a steel mesh inside, or foil backing for fire protection will degrade or stop the signal quicker.

Floors and ceilings count as walls too, so learn to think in three dimensions when placing access points. Try and avoid windows and glass doors too as WLAN signal goes through glass as easily as it goes through air.

Wireless networks are a lot like the old Ethernet hub networks. The network is a shared medium and as a result, the more clients that are associated to a wireless access point, the less bandwidth each client will receive. Bandwidth is also affected by received signal strength – the lower the received signal strength the lower the throughput and, therefore, bandwidth.

Onsite Planning

Placing access points intelligently will support the most users with the fewest number of access points. Start by placing access points in the middle of the office and check the signal levels. If you have only a few wireless clients to support, you may be able to use a laptop with a good signal strength meter in the wireless client utility to check signal levels. Continue to check your results with a second and third laptop, or however many access points you need. Larger companies should invest in wireless testing tools (some software tools are free or quite cheap) for better signal readings.

Site Surveys

Larger organisations will need a physical site survey which does cost money but this will speed up the deployment and can reduce the number of access points by locating them correctly. Smaller companies may be able to get by without a survey if their physical location is limited. An extra access point or two goes a long way toward user satisfaction, so if you can, try to install the right number of access points to ensure happy users.

Changes in Network Infrastructure

Adding wireless to your network requires more than just a couple of access points plugged into your existing router. In fact, wireless access points are one of the major reasons companies invest in switches with PoE (Power over Ethernet). Placing access points on the ceiling is much faster and less expensive when you don’t need to run electrical power through conduits to each location.

Small companies may be able to use a single wireless access point built into their main router as their only wireless infrastructure, but you know what they say about “best laid plans.” The flexibility of an extra access point or two is worth the expense.

When planning for user capacity, take into consideration more than just laptops and some wireless‐enabled desktops. Will iPhone users start surfing via their WiFi interface? iPad users certainly will. Check with the telecomm manager how phones will be deployed, because wireless desk phone handsets can use a fair amount of wireless bandwidth, and users will start to roam, which places more emphasis on the coverage, which goes back to planning !

Your network hardware, software and management processes will change more when you add wireless networking than you expect. Use the addition or expansion of a WLAN to examine and update your existing infrastructure. Bolting a new, high speed wireless network to an outdated and overworked switched network or router will only lead to complaints.

Router Upgrade

Your router, the connection point for internal networks to link to the outside world, may not be suitable for a WLAN. Even routers that don’t include wireless support need to accommodate different network configurations to support a WLAN.

A wireless network will have a different network address range than your wired network, and your router must support at least two network ranges. Companies with visitors often provide a secure “guest network” login in the reception area, or in meeting rooms, and this requires another network address range that should be separated from all your internal network resources. After all, a guest should see your Internet connection, but not your internal auditing files.

If your router does support WLAN connections, and you’ve had the router more than three years, upgrading is recommended for security reasons alone. Wireless networks require authentication protocols that have changed drastically in the last few years. Older routers are less secure, and often don’t work at all with newer security protocols included on the most recent laptops and other devices.

Include the cost of a new router in your wireless budget. You may not need it, but better to be prepared than insecure.

Rethink Security

Wired networks have one great security edge; hackers have to be inside your building to connect to your network. Wireless networks, especially when configured incorrectly, broadcast to the outside world.

Security must be tightened a couple of notches when you add wireless. Every wireless access point sends an SSID (Service Set IDentifier); a unique number attached to wireless data packets to differentiate that WLAN from others. Do not confuse this with a security measure, because changing your SSID away from the default setting, and turning SSID broadcast off, only slows down hackers by about sixty seconds.

This is a network identifier, not a security tool. Change it from the default for easier internal management, but don’t think it blocks anyone. Security client tools are like using WPA (WiFi Protected Access) and WPA2 for authentication. These supersede the earlier WEP (Wired Equivalency Protocol) that wasn’t, unfortunately, near as equivalent as the industry hoped. In fact, if your company handles customer credit card information, the PCI (Payment Card Industry) audits demand you use at least WPA for wireless security, or you fail the audit.

Wireless client authentication is too detailed for this paper, but be aware that adding a WLAN to your network requires a complete security approach, not just some piecemeal kludge to get a few laptops connected.

Clamp Down on Unauthorized Access Loopholes

A “rogue” access point is one that users set up for themselves, usually by going to an electronics superstore and buying a consumer router with wireless support for £30. No security, no authentication, and no management, but they blow a giant hole in your security wall.

The second way users either purposefully or accidentally destroy your security is through turning on Ad Hoc mode on their wireless client software. Early on, when Internet connections were limited, a laptop with an Ad Hoc connection helped others get to the Internet. Today they just help hackers.

Use regular sweeps with wireless monitoring tools to find and quickly close both these loopholes. Discourage experimentation by users. Ensure everyone who wants wireless access has it. When inexperienced users try to connect to a network they are most likely going to create their own wireless network in trying to connect to the existing. This can cause a number of security issues which could have been eliminated in the first place, if the user had access.

Plan for Upgrades

You may find older laptops and wireless client access cards may not support WPA2, or even WPA. That’s one example of an upgrade to plan for, but not the only one. Security protocols change regularly, and updated implementations of popular security tools offer much better protection than older hardware and software.

This may mean updating some firmware on your wireless access points or replacing an older router that can’t be updated. Your wireless budget needs don’t stop when you turn on the network.

The most critical area to plan for is upgrading your WLAN hardware to support 802.11n, the latest wireless protocol approved for use by the standards committee. Speeds in 802.11n are many times faster than 802.11b and 802.11g, and the signals go further with higher quality. The speed and increased user count supported by 802.11n equipment is well worth the upgrade, when you get to it. Beyond that, always plan for security upgrades. Test for security leaks, like rogue access points, regularly, and that may mean buying tools as the wireless user base increases. Keep your software, including clients, wireless access points, and routers, up to date. Most of the time, a firmware upgrade will be enough. Be prepared that older equipment will reach a point where it must be replaced, and that point will usually be decided by a needed security upgrade. It’s important to keep an eye on new wireless applications that you can install to your network. There are a number of companies specializing in the design of applications to help your business run more effectively.

These applications can often save you money with immediate effect by utilising your existing wireless network. Installing your network is just the first step to increasing your business efficiency, so it’s worth taking time to check what applications are available to suit your business.

Invest in a WLAN Controller

Small companies can get by managing wireless clients as they manage wired network clients: manually. This method is popular because it’s cheap. And more than a dozen or so users seems to be the point where the manual method becomes painful. Unfortunately, small companies tend to ignore management needs rather than upgrade to automated tools. Larger organisations can amortize costs over more users and can afford to invest in automated tools. One that’s critical for companies with several or more wireless access points is a WLAN controller. These tools use less intelligent wireless access points but manage, configure, and secure them more completely than so called “fat” access points do. In addition, they provide a single management interface for all wireless access points and users. A WLAN controller is highly recommended as a management upgrade which saves time and increases security.

Conclusion

As in life, and many other areas, doing things right can take a little more time, effort, and often money. Developing a wireless network on the cheap and without proper planning can cost you a fortune. One of the largest and most expensive data breach thefts of customer information ever, from T.K.Maxx, occurred at a retail store through their unsecured wireless network. The cybercriminals actually did their work in the comfort of their own car in the car park.

Done well, a wireless network offers user freedom not possible any other way. Building a proper wireless network will be much easier when following these considerations. Think security first, and the rest will fall into place easily.

If you would like any further information regarding your wireless network needs, please call 01925 751638 today and book a FREE Wireless Consultation with one of the UK’s leading experts.