Understanding Your WLAN Management Options

By Charlie Schluting | Dec 29, 2009 | Print this Page
http://www.enterprisenetworkingplanet.com/netsysm/article.php/3855716/Understanding-Your-WLAN-Management-Options.htm

Managing your wireless infrastructure is like managing any other network equipment, except that wireless access point devices often far outnumber the amount of existing switches or routers. Providing wireless access instantly means you're managing two to three times more devices. More devices to update, configure, and manage.

And then you must worry about coverage overlap and channel assignments to ensure reliable service. Don't forget about security, or rogue access points, either. Managing a wireless network is just as time consuming as the wired network in most businesses, but just because you add wireless capabilities doesn't mean you get twice as many staff.

The good news is wireless management does not necessarily mean logging into each access point manually to perform configuration changes or firmware updates. If your environment is a one-vendor network, wireless management products the vendor provides for their own access points often provide a single point of management and control, and are well worth investing in. Mixed product environments also have the option to purchase various third party products that claim interoperability.

In this article we will explain what types of wireless management solutions are available, and next time we will touch on the features of a few specific products.

Features

Wireless management is a broad term, that means many things to different people. Central management, for one, lowers IT staff costs and provides better control over a wireless infrastructure. Centralized control over access points is also advantageous for security management as well. Here are a few things that can be accomplished if the entire wireless network is controlled from a single point:

  • Plug-and-go new access point deployment
  • One-click configuration updates across all devices
  • One-click firmware updates across all devices
  • Quick VLAN and SSID deployment
  • Security monitoring for detectable threats such as:
    • sniffing
    • rogue access points
    • intrusions

Network optimization when access points can see each other include:

  • signal power adjustments
  • wireless channel optimization
  • interference isolation

Aside from being able to deploy access points quickly and manage them from a central location, some products actually provide very advanced tools for securing and optimizing the network. These are normally the "thin client" style of access point controllers.

Thick or Thin

In the vendor-specific space, you also have the option to use dumb, or thin client, access points. Cisco, Aruba Networks, and others have products that allow for more than just centralized management. Thin client access points do not require logging in to each device to configure. They boot, grab their configuration from the central server, and begin operating. The distinction here is that the central management device (often called a wireless network controller) is not simply logging in and running commands, it is providing the configuration and firmware remotely at boot time, and actively communicating with the access point to get stats once it is running.

Normal, or "thick" wireless access points are the full access points one expects. To manage these devices centrally, you must purchase software or write scripts to login and execute commands on each device individually. The benefit to standalone access points is that they do not require a controller device be available to operate, so there is no single point of failure.

The big advantage of the thin client model is that a central point knows how each device is configured, and can adjust it in real-time to cope with changing conditions. If an access point dies, it can boot power on other nearby ones. If a rogue access point is detected, it can effectively knock it offline using nearby access points to deploy nasty tricks to make it unusable.

Vendor Neutrality

With the thick, or "full access point" model, many vendors do provide centralized management tools that remotely login and configure access points automatically. If, however, you have multiple brands of access points, all hope is not lost, as a few products do exist that centrally manage a variety of access points. One example is the WiFi Manager from ManageEngine.

Purchasing a product that claims to manage your multi-vendor infrastructure is always frightening. Even with a list of compatible products, you never know if every feature is supported on each platform. When upgrading, you must choose carefully to ensure your management software supports access points you wish to purchase, and supports it completely.

Assuming you find some management software that works with your existing access points, this option could be a lifesaver. You aren't committed to a single vendor, and you can later deploy new access points from various vendors depending on your needs and budget.

If you are not fundamentally opposed to vendor lock-in and are not budget constrained, the path of least resistance is certainly to stick with one vendor's access points managed by that vendor's access point controller or management software. There is almost zero chance of compatibility problems that usually exist with third party solutions. Most businesses start by purchasing a few access points and managing them like any other network device (logging in to configure and perform firmware updates), but often finds the number access points quickly increasing.

Thinking about a network-wide solution from the beginning allows you to choose the appropriate vendor to be locked in with, or access points that support your management software of choice.