Wireless Gone Wild: Time to Plan Your WLAN - Page 2
Architecting Your WLAN
After your policy is down in writing, the next big considerations for network managers revolve around what kind of hardware architecture to deploy. Most wireless networks today are still built around standalone access points. However, other emerging options include WLAN switches and routers and wireless gateways. Each choice carries its own pros and cons (see Switch or Gateway: Future-Proofing Your Wi-Fi Network for more on this topic).
Standalone access points, also referred to as "fat APs," come with built-in WLAN and user-management intelligence, says Peter Livingstone, director of technical marketing for Chantry Networks, a Newton, Mass-based maker of WLAN routing products.
Standalone access points are sometimes characterized as "resilient," since each is independent. Weaknesses of fat access points, though, include limited scalability and the need for individual configuration and management, according to Livingstone. "You get a big, flat network. You can't differentiate between user groups. It's a management burden when you have to go around to ten different access points," he adds.
"Fat APs" can constitute a glaring security risk, too. "Somebody (walking by) can easily just turn off the authentication," he says. Meanwhile, administering roaming across subnets can be a very complex job.
Newer solutions such as WLAN switches, gateways, and routers require less intelligence on the access point side. "You'll probably see access points getting dumber and dumber in the future," says Craig Mathias, an analyst at the Farpoint Group.
"Now that the access point becomes just a radio, it can (also) become less expensive," points out Chantry's Livingstone.
WLAN Switches, Routers, and Gateways
An alternative to standalone access points is to deploy products that place the WLAN intelligence on an Ethernet switch. The downside is that you'll need to add more switches to the wiring closet. Switches can also constrict the range and flexibility of the WLAN, according to Livingstone.
WLAN routers and AP gateways, on the other hand, are "core solutions." Unlike switches, routers provide "flexible location," enabling the controller to be placed anywhere on the IP network. Routers also allow for "unlimited device scalability," says Livingstone.
Perhaps more importantly, WLAN routers also leverage the existing IP infrastructure, permitting central management of access points and user sessions at Layer-3. Networks, though, can experience a slight overhead caused by tunneling traffic, Livingstone points out.
WLAN routers also share a certain disadvantage with WLAN switches. With both approaches, products tend to be vendor-specific. That is, vendors of WLAN routers and switches tend to optimize these products for use with their own APs.
Gateways for Third-Party Access Points
Theoretically, at least, third-party access points can be better managed through access point gateways, which add central control to fat APs, often with integrated feature sets such as VPNs.
One disadvantage of the gateway, though, is that "you need a separate virtual LAN for the WLAN," reports Livingstone. Gateways still don't necessarily integrate smoothly with third-party access points, either.
WLAN switches, routers, and gateways pose challenges that make this hardware "not necessarily ready for primetime" unless you have the requisite wireless expertise readily at hand. Still, though, you should definitely keep "dumb AP" alternatives in mind for the future, due to easier manageability and possible cost savings.
Regardless of which hardware you plan to deploy, start now to develop a solid but easy-to-update set of wireless policies. With more resources available these days, wireless polices are getting easier to create. As Wi-Fi products enter the enterprise, those policies will become increasingly important to establish.