Wireless Past, Present and Future.

University of AucklandRobert Beattie

Campus Environment

We are a small town in the Auckland area.

4,000 plus staff.

30,000 plus students.

4 main campus sites

300 plus building and structures.

Infrastructure

Telecommunications

HVAC

Water

Sewage

Power

TelecommunicationsThe University of Auckland has a history of investment

in infrastructure technology.

VM (virtual machines)

EVF (virtual firewalls)

Metro Area Networks.(10Gb)

Wired Networks.

Wireless Networks.

Wireless is not new

Telemetry.

Point to Point links.

Wireless access points.

Special projects.

Why is Wireless so popular? Freedom

New way to deliver information

Students

Faculties

New devices are wireless capable.

Potential cost savings

Over the past few years Explosion in Wireless equipment.

Seen as new by the general public

User awareness of wireless.

AD HOC installations.

No Security.

Chaos

Bringing order to chaos Working group

Technology choice

We chose thick AP

Web site

User, client documentation

Standards and Security

Where we installed Wireless Common areas

Library

Lecture theatres

Meeting rooms

Office areas

Lessons learned from the project Client set up is not user friendly.

Issues with end user devices.

Network Access Points (AP) are easy to steal.

Communication with the community is vital.

Wireless is largely about where we put the Access Points and how we physically secure them.

Lessons learned from the project

Limited channel capacity.

Bandwidth will be a challenge. Manual site survey and deployment are labour

intensive.

Need to cost effectively increase AP density and find a way to load balance traffic.

User feedback General satisfaction with the system

They want more

No issues with throughput

Too expensive

Connecting to network could be improved.

Easy access for guests needed.

Some lectures believe it is disruptive technology.

Users want some changes Implement a guest system.

More throughput

More coverage

Make it all free

Ease of use for authentication and encryption

Self service model

When planning to deploy Wireless ensure that you know How much bandwidth is available.

How secure is wireless

Who are the users

What equipment is needed

How you will manage the Wireless System

Radio Spectrum

o Radio Spectrum is a limited resource.

Microwave band

ISM Band2.4Ghz

UNNI Band5.8Ghz

Current Wireless Standards 802.11b (2.4Ghz).

Highly prevalent (Most laptops used to ship with a b card)

Many devices operate in this spectrum Approximately 6-7 Mbps throughput.

802.11g (2.4Ghz). Highly prevalent (Most Laptops now ship with a G

card) Many devices operate in this spectrum Approximately 22-27 Mbps throughput, but default to b

if a legacy 802.11b client associates.

Emerging Wireless Standards 802.11a (5.8Ghz).

Less prevalent (A cards usually have to be selected) Less crowded air space, higher number of clear channels Approximately 22-27 Mbps throughput.

802.11n Not a ratified standard. Proprietary solutions predominate Promises longer range, and higher data rates (480 Mbps of

throughput) Not always a reality

802.16 “WiMAX” Very new technology Designed for “last mile” access. Has no support for “Roaming” at this point. In draft form.

How secure is Wirelesso Security

o Rotating 128bit WEP keys with TKIP and LEAP/EAP.o Wireless network has its own VLAN

o Authentication o 802.1x for authorisation.o LDAP for access to Net Account

Securing your Wireless What is your goal with security?

Keep non-university users off the network Prevent users from seeing each others traffic Prevent users connecting to each other over wireless. Access control on a user basis Keep viruses off the network

The answers to those questions determine what type of security you should implement

The more security you implement, the more steps you require your users to follow, the less user friendly more it becomes

Who are the users

Students Staff

Guests

Traffic PlanningLow traffic Many usersCoverage based

Heavy traffic Few usersTraffic Based

Wireless Architectures

Blanket coverageUsing large gain APs or

Multi-radios AP’s to cover spaces

Thin AP’sEach AP connects “Physically or logically” to a central controller. The controller manages the APs

as a complete group.

Thick AP’sEach AP is a complete

autonomous unit. It operates and is managed individually

Present

Under development

Future

An example

Average throughput of a 802.11g AP is 22-27Mbps.

Average Class size is 30 Students

Assuming every student is downloading a file at the same time, it works out to about +/-1Mbps per student.

So you would deploy 1 AP for this classroom.

Site Survey Site Surveys are essential for any well planned

deployment.

Software can be purchased that will perform a “theoretical” survey. However, software does not provide all the answers.

Time spent in undertaking a physical survey is time you don’t have to spend diagnosing problems.

“ Get it right the first time”

Installation Wireless AP are attractive items

Discrete installs

External aerials

Aesthetics

Accessibility

Centralised Technical ManagementFor successful wireless systems you must…….

Centrally manage the technology platform

Security

Coverage

Forward provisioning

Manage the air space

Proactively management of the network

Decentralised Service ManagementFor successful wireless systems you must enable the user to

manage the service layer.

Self service

Enable the faculties

Enable conference organisers

Visiting guests

Meeting rooms

Contractors

Wireless VisionProvide wireless access with simple plug &

play capabilities that require no laptop or device re-configuration and no IT skills or resources to establish the connection.

“Its got to be easy to use”

Central controller

Enterprise Network

DMZ

Wired Guest

WiredEmployee

Wireless Guest

Wireless Employee

Internet

Wireless ArchitectureThanks to Cisco Systems

Guest client connection process

Central controller

Wired or WirelessNetwork Internet,

E-mail, VPN, etc.

1. Guest starts web browser

2. Controller redirects to self service portal screen

3. User enters choice and authentication information

4. controller authorizes the user, establishes connection, and accounts for usage

5. End user free to browse the Internet, E-mail, VPN, etc.

Self Service“Just click on the services you want”

• Access Codes• RADIUS• Prepaid• Credit Card• Hostel PMS

Thanks to Cisco Systems

Eduroam

o International Education inter-institutional roaming.

o A guest access mechanism.

o Allows visitors to use their own credentials to access agreed services from your network.

o In the process of being configured.

Challengeso Predictable wireless performance.

o Cost effective deployment model

o Robust multilayered security

o Technology churn.

o Can the existing investment grow to meet future service demands?

Future trends New technology will replace or supplement current 802.11

types.

There will be many more highly portable device types on the campus, possibly in the thousands

Some areas will be totally wireless.

There will be wireless telephones in use.

Roaming will be important.

The PABX, WLAN and Mobile Networks will converge.

The end