Next-Generation WLANs: Why the RF Matters
Wireless local-area networks (WLANs) based on the IEEE 802.11 series of standards have emerged as one of the most exciting communication technologies currently available to enterprises. As the business demands increased efficiency and productivity with fewer resources, IT organizations (ITOs) are turning to emerging technologies as a means to this end. However, incumbent WLAN solutions have lagged in their ability to deliver enterprise-class reliability, scalability, security, and management. Next-generation systems will solve existing shortcomings by providing ITOs with a greater view into both wired and wireless domains.
META Trend: During 2003, campus-LAN initiatives that focus on increasing network availability will receive priority over emerging applications (e.g., VoIP). However, network intelligence will enable convergence of voice, video, and data, while increasing the ease of WLAN deployments. By YE03, WLAN standards will converge into dual band, with enterprises relying more on wireless technologies to cut costs and increase productivity. By 2H04, WLAN security will be standards-based and interoperable, as market focus shifts to management and service ubiquity across wired and wireless networks.
The advent of a low-cost WLAN solution based on a single, interoperable Wi-Fi standard paved the way for the explosion of the WLAN market. However, despite the importance of first-generation WLAN products, enterprises should look further and base product decisions on the ability of a solution to meet enterprise-level requirements.
One of the greatest deficiencies of first-generation access-point products is their inability to sense and gather information on what is occurring in the radio frequency (RF) environment around them. This sensing ability is important for numerous reasons. It enables access points to act as the ears of a broader wireless system - one in which the system is able to interpret what is happening within the RF environment and instruct the access points to make any necessary changes. As the amount of interference within unlicensed frequencies increases, ITOs must enhance their view and control over the RF domain to mitigate interference and guarantee optimal network connectivity and performance.
First-generation products have only a basic management framework extending from traditional wired management systems and virtually no management of the wireless environment itself. Many vendors have relied on existing systems management vendors as a means to tie access points into the broader infrastructure management framework. However, this approach remains largely wired-centric and does not provide management of the RF domain. Furthermore, wired SNMP-based management systems are limited in functionality to the basic and often proprietary 802.11 management information base (MIB). Existing WLAN solutions are not optimized to support real-time applications that are mobile across multiple access points or IP subnets.
Security remains a key concern for enterprises deploying WLANs. Indeed, our customer base continues to single out security as the largest inhibitor to broader enterprise adoption. Although many standards are emerging to solve security issues, implementing a highly secure wireless network with first-generation products involves integrating many point products. In this context, the security tends to be highly access-point-centric and lacks the broader system-level view necessary to manage security profiles more effectively.
Similar to Ethernet, the 802.11 RF environment is a shared medium. Unlike Ethernet, the 802.11 RF environment is limited and cannot yet cost-effectively scale to provide segmented bandwidth on a per-user basis. As a result, scalability can be problematic. Although additional standards supporting data rates higher than the 11 Mbps 802.11b standard have been ratified (e.g., 802.11a, 802.11g), first-generation products either offer no support for these standards or are incapable of viewing the RF domain from a holistic system level to enable greater control of transport standards and potentially greater adaptability.
The Wild, Wild West of Radio Frequency
In comparison to existing Ethernet LANs, WLANs have one major difference - they use RF to transmit and receive packets. Although much is understood about the wired Ethernet environment, the predictability of RF characteristics remains an art, at best. To guarantee the level of performance required to support mission-critical applications, WLAN systems must evolve to offer more deterministic characteristics. Unlicensed frequencies are, by their nature, shared environments with no single entity possessing spectrum control. Therefore, WLANs must be capable of sensing and adapting to changes in the RF environment to mitigate interference, be it temporary (e.g., from a moving elevator) or more permanent (e.g., from the new installation of a neighboring access point).
Unlike wired networks, the physical layer of the WLAN extends from the access point in an unpredictable fashion. As a result, enterprises must be concerned with the fact that wireless signals penetrate walls and often surpass the physical limitations of a building. Existing solutions make use of directional antennas to provide some control over the propagation of RF signals.
Given the fixed nature of the 2.4GHz and 5GHz frequencies, WLANs have finite capacity and scalability. Unlike wired Ethernet, which can continually be segmented through the use of switching, WLANs offer an inverse relationship between the number of users supported and the bandwidth available to each user. First-generation WLAN solutions offer limited abilities to react to changes in user densities and generally cannot optimize bandwidth resources effectively. As WLAN load increases, existing products are generally incapable of determining whether neighboring access points are experiencing similar loads or users could be more equally shared across neighboring access points. User load balancing requires a more centralized software control that is capable of optimizing user-to-access-point ratios based on a system-level assessment of network utilization.
Integrating Wireless Into Wired Networks
WLANs have historically remained physically and logically separate from the existing wired Ethernet LAN. As applications deployed via wireless networks move increasingly from the vertical domain to include general business applications, the need to offer a similar set of network services across the breadth of the wired and wireless domains becomes more critical. For WLANs to be truly enterprise-class, they must fit into existing network policies and services rather than force a change in established network design.
Integrating wireless into the existing wired network is critical to providing a high degree of network availability. First-generation solutions are limited in the degree of redundancy they can provide, due to the individual access point operating as a single entity. Next-generation systems will leverage a systemwide monitoring capability to adjust access-point transmit power settings in the case of a neighboring access-point failure. Users may chose to deploy access points in a certain proximity to one another to enable complete coverage in the case of a failure. Although this approach is possible in first-generation solutions, the overarching monitoring and control function to offload users and recalibrate channel and power settings is lacking.
The Evolution to Dynamic, Adaptive Radio Frequency: A System-Level View of Intelligence
During the past year, debates have emerged as to where the intelligence within a WLAN system should reside. Numerous vendors have advocated a lightweight access point, devoid of advanced intelligence, in favor of centralizing the intelligence into a switch or appliance. Others maintain that a feature-rich access point is necessary to support all the current and emerging services required by enterprise-class customers. We do not advocate one approach over the other. Rather, we believe control and management of the wireless system must be centralized to enable the most efficient operation of the system. More critical than specifics on where the processing power is housed (e.g., access point versus switch or appliance) is the level of functionality provided through a holistic software framework. The goal of any WLAN solution must be to provide reliable network coverage in a predictable and easily manageable fashion. To accomplish this, the system must provide enhanced control of the RF medium.
Controlling the Radio Frequency Domain
Most enterprises have already invested in network management systems to improve the control of the wired infrastructure. Generally, the level of expertise within networking teams is relatively high. Much less understood are the principles of managing a wireless environment. Many similarities exist between managing wired and wireless networks. However, users must not underestimate the unique characteristics that a wireless network brings to the management framework.
Leading WLAN solutions will provide the tools required to gather information from the RF domain and apply policies and rules to increase overall system reliability. The ability of the wireless infrastructure to sense and interpret anomalies within the RF environment will become increasingly important as the number of devices and systems operating in the unlicensed frequency grows. This is especially true for deployments in close proximity to neighboring enterprises or where the ITO has limited control of the RF domain. It is important that any decisions to adjust access-point settings due to changes within the RF environment occur at the system level, as opposed to on an individual access-point basis. This is because a change within a single access point has the potential to cause a trickle-down effect with neighboring access points and is much better managed at the macro level.
Real-time monitoring of the wireless domain is an important step in guaranteeing a highly available wireless network. Enabling the system to intelligently react to changes in the RF environment is the next component of the solution and must be given as much attention as the monitoring capabilities themselves. The degree to which a system is able to automate fault resolution varies greatly from one vendor’s approach to another. Furthermore, different enterprises have varying comfort levels in terms of the extent to which they enable the system to automate reconfiguration of access points and changes in policy. Leading systems must have the flexibility to enable manual intervention by a network administrator or provide full automation of self-healing in the event of network failures or changes in the RF environment.
Enterprises should focus on the degree to which the wireless system enables inter-access-point communications, because this is the method by which each access point is able to understand what is occurring within its proximity. This will enable the system to respond in such a way to optimize frequency, power, and bandwidth allocations. As the 2.4GHz and 5GHz frequencies become increasingly crowded with WLANs and other wireless systems, ITOs will require wireless systems that can monitor, sense, and react to changes while maintaining the high degree of network uptime required by current business applications.
The Practical Applications of Radio Frequency Control
We have established that control of the RF domain is critical for next-generation enterprise WLAN deployments. We now turn to focus on the benefits that improving the degree of visibility into the RF domain can present to the overall ease of management and deployment of WLANs.
Perhaps the most important benefit of enhanced RF control is improving the availability level of the wireless network. As businesses continue to deploy applications that are increasingly mission-critical, the network must become more resilient. First-generation wireless networks offered less-than-stellar availability. Each access point had little, if any, knowledge of whether its neighboring access points were operational, thereby limiting its ability to react in case of failure. Next-generation systems will make use of an overarching software framework that senses access-point failures and adjusts neighboring access points accordingly.
By controlling the output transmit power and operational frequencies of each access point, a system is able to allow certain access points to increase power or change channels to fill coverage holes or mitigate interference, thereby increasing network reliability. Furthermore, in cases of access-point failure, a system can instruct certain access points to hand off clients to optimize traffic routing and network load. Finally, access points that have an awareness of what is happening around them are able to detect holes in coverage. Due to the unpredictability of RF coverage patterns, system availability can be dramatically affected by seemingly harmless activities such as the movement of an elevator. Although enterprises should shy away from systems that are overly adaptive, some ability to detect coverage holes and remedy this through increased power output will provide substantial benefit in terms of increasing network uptime.
Having a system-level view into the RF domain is also beneficial when considering the scalability of the wireless network. Next-generation access points will have the ability to offer dual-band connectivity, spanning 802.11b, 802.11g, and 802.11a. Given the finite spectrum available across both the 2.4GHz and the 5GHz frequencies, the goal of any network design should be to optimize the usage of available channels, to provide the greatest amount of bandwidth per client.
ITOs should seek solutions that enable load sharing of client devices within a single location. For example, if an access point is overloaded, due to a high density of users within a single physical location, the system should recognize the fact that a neighboring access point, providing overlapping coverage, could offload some of the client devices to provide a more even sharing of resources. As mentioned previously, this type of feature requires that the access points be aware of what is happening around them and that there be some type of inter-access-point communication that enables greater client and traffic management. This type of approach also enables the system to gather statistics on regular bandwidth utilization and access-point-to-client-device loading and ratios. These statistics may then be used to ensure that the network is designed for optimal performance. The most advanced systems would be able to use this information to adjust power and channel settings to improve coverage or make suggestions as to where the network would benefit from additional access-point deployments.
Traditionally, WLAN deployment has involved extensive site surveys to determine optimal access-point locations based on the physical properties of the building or surroundings. Much of this work was carried out manually and required the use of scanning tools to measure RF output on an individual basis from each access point. Next-generation systems greatly simplify this process, slashing deployment time to a matter of hours. The WLAN infrastructure, in essence, becomes self-calibrating and, with the use of floor plan drawings, can provide accurate simulations of how networks should be deployed for optimal performance. Not only can this feature speed time to deployment, but also it can decrease the cost of implementation and ultimately improve the reusability of the network in the case of moves, adds, or changes.
Each individual access point is automatically assigned a Service Set ID (SSID), a channel (or two), and a power setting. This automatic configuration reduces the need for a network administrator to touch each individual access point, further reducing the cost of deployment. Finally, during the deployment process, each individual access point gathers information on any interfering RF in its proximity. The system is then able to recommend changes in deployment locations based on known interference. Leading vendors will build systems capable of determining the cause of the interference (e.g., other access point, non-802.11 “noise”).
The RF medium plays a distinct role in the overall security of the wireless network. Although the physical layer is not responsible for device or user authentication, or encryption of the packets traversing the air, it can provide important data on potential unauthorized access points or suspicious client device activity. Although many sensor solutions are on the market, most are deployed as an overlay network, as opposed to a single integrated system. The wireless access points should be capable of operating in sensing mode to determine whether other wireless components are configured correctly. They should also be able to report on access points or client devices that have not been sanctioned by the ITO. Ideally, this RF approach to rogue wireless detection should be complemented by a wired-side approach and have correlation abilities to map suspicious activities in the air back to information gathered from the wired environment. This correlation enables the system to determine whether a suspicious access point is attached to the host network or is simply part of a neighboring enterprise’s infrastructure. In addition, the system may perform an intrusion detection and prevention function by continuously monitoring network activity and providing reports on rogue access points, ad hoc networks, denial of service, and “man-in-the-middle” attacks.
Using triangulation and RF diagnostic tools, the system should also be able to pinpoint the location and nature of a potential anomaly, often called “location tracking.” For example, a WLAN deployed within a large enterprise should be able to determine that the cafeteria microwave is on and causing channel interference. By pinpointing the location of the interference, the system would enable IT administrators to confirm that it is in fact the microwave causing the problem, thereby enabling them to remedy the situation. This location capability may also be used to permit or deny access to devices or users based on their location. For example, a network administrator could create rules that would deny network access to a user who is physically located outside the building.
Finally, the RF medium can be exploited as a management plane across the wireless system. Statistics, rules, and policies may be passed between various devices and access points, enabling them to remain current with established network policies. Although the actual management touch points remain decentralized throughout the infrastructure, the management control is centralized to a single point of user access. This RF management approach enables system components to communicate directly with one another and limits the need to traverse the wired network for policy updates and configuration changes.
Although numerous immaturities still exist within many WLAN solutions now on the market, other solutions have emerged that efficiently handle enterprise requirements with systemwide RF intelligence. By centralizing management of the RF environment, security, and configuration, these systems reduce the costs of supporting a WLAN. Enterprises should seek solutions that provide the utmost in investment protection - implying support for all transport standards and proposed security standards. A critical part of the product and architecture selection criteria should center on the WLAN system’s ability to provide greater control of the RF domain. Although the integration of the WLAN into the wired LAN is important for the overall ease of network operations, the ability of a system to remain adaptive to changes in the RF environment will distinguish leading solutions from others.
Bottom Line: META Group predicts that 95% of corporate laptops will ship with Wi-Fi embedded directly into the platform by 2005. As a result, wireless connectivity within the enterprise will become a reality, regardless of whether the business is ready. As enterprises embrace WLANs as an alternative network access technology, they will seek systems that can offer the same level of reliability as existing wired LANs. Next-generation WLAN systems should require no change to incumbent network policies, supporting exactly the same set of business services as previously available in the wired world.
Business Impact: Wireless networks require greater manageability and security to support business applications reliably and predictably.
META Group originally published this article on 27 January 2004.