HiWP Technology Rev1 PDF

BELDEN
SENDING ALL THE RIGHT SIGNALS

HiWP
HiWP
Hirschmann WLAN Professional i
1
JEN Agenda
• Basics
• Standards
•Data rates
•Operating Modes
• WLAN Models
•Science Stuff
• Antenna Types
• Antenna Selection Criteria
•Topologies
2
SENOING AU THE RIGHT SIGNALS
WIRELESS BASICS
3
Uses
• Untethered device/network access (roaming

clients)
•Replace standard cabling to reduce installation

costs
•Installations where standard cabling is not

possible
•Temporary Installations
As wireless technology is being refined more and more, it becomes a more

affordable, reliable solution to applications that before would be unfeasible. Either
physically or financially. We can now get useful data to and from places before
would be unthinkable. From the bottom of a mine shaft, across a factory floor,
around a mountain, even easily across a body of water without costly cables or
fiber runs.
4
4 Seamless Wired and Wireless
By utilizing standards based wireless products, you have seamless

integration between your devices.
With 802.11 wireless ethernet, we can seamlessly, invisibly and reliably integrate
data connectivity into new or existing networks.
Wireless Lan’s generally provide one of two roles:

Access Role – they provide wireless access to a wired resource or network
Distribution Role – they are used to extend or join multiple wired networks to
provide seamless connectivity
5
Nj CSMA/CA
Duplex - Explained
O Half Duplex - A device can only send or receive at a

given moment
O Full Duplex - A device can send and receive at the

same time
O Think of Half Duplex as a two way radio - Only one

person can talk at a time
O Think of Full Duplex as a cell phone - each person can

talk and listen at the same time
6
BELDEN Access Methods
•In wireless networks , collisions are always

possible. There are two methods used to help
avoid collisions.
• CSMA/ CA : Carrier Sense Multiple Access w/Collision

Avoidance
- Devices check to see if the medium is in use before
transmitting
- 2 internal timers present must both be counted down to 0
before transmission can take place (IFS, Random Back-off
Times)
• RTS/CTS : Request to Send/Clear to Send
- Devices send a “ Request to Send” message to the Access
Point
- When the Access Point is free to receive, it sends a “ Clear to
Send” message to the network so the device knows it is clear,
and the other devices know to wait
CSMA/CA is not necessarily the best method of collision avoidance, but it is the fastest with
less latency and overhead. Because of this, it is the default choice on a WLAN, unless
specific problems are detected.
7
m
SENDING All THE BIGHt SIGNALS
L. Hidden Node
s*
’ N
/
x* N •» \
/ \
S
/ S
/ \
/ \
V \
/ '
x •s \
/
\ \
/ / \ \
/ / \ \
/ / / s \
\
/ / /
/
\ \
/ / \
/ \ \ l
/ / S \
/ / \
I I I \
\
I I i / I
l
l
: I l
\ / /
\ \ I I i
\
\ \ s / / / /
\ \ /
\ / / I
\ \ / /
\ \
/ /
\ /
\ s /
\ / /
\ /
\ / /
•
/
/
\ /
/
V /
'
x /
8
m
L. Hidden Node
s*
’ N
/
x*
N •»
/ x
' S
/ s
/ V
/
V
/ '
x N
/ \
/
/ /
/ /
/ / / s
/ / /
/
/ /
/ \
/ / s
/ / \
I I I
I I i /
l
l
:
\ / /
l \
\ /
\
\ \ s /
\ \ \ /
\ \ /
\ \
\ \ s /
\ \ /
/ /
\ /
\
•
/ /
/
V /
\
'
x /
9
N Wireless Operating Modes
•The 3 possible modes of operation in a wireless

network are:
• Access Point
• Access Client
• Point to (Multi) Point
•In most all instances, the application

requirements will clearly dictate which mode will
be needed.
10
BELDEN
StNtXNC AUIHE RttHI SIGNALS
Wireless Operating Modes
• Access Point
• A wireless infrastructure device (such as a BAT)

e e
• Creates the wireless network and defines all aspects of the
wireless network .
• Allows clients of all forms to connect to the wireless network

(laptops, barcode scanners , smart phones, tablet PC’s... )
• Defines any encryption methods and keys
• Defines which channel ( or frequency ) the wireless network

transmits on
‘- V
.
• Defines the SSID (Service Set Identifier ) ...
Other things the access point can control would be:

- MAC filtering
- Radius Authentication
- Per client bandwidth limitations
- Number of clients that can connect
- Firewall rules…
11
BELDEN
SEN01NG All THE RIGHT SIGNALS
Wireless Operating Modes
•Access Client
A wireless device designed to connect to a wireless network
(Laptop , tablet PC , barcode scanner or possibly a BAT
configured as an access client)
Per the 802.11 standard, client’s can only connect to an Access

Point ( although some “ Ad Hoc” solutions are available from some
manufacturers)
A client can only connect to one wireless network at a time
In an ESS (Extended Service Set), clients are allowed to roam

between different access points (if the clients supports this
feature)
y
Ah Hoc – 2 clients can connect to each to form a PAN (Personal Area Network)
An infrastructure device (Such as a BAT) running in access client mode is best suited for
applications where a single wired device is connected. Per the 802.11 specification the
client device performs a “MAC masquerading” functionality which may pose some issues in
some layer 2 discovery programs.
12
BELDEN
StNtXNC AUIHE RttHI SIGNALS
Access Client - MAC Masquerading W
Source:
MAC: 00:80:63: AA: BB CC 00:80:63:DD:EE:FF MAC: 00: 80 63 DD EE FF
Destination:
00:00:BC:11:22:33
Source:
Access Access 00:00:BC:44:55:66
Point Destination:
Client 00:00:BC:11:22:33
D9
Si
Si
MAC: 00: 00:BC:11:22:33
II
MAC: 00:00:BC: 44: 55:66
Some discovery programs that operate at the datalink layer (such as HiDiscovery) will not
be able to find more than one device connected to a client due to this MAC masquerading.
Also note, this is NOT a Hirschmann issue, ALL clients perform this function.
If the client AND access point are BAT devices, a proprietary work-around called “Client
Bridge Support” can be used
13
M BSS ( Basic Service Set)
• Basic Service Set
• A single access point and all of it’s connected clients
• Most basic form of a WLAN (Wireless LAN)
• Clients can intercommunicate (in most cases)
• No roaming can happen
14
BELDEN BSS ( Basic Service Set)
' '
SSID: Hirschmann
Frequency: 2.4GHz
Channel: 1
Encryption: WPA/AES
Encryption key: supersecure
Access
Point
Wireless
i
Wireless
M Wireless Client
Client
'
f Client
In order for a client to connect to a WLAN, at a MINIMUM, the following must match
between the AP and the client:
- SSID
- Frequency/Channel being used for communication
- Encryption type and key
***Further criteria may be needed depending on the configuration of the AP
The access point will send out beacon frames containing:

- Configured beacon interval
- configured SSID
- BSSID
- Supported data rates
Default time interval is 0.1 seconds (100ms)
15
m Connection Phases
SENDING AU IHE RIGHT SIGNALS
Authentication and association
mobile station access point
1 probe request
>
2. probe response
<•
3. authentication open seq:1 _ >
4. authentication open seq:2
<
5. association request
>
6. association response
«
7. data
<
- Unauthenticated and unassociated

- Authenticated and unassociated
- Authenticated and associated
16
M ESS ( Extended Service Set)
• Extended Service Set
• Multiple interconnected access points sharing an SSID

and all of the connected clients
• Allows for soft roaming clients
• Used for large area coverage where constant connectivity

is required and not able to be facilitated with a single
access point
17
m L. ESS ( Extended Service Set)
SENDING All THE BIGHI SIGNALS
LAN
APP 3 IAPP
Acces Acces Acces Acces

Point SSID: Hirschmann
Point SSID : Hirschmann
Frequency: 2.4GHz Frequency: 2.4GHz Frequency: 2.4GHz Frequency: 2.4GHz
Channel: 1 Channel: 6 Channel: 11 Channel: 1
Encryption: WPA/AES Encryption : WPA/AES Encryption: WPA/ AES Encryption : WPA/AES
Encryption key: Encryption key: Encryption key: Encryption key:
supersecure supersecure supersecure supersecure
Wireless
1
Wireless Wireless
Client Client Client
In the Extended Service Set:

- All access points share the same SSID, encryption type and key but operate on different
channels
- When a client connects to an AP , the AP announces this to the other AP’s using IAPP
(Inter Access Point Protocol) messages. This allows the clients to roam between the
access points without needing to reauthenticate to each AP as it roams.
- Can also be used with a WLAN Controller for ease of administration/faulty device
replacement and add additional features to the WLAN
18
m L. ESS ( Extended Service Set)
SENDING All THE BIGHI SIGNALS
LAN
APP 3 IAPP
Acces Acces Acces Acces

Frequency: 2.4GHz Frequency: 2.4GHz Frequency: 2.4GHz Frequency: 2.4GHz
Channel: 1 Channel: 6 Channel: 11 Channel: 1
Encryption: WPA/AES Encryption : WPA/AES Encryption: WPA/ AES Encryption : WPA/AES
Encryption key: Encryption key: Encryption key: Encryption key:
supersecure supersecure supersecure supersecure
Wireless
1
Wireless Wireless
Client Client Client
Thin AP Model:
- The AP’s search for the WLAN Controller
- Once found, the WLAN Controller will give out a pre-determined config to the AP
- Firmware updates, config changes are all handled through the WLAN Controller
- If an AP fails, upon replacement the new unit finds the WLAN Controller, gets a config
and viola’
- It is also possible to have a Backup WLAN Controller for added redundancy
- From a security aspect, the controller configs can be set so once an AP gets a config it
will maintain this config for a certain amount of time, or until it loses power, or
immediately after losing communication to the controller.
19
4J IBSS (Independent Basic Service Set)
•Independent Basic Service Set
•“ Ad-Hoc mode”
•Decentralized architecture
• No access point or infrastructure devices
•Client to client communication (1:1 only)
•Supported by 802.11b only (standardized)
20
Point to (Multi) Point
•Infrastructure only mode
•Statically defined Access Point to Access Point

configuration
•Used for dedicated wireless “ backbone”
•Transparent to end devices
21
n L. Point to Point
5GHz
Channel 165
Encryption: WPA2/AES
Master Key: supersecure Slave
P2P Partners: P2P Partners:
Site B Site A
Site A Site B
r Physical WLAN settings - WLAN interface
I
Operation Rado I Performance -
Portto Port Jcientmode
--
f~1Point to Point partnm7H>?P?1 &int te>- Pni .-
PorttoPort flams ;
^ - 1
Enable ths Port -2 -Port charnel
-
Poentto Port operation mode:
Erter the WLAN access port lo be rterconnected via
© Off •TV«s access point can only commirecate vrth moWe Pcrtto-Port connection here
stations
Recognize by.
© On - Ths access port can also comriKneatevrth other access MAE address
ports to connect several local wreless networks
0 Slaton name
a Exclusive • Tho access port can only cornmmcate wth other 1 / Senal autocor/igmticn
access ports, mobfc stations cannot connect to this access
port frxjre WLAN bridge)
you use reeognbon by IMC addess . erter the WLAN
adapters MAC address and not the device MAC iaddess
Station name : SITE-A
oooooooooooo
(y Corfigwethe Portto-Point partners outsrie ties dialog n the
^
cooespondng table
Station name SITE-8
0 Do not forward between P2P Inks on the same rterface OK

Channel Selection Scheme: Master
OK | | Cancel .
In a point to Point model, all units are configured as access points. They must share:
- Frequency and channel
- Encryption type and key
SSID is irrelevant in P2P mode
1 unit is defined as the “Master”
The rest are defined as “Slave” units
Each unit gets it’s own “Station name”

They are then set with the partners they will communicate with (P2P partners)
Partners are defined either by MAC address or their station name (station name is
preferred due to ease of faulty device replacement)
22
m Point to Multipoint
Slave
P2P Partners:
Site A
5GHz Site B
Channel 165
Encryption: WPA2 /AES
Key: supersecure Slave
P2P Partners:
Site A
Site C
Slave
P2P Partners:
Master Site A
P2P Partners:
Site D
Site B
SiteC Slave
SiteD P2P Partners:
Site E Site A* Site A
Site F Site E
SiteG
Slave
:ll^ J / Site
P2P Partners:
A
Site F
Slave
P2P Partners:
Site A
SiteG
- Up to 6 slave access points can be connected to a single Master access point (as of
HiLCOS 8.52)
- The master and ALL slaves share the same channel, and as such the bandwidth is shared
as well. This is a design criteria that must be paid attention to
- All units share the same encryption type and key as well
23
N WLAN Models - Summary
•If the application requires clients to connect

(laptops, notepads . ..), the access point/access
client model will be used
•If the application has moving clients , and the area

is too large to be covered by a single access
point, the access point/access client will be used
in an “ ESS” configuration
•“ Site to site” or “ building to building” connectivity

would use the Point to (Multi) Point model
24
BELPEN
WIRELESS STANDARDS
25
: dI>1: j Wireless Standards
-CT J
802.11a
802.11b
802.11g
802.11n
802.11e
802.11h
802.11i
26
N 802.11a
•5GHz Operation
• Up to 54Mbps data rates
• Up to 12 “ non-overlapping” channels
•20MHz channels
•Very commonly used for wireless “ backbone”
connections
- The 5Ghz frequency band is not very crowded, so the possibility of external interference
is greatly reduced
- Also because all 5GHz channels are “non-overlapping”, if external interference does
become an issue, it is very easy to work around
27
N 802.11b
•2.4GHz Operation
•22MHz channels
•Very inexpensive and requires very little power
- Because 802.11b is very inexpensive and requires very little power, it is still commonly
used in hand-held, battery powered devices such as barcode scanners
- The 2.4Ghz band is very congested with other devices, cordless phones, bluetooth,
microwave ovens… so outside interference can be a big issue. Also as there are a
maximum of 3 non-overlapping channels, this issue can become very hard to work
around
28
N 802.11g
•2.4GHz Operation
•22MHz channels
•Can operate in mixed mode with 802.11b devices
- Very popular for higher end handheld devices, such as smartphones, laptops, tablets…
29
802.11n
•2.4GHz or 5GHz
•Supports MiMo (Multiple Input Multiple Output)
•20MHz or 40MHz channels
•Frame Aggregation (increases throughput)
•Works very well in highly reflective areas due to
MiMo support (vs. 802.11a/b/g)
30
802.11e ( WMM/WME)
WMM - Wireless Multi-media

WME - Wireless Multimedia Extensions
• QoS for wireless
• 4 priority queues
- AC_BE: Best effort
- ACJ3 K : Background
- AC_VI: Video
- AC_VO: Voice
• Enables “ power-save” features
Originally WMM, later changed to WME, both are one in the same
31
N 802.11h
• Primarily a European Standard
•Implements TPC and DFS (Transmit Power

Control and Dynamic Frequency Selection)
•Allows 5GHz operation in areas where radar or

satellite communication could interfere with
wireless
32
802.11i
•Wireless security standard
•Details WPA 2 encryption method
•Uses AES cipher (Advanced Encryption

Standard)
• Highest level of non-proprietary wireless

encryption
• Always recommended to use if possible
33
MiMo
Multiple Input Multiple Output

• 802.11n allows for NxM spatial streams
• BAT300 products support 3x3 (3 output x 3 input)
Stream 1
Stream 2
Stream 3
Increases bandwidth
Also improves performance in highly reflective
areas
34
BELDEN
SCNOtNCAUIHEMSHTStSNAlS
MiMo - Multipath
// / / /
A 1
m
•• •
% irr.
M
UIMOAP 802.1 In
*
>.
B 2
\\\\\
- Vs. 802.11a/b/g, MiMo allows for roughly a 10db better signal strength
35
BELDEN
SCNOtNC AU IHE RISHI SIGNALS
Standards Overview
TABLA PARA EXAMEN !!!ESTUDIAR
Frequency 5GHz 2.4GHz 2.4GHz 2.4/5GHZ
Data Rates 54Mbps 11Mbps 54Mbps 600Mbps
Modulation OFDM DSSS OFDM1 QAM, QPSK ,

BPSK
Transmit 1W2 10OmW2 10OmW2 lOOmW/IW2
power
Max non ¬
19 3 3 3/193
overlapping
channels
1 – DSSS is also used in 802.11b compatibility mode

2 – Output power varies by country
3- depending on channel availability per country
BELPEN
CHANNEL ALLOCATIONS
37
BELDEN
SENDING All IKE RIGHT SIGNALS
2.4GHz Channels
ESTUDIAR!!! Per 802.11 standards
2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472 2.462
I
5
I I
\ I
10
I
il 4
i i i I I
9
I r ri
3 8 13
i i [ i i i i f
2 7 12
i r j i i i i i i i i
1 \ / 6 \ / 1 1
- Each channel center frequency is separated by 5MHz

- And as mentioned earlier each channel has a frequency width of 22MHz
- As such you can have a maximum of 3 non-overlapping channels
38
.
k
Available U.S. channels (per FCC)
2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472 2.462
1 1 1 1 1 1 1 1 1 1
m mm
5
i ^ HIT O
t 3 |i 8 1
2 U 7 \
] \ / 6 \ / 11 \
- Each channel center frequency is separated by 5MHz

- And as mentioned earlier each channel has a frequency width of 22MHz
- As such you can have a maximum of 3 non-overlapping channels
39
BELDEN
2.4GHz Channel Usage
**
1 6
11 1
Because of the overlapping with 2.4GHz channels, proper planning and usage is a MUST for
2.4GHz channels
40
n L. 5GHz Channels
Per 802.11 standards ESTUDIAR!!!

Band Channel Frequency (GHz) Use
36 5.180 Indoors
40 5.200 Indoors
UNII-1 5.220
44 Indoors
48 5.240 Indoors
52 5.260 Indoors/DFS *
64 5.320 Indoors/DFS*
100 5.500 DFS
104 5.520 DFS
108 5.540 DFS
UNII-2 112 5.560 DFS
116 5.580 DFS
120 5.600 DFS
124 5.620 DFS
128 5.640 DFS
132 5.660 DFS
136 5.680 DFS
140 5.700 DFS
149 5.745 149
153 5.765 153
UNII-3 157 5.785 157
161 5.805 161
165 5.825 165
41
n L. 5GHz Channels
Available U. S. channels (per FCC)

Band Channel Frequency (GHz) Use
36 5.180 Indoors
40 5.200 Indoors
UNII-1 5.220
44 Indoors
48 5.240 Indoors
UNII-2 60 5.300 Indoors/DFS *
149 5.745 149
153 5.765 153
UNII-3 157 5.785 157
161 5.805 161
165 5.825 165
42
Channels/Output Powers
_
10 BAT-ti SBS7C0 Confaufor*on
how ulan
Channels Allowed By Regulatory Donain
Country Setting: Europe

Indoor -Only Operation: No
.
Allowed Channels for 2,4 GHz Operation:
.
ChanneKs ) 1< 2412 HHz ) 2 < 2417 HHz ) 3 < 2422 (1Hz >, 4 < 2427 HHz >, S < 2432 HHz )
>, 12(2467 .
HHz ) 13 < 2472 HHz ):
. .
6 (2437 HHz ), 7 < 2442 HHz ) .
8 < 2447 HHz > 9 < 24S 2 HHz >, 10 < 24S7 HHz ), 1K 2462 HHZ
EIRP linit 18 dBn < CCK >, 20 dBn ( OFDH )
.
Allowed Channels for 5 GHz Operation:
ChanneKs ) 36(5180 HHz ) 40 < S 200 NHz >
EIRP linit 23 dBn
. 44 < S220 HHz ), 48 < S 240 HHz ):
regulatory requirenent < s >:
indoor-only usage
configuration requirenent ( s ):
Indoor -Only-Operation nust be enabled
. .
ChanneKs ) 36(5180 HHz ) 40 < S 200 HHz ), 44 ( 5220 HHz ), 48 ( 5240 HHz ), 52(5260 HHz ), 56(5280 HHz ) 60( 5300 HHz ), 64 ( 5320 HHz ):
EIRP linit 23 dBn
DFS is enabled ( EN301893 -U1.6 on ULAN-1, EN301893 -U1.6 on ULAN-2, load threshold is configured to 80z >
regulatory requirenent ( s ):
indoor - only usage
naxinun frane transnission tine 10000 us
.
Indoor -Only-Operation nust be disabled
ChanneKs ) 100( 5500 HHz ) 104(5520 HHz ), 108 (5540 HHz ), 112(5560 HHz ), 116(5580 HHz ), 132(5660 HHz >, 136(5680 HHz ), 140(5700 HHz ):
EIRP linit 30 dBn
.
DFS is enabled ( EN301893-U1.6 on ULAN-1 EN301893-U1.6 on ULAN- 2, load threshold is configured to 80x >
regulatory requirenent ( s ):
naxinun frane transnission tine 10000 us
Indoor -Only-Operation nust be disabled
ransnit Powers Ooer Interfaces And Rates
3
ULAN-1 ULAN-2
20 dBn 20 dBn
20 dBn 20 dBn
20 dBn 20 dBn
20 dBn 20 dBn
20 dBn 20 dBn
20 dBn 20 dBn
18.5 dBn 18.5 dBn
17.5 dBn 17.5 dBn
tate of Aggregation ouer peers
eer Address Dir TID BPending HUBusy Sin BOut State
J\ MinSCMMANN OK Cancel
Via CLI:
- Set country code:
cd /setup/WLAN
set country ? (show list of countries)
set country XXX (XXX = number code for the appropriate country)
- Show WLAN Information for specific country code:
show wlan
43
ANTENNA SELECTION
44
• Omni directional antenna (Dipole)
• Horizontal 360° , Vertical up to 360°
• Used for mobile installations or cover areas (e.g. mobile phone)
• Lowest antenna gain, passive gain typically 3-6 dB
• Sector antenna (Semi directional)

• Typically symmetric horizontal and vertical from 45° -120°
• Used to cover areas (e.g. rooms, production halls, open places)
• Mid range antenna gain, passive gain typically 6-14 dB
• Directional antennas (Highly directional)

• Typically symmetric horizontal and vertical from 1° -18°
• Used for directed point to point connections over several Kilometers
• Highest antenna gain, passive gain typically 18-30 dB
Omni Directional Antenna:

Typical radiation pattern looks like a doughnut
Should be placed in the middle of the room, because it is covering the area in all directions
Sector Antenna:
Typical radiation pattern looks like a pice of cake
Should be placed in the corner of the room, because of it‘s radiation pattern.
Antenna types of this category are Yagi, Grid, Patch and Panel Antennas.
Directional Antenna:
Typical radiation pattern looks like a baseball bat.
There are special types like grid antennas (Yagi or Grid antennas) there biggest advantage is
the resistance to wind.
45
N Antenna Types
•Polarization
• Orientation of the RF waveform leaving the antenna

- Vertical
- Horizontal
- Circular
• Sending and receiving antennas should be the same

polarization for good results
• Reflected RF waves with have altered polarizations
46
Omni-Directional
•Typically used for area coverage
•Lower gain (shorter distances)

0 0
-20 30 -3D 30
%
R -V y.
l -150
150
Horizontal
150 -150
»
150
Vertical
150
Typically 3dbi – 8dbi gain
47
Sector
Wide area coverage
Typical slightly higher gain than omni-directional
-60
3o
'
eoi *
Horizontal Vertical
Typically 6dbi – 12dbi gain
48
Nj Medium Directional
• Higher gain levels
T
" Tighter radiation patterns
M
»
•> "" 40 » fa
-
' i
K
*
. / V !
.
/ \
N
«»/
*
ML* J / < \ 1 /.x \ \

\ /
/
r r
-
:
( i T
3}’
T I
'
v.
» « T
- <
l/J
/ ' ‘
M
> «
-< .
-
>«
Horizontal Vertical
Typically 14dbi – 18dbi
49
Highly Directional
•Highest gain levels
•Very tight radiation pattern

ft
- , «
T 1
«»' • » ,w
IX «t IX «
Horizontal Vertical
Typically 19dbi - 25dbi
50
Specialty Antennas
Leaky Coax Omni - Hemispherical

• Length of coax cable designed •Ideal for AGV’s or other
to “ leak” in a controlled pattern roaming clients
the length of the cable
• Ideal for conveyor, rail or mining •Low gain, low profile

applications
(XM* contactor
iCoeor* too
ln>Mf CO
*
(COOM> <
r>
51
Selection Criteria
•Gain must be enough for the distances needed
•Coverage pattern must meet application needs
• Physical security
•Down tilt angles must be sufficient
52
BELIE EN Gain
Highly Directional
f -
Sector
? -o —
Using the Hirschmann WLAN Distance Calculator or up coming BAT Planner you can
determine what antenna gains may be needed
53
Coverage Pattern
Sector
Antenna 45-
6
90°
Assembly line
Assembly lines may include video control to scan barcodes from parts of the final products.
The antenna should cover the needed area. In this example there is a potential to use a
antenna with much lower horizontal and vertical angel of beam.
BELDEN Coverage Pattern
r
Sector
l rS (
AGVs or normal vehicles
rS 1 rS
v_ y
Antenna 75-
9 °
° n
1 1
1 1
A sector antenna is used to cover the whole hall. The vehicles are using a fixed
omnidirectional antenna e.g. to transmit provisioning data or to steer avgs around the hall.
BELDEN
Physical Security
»
*
Store
IT ClosetI
AP using Omni - directional Antenna
- As an example, assume a store wants to add wifi access for in-store use only. It would be
relatively easy to simply choose an omni-directional antenna to ensure store coverage
- If someone has access to the RF signals, i.e. a hacker, they can then start to try to
penetrate the wifi network
- In this case, the parking lot has very good access to the network and would be an easy
target
56
BELDEN
Physical Security
» »
Store IT Closet
AP using Sector Antenna
By choosing a sector style antenna, we can get just as good store coverage, more than
likely better performance, since the sector style antennas typical have a slightly higher gain
than omni-directional antennas, and also eliminate the unnecessary “bleeding” of the RF
signal into unneeded areas. If a hacker would want to try and penetrate the network in this
scenario, they would more than likely need to be in the building.
57
: qlm
Down -tilt angles
10 Meters
m
Each antennas radiation pattern MUST reach the opposing antenna to facilitate
connectivity. If one antenna is at a higher elevation, the antennas must be angled toward
each other
58
BELDEN
Down-tilt angles
**
In this example, using directional anntennas between 2 points the solution is very easy. But
let’s assume a more complex scenario…
59
BELDEN
Down-tilt angles
**
Repeate
Station
Location 1 Location 2
How would we choose antennas for this scenario

- The customer wants connectivity between Locations 1 & 2, but there is an obvious
obstruction in between
- The logical choice would be create a repeater station to work around the obstruction
- What about antenna types? Omni Directional, directional?
60
BELDEN
SENOING All THE RIGHT SIGNALS
Down-tilt angles
**
Repeate
Station
Let’s assume using Omni-directional. This is usually the first thought as it gives good
coverage, and is usually a novices first “catch all” choice
61
RELC EN Down-tilt angles
Repeate
Station
Let’s assume using Omni-directional. This is usually the first thought as it gives good
coverage, and is usually a novices first “catch all” choice
62
BELDEN
Down-tilt angles
**
Repeate
Station
The antennas radiation pattern MUST reach in both directions.
63
BELDEN
Down-tilt angles
**
Repeate
Station
- The most efficient solution would be to use medium to highly directional antennas,
angled to ensure proper connectivity
- Also note, at the repeater station, 2 radios would be needed. Either in a single unit (such
as the BAT54-RAIL), or 2 separate units (2x BAT300-RAIL)
- This design also give better performance. Instead of sharing a single radio connection at
the repeater station with both locations. Locations 1 & 2 now have a dedicated link to
the repeater station so the overall throughput would be much better
64
DATA RATES
65
M Wireless Data Rates
•Wireless connections are not just “ On or Off”
•As the Signal to Noise ratio drops, the data rate

decreases
•Must be calculated/tested to ensure enough

throughput for the application
•As the data decreases, the receiver's sensitivity

increases in order to stay connected to a smaller
signal level
66
00
m
D
m
73
0)
03
flJ
<• BB
12 Mbps
18 Mbps
24 Mbps
36 Mbps
48 Mbps
54 Mbps
6 Mbps
9 Mbps
3
cn
>
(/
3.
Q
0)
- As the Signal-Noise (SNR) ratio get lower, the receiver must lower its data rates to
maintain connection
- Each device has different characteristics on the receiver sensitivity. Should be found on
data sheet or technical manual for calculation
- SNR can be effected most commonly by:
- Distance from the transmitter (Free Space Path Loss)
- Background noise levels (interference)
- Environmental objects (attenuation)
67
BELDEN
802.11 Data Rates
802.11a 802.11b 802.11 g 802.11n
20MHz 40MHz
6Mbps 1Mbps 6Mbps 15Mbps 30Mbps
12Mbps 5.5Mbps 12Mbps 45Mbps 90Mbps
24Mbps 24Mbps 90Mbps 180Mbps
68
RF CHARACTERISTICS
69
RF Fundamentals
pg0l Amplitude Frequency
Gain A (Lambda)
db
Reflection Loss dbi dbm
Wavelength
Attenuation
Fresnel Zone
SNR
Refraction Free Space Path Loss
When designing and troubleshooting RF systems, there are a lot of terms, definitions and
formulas to be aware of. This is just a sample of some of the terms and definitions we will
discuss. Also note that most of these items have an associated mathematical formula as
well.
70
RF Fundamentals - Wavelength
A=clf
A = wavelength
c = speed of light (299,792,458 m/s)

- Wavelength (A )- / = frequency
Wavelength - The distance between two identical points in

adjacent cycles of an RF waveform.
Wavelength is inversely related to frequency
Wavelength is the basis of all RF calculations and theory. With wavelength we can find the
frequency of a waveform, choose proper equipment for an RF system such as cables,
connectors, antennas… we can also calculate theoretical maximum distances and data
rates that will be available in a certain application. With the formula here, we can also find
the wavelength if we know the frequency, as waveform and frequency are inversely but
proportionately related.
Formula:
λ = Lambda
c = Speed of light (because RF signals travel at the speed of light)
f = Frequency
71
RF Fundamentals - Wavelength
Y\ /\ • Wavelength
• Used to calculate:
- Antenna length
-Spatial placement of antennas
- Fresnel Zone
- Free Space Path Loss...
Wavelength is directly used in the design of all RF antennas. Spatial placement is used in
certain applications were there may be certain phenomenon such as reflections for
example. Fresnel Zone is used to determine antenna height in a long distance point to
point application as well as Free Space Path Loss.
72
BELPEN RF Fundamentals - Wavelength
Longer Wavelength
0
1 cycle per second (1Hz)
seconds second
Shorter Wavelength
.
2 cycles per second (2Hz)
seconds s cond
In the first example (Top), we see a signal with a frequency of 1 Hertz. This means that the
RF wave has a cycle period of 1 second or 1 cycle per second.
In the second example (Bottom), we see a signal with a frequency of 2 Hertz. This mean
that this RF wave has a cycle period of ½ a second or 2 cycles per second.
By comparing the two waveforms, we can see the inverse relationship between waveform
and frequency. The 1 Hertz (Top) waveform has a longer waveform than the 2 Hertz
(Bottom) waveform.
73
RF Fundamentals - Frequency
Amplitude
/=c/A
A = wavelength
c = speed of light (299,792,458 m/s)
/ = frequency
Frequency is how many cycles or waves per second
Frequency is inversely related to wavelength
Frequency is a measure of cycles per second. As an example, a 2.4GHz waveform

(commonly used in 802.11 wireless networks) completes 2.4 Billion cycles per second.
74
M RF Fundamentals - Amplitude
•Amplitude
• Independent of frequency and/or wavelength
• Strength of an RF waveform
• Greater or Higher amplitude means longer distances
• Measured as Watts or decibels in RF communications
If we compare RF waveforms to sound waves, Amplitude would be the “Loudness” of the

waveform. Just like sound waves, the amplitude or “loudness” effects the distance the RF
waveform can effectively travel.
75
BELPEN RF Fundamentals - Amplitude
Higher
Amplitude
Original
Amplitude
Lower
Amplitude
As you can see in the above examples, all three waveforms have the same wavelength and
frequency, but they all three have different amplitudes. Because of this they would all have
different effective distances they could be transmitted.
76
N RF Fundamentals - Phase
•Phase
• Phase is relative only to time in an RF waveform
• Can be effected or altered by outside interference ( such

as an RF waveform traveling through different materials
such as walls, windows, water... )
• Independent of amplitude or frequency
• Very important to consider in RF communications
77
RF Fundamentals - Phase
Original
Waveform Average
Signal
Inverted
Waveform
-2+2=0
Two waveforms 180° apart (Inverted) have cancelling effects.
In the above example, we have two waveforms of identical frequency and amplitude. The
Inverted (lower) waveform is inverted or known as 180 degrees out of phase in relation to
the original (Top) signal. Because of this Phase difference, if the two signals were both
received by an RF device, the two would have cancelling effects on each other. In the right
example of the two superimposed on top of one another, the effective combined
waveform of the two would be no waveform at all. Just like adding a positive and negative
of the same number. The sum would be zero.
78
RF Fundamentals - Phase
Because of RF reflections, we have to be

careful of Phase in a wireless system
/X
II
i\
r
In RF communications, there is a phenomenon known as reflection, which will be covered

in greater detail later on in the course. Because of this phenomenon, in certain applications
this can be a huge factor in effective RF communications. Especially in enclosed areas with
highly reflective materials, such as metal walls or shelving of a warehouse.
79
N RF Fundamentals - Free Space Path Loss
•Free Space Path Loss
• Reduction of power (amplitude) due to the natural

expansion of the RF waveform through the air
• As an RF waveform is transmitted through the air, the

farther it gets from it’s point of origin, the wider the
waveform becomes.
• Because of this natural spreading, the waveforms

amplitude becomes smaller and smaller
Free Space Path loss can be compared to dropping an object into a standing pool of water.
It causes ripples of water to go out in all directions away from the point where the object
entered the water. As the waves travel outwards, they become smaller and smaller, losing
amplitude (or height).
80
• Free Space Path Loss
• Formula:
(2,4GHz) FSPL (dB) = 100 + 20 Log (D) DISTANCE
(5GHz) FSPL (dB) = 105 + 20 Log (D)
D = distance in Kilometers
5GHz
4 kilometers
I
117 (db) = 105 + 20 Log (4)
To figure out the free space path loss, we use one of the formulas above.
Note that D = distance in Kilometers, so…
Once we know the frequency, distance and calculate the Free Space Path Loss, we can start
to figure out what or link budget is and what antenna gain or amplification will be needed
for our RF link.
It is a good idea to add a factor of 10 to the Free Space Path loss. While this seems
excessive, tolerances in radio hardware, losses due to math rounding and even weather
make this reserve a good idea.
81
M RF Fundamentals - Gain
•RF Gain
• Increase in the signal level (Amplitude) or a

concentration of a signal
• Passive or Active
• Intentional or Unintentional
82
RF Fundamentals - Gain
Active Gain
• Active gain is achieved by placing an amplifier in the RF

line to increase the Amplitude of the original signal
• Must be careful not to exceed FCC power requirements
100mW
Signal
\37
f
1 Watt
Signal
T 7
\j —
, J
A
''
Access
Point
RF
Amplifier
'
A
^
"
Antenna
Active gain can be compared to sound waves going through a megaphone. The waves of
sound from your voice get amplified and retransmitted through the air with a greater
amplitude than the original waveform.
83
RF Fundamentals - Gain
Passive Gain
• Passive gain is not an increase in signal Amplitude, but

rather concentrating a signal in a desired direction
• Intentional ( Directional antennas); Unintentional

( Reflections from objects such as metal walls)
Directional
Antei na
Omni-Directional
Antenna
Passive gain is comparable to cupping you hands around your mouth. The sound is not
louder and the amplitude is not greater, but appears to be because the sounds waves are
concentrated in a desired direction. In RF communication this could be caused
unintentionally by objects such as walls. If an antenna was inadvertently mounted too close
to a metal studded wall, this could cause unintentional passive gain.
84
RF Fundamentals - Loss
> Loss
Intentional or Unintentional reduction of an RF signal

amplitude
Intentional Loss is used to stay within regulatory (FCC)

output perimeters
\ / ~\ /X i
1 Watt \ / 1/2 Watt \ _/ ^
Sign3 tVy
' Si9nal A 3dbi
_
Access
..
Point
RF
.
Attenuator
^ ^Antenna
"
Antenna
The FCC states that maximum output of an intended radiator (antenna) is 1 Watt. As we
will see later on, a gain of 3db doubles the output power. In this example, we already have
a 1 Watt signal being transmitted into a 3db antenna, so we must cut the power in half to
stay within FCC regulations. We can do this with an attenuator. Note also that most modern
802.11 radios have settings to reduce output power as well so an external attenuator may
not be necessary.
85
RF Fundamentals - Loss
• Unintentional loss cannot be avoided
• By using properly planned and matching

equipment it can and should be kept to a minimum
(Using all 50ohm cables and connectors, low loss
or ultra low loss cables ... )
100mW 50mW Signal
> Signal attenuated by
Point Antenna
Losses introduced through connectors and cabling must be calculated into the overall link
budget also. If using longer RF cabling, ultra low loss cable could be considered to help
reduce unwanted losses. More about choosing the correct cables later on in this course.
86
RF Fundamentals - Reflection
Reflection
• The bouncing of an RF wave off of a smooth non-

absorptive surface.
• Changes the angle the RF wave travels
• Can lead to other RF phenomena such as multipath or

gain (unintentional)
Incoming Reflected
RF Wave RF Wave
Reflection is very easily explained in the analogy of looking into a mirror. If you look at the
mirror at an angle, you do not see yourself, but whatever is located at the same angle in
the opposite direction.
87
RF Fundamentals - Scattering
•Scattering
• Scattering happens when an RF waveform strikes an

uneven surface. The result is the waveform gets divided
into many smaller RF waveforms.
• Can be thought of as multiple reflections happening in a

small area.
Scattering is nothing more than multiple reflections. These reflections typically happen in a
small area causing the original waveform to be divided into many smaller waveforms, but
can also be reflected at different angles from the original waveform. Scattering can cause
dead areas in an RF coverage area.
88
N RF Fundamentals - Absorption
• Absorption
• Absorption happens when an object cannot reflect RF

waveforms but rather turns the RF energy into some
amount of heat energy
• Mostly occurs with organic objects
• An object can absorb some of the energy, while allowing

the rest to pass through.
• Results in a lower amplitude waveform than the original
Absorption is most commonly used and seen in microwave ovens. When an object is
heated in a microwave oven, the water particles present in the object absorb the RF
radiation. Because of this absorption, the object becomes heated, thus allowing us to cook
foods with RF waves. Because of the much lower power outputs used in RF
communication, this phenomenon happens on a much smaller scale.
89
Ilk®
RF MATH AND
MEASUREMENTS
90
Units of Measure - Watt
• Watt
• Basic unit of power measurement
• 1 Watt = 1 volt at 1 amp
• In RF is used to measure the strength of an RF

waveform
P=IxE
- P = Power in Watts
- I = current in Amps
- E = Voltage
The Watt is named after an 18th century Scottish inventor, James Watt. If either, or both the
volts or amps increase, so does the watts. Most commonly used to measure the output of
a light bulb. A typical household light bulb puts out 60 watts at 120vac. Knowing the Watts
(60) and the Voltage (120v) we know that the light bulb draws .5 amps.
Explain “PIE” Pyramid
91
M Units of Measure - Milliwatt
•Milliwatt
• 1/1000 of a Watt (.001watts)
• Most common unit of measure for an RF radio system
• Abbreviated as mW
In an RF radio system, only small amounts of power are typically required. Because of this,
the RF waves are typically measured in milliwatts, or thousandths of a watt.
92
M Units of Measure - Decibel (db)
• Decibel (db)
• 1/10 of a Bel
• A unit-less, logarithmic representation used to express

the ratio between two measurements of the same unit
• Usually written with a suffix to imply the reference

measurement unit (dbm, dbi, dbv... )
• Used to express very large ratios as a simple number
93
BELPEN Units of Measure - Decibel (db)
• Decibel
• Rule of 10 ’s and 3’s
- A gain of 3db doubles the output power

- A loss of 3db halves the output power
- A gain of 10db magnifies the output power by 10
- A loss of 10db is 1/10th the output power
• Example:
100mW output power from an Access Point
3db cable loss
10db gain antenna
100mw - 3db + 10db = 500mW
The rule of 10’s and 3’s is a very quick an efficient method of finding the output power of
an RF system.
As you can see, a gain of 3db double’s the output power. A loss or reduction by 3db cuts
the power output in half.
For the rule of 10’s, a gain of 10db multiplies the output power by a factor of 10. A
reduction of 10db would be 1/10th of the output power.
94
BELPEN Units of Measure - Decibel (db)
• Rule of 10’s and 3’s
dB Equation in 10's and 3's
1 + 10 - 3 - 3 - 3
2 + 3 + 3 + 3 + 3 - 10
3 +3
4 + 10 - 3 - 3
5 + 3 + 3 + 3 + 3 + 3 - 10
6 +3+3
7 + 10 -3
8 + 1 0 + 1 0 - 3 -3 - 3 - 3
9 +3+3+3
10 + 10
By using these equations of 10’s and 3’s, we can find the output power of a system without
using any complex physics equations. Give example…
95
BELDEN
Units of Measure - dbm
dbm mW dbm
Represent a measurement of power 1 0.0

in relation to milliwatts
10 10.00
Used for link budget calculations
Formula: 20 13.01
dbm = 10log10(Pmw)
30 14.77
40 16.02
50 16.99
100 20.00
96
M Units of Measure - dbi
•dbi
• Decibels as compared to an isotropic radiator (antenna).
• dbi is used to express the power gain of an antenna
• Isotropic radiator is an ideal, theoretical antenna that

radiates the same power in all directions equally.
• (More on Isotropic in a later section)
97
N Units of Measure - SNR
•SNR
• Signal - to - Noise Ratio
• Power level of the RF signal as measured against any

RF “ noise” that may be in the area
• Used to determine the “ usable” amount of RF signal in a

given area
• Also used to determine link budgets
Imagine having a conversation in a room full of people. If no one else is talking, your can
converse very easily. As the people in the room begin talking, your conversation starts to
drown out. Because of this, to have your conversation be as loud or effective, you must talk
louder over the background noise.
98
I
m
m SNR - General Figures
30db + Very Good

25 - 30dB Good
20 - 25dB Decent
15 - 20dB Adequate
10 - 15dB Poor
10dB or less No signal
SNR = 10log10 (Psignal/Pnoise)
99
M Units of Measure - Receive Sensitivity
• Receive Sensitivity
• Minimum amount of power that the receiver circuitry

can effectively discern
• Used to calculate link budgets
• Listed as dbm
• Proportional to data rate (lower sensitivity = lower data

rates)
Receive sensitivity is basically how well the receiver can “Listen” for an RF signal. This
determines how far the link can be carried, and at what data rates the link will be at. As
distance increases, the receiver must increase its sensitivity to be able to listen closer,
because of this, when sensitivity is increased, data rate is typically lowered when this
happens. Most RF equipment has a chart listing the sensitivity for the specified data rates
to help in link budget calculations.
100
BELDEN
Units of Measure - Fresnel Zone
• Fresnel Zone
• A calculated zone of RF between 2 RF devices
• Pointed Ellipsoid Shaped (Football-Shaped)
• Used to determine area of interference and/or “ RF Line

of Site”
• Help determine the required height of the antennas

between 2 RF devices
101
BELDEN
• Formula:
R = 0.5 x V( A x d)
R = Radius of Fresnel Zone

A = Wavelength of signal in meters
d = Distance between RF transceivers in meters
R = 0.5 x V (.05 x 4000)

R = 7 meters
- 4km -
5GHz
Radius of Fresnel Zone

(
Since the radius of the Fresnel Zone in this example is 7 meters, our antennas would need
to be located at least 7 meters above the highest obstruction in the RF path. This ensures
there will be no interference from reflections and diffractions.
5GHz Wavelength = .05

2.4GHz wavelength = .125
102
: dI>1: Units of Measure - Fresnel Zone
M
Fresnel Zone
• Some RF links can go relatively long distances
• Because of this, the curvature of the earth must also be

considered in links greater than 2km.
- 4km -
5GHz

i —
.
Earth Curvature
103
BELPEN
• Formula:
E = d2 x 0.0147
E = Curvature of the Earth

d - distance in kilometers
E = 42 x 0.0147
E = 0.24
- 4km —
5GHz

—
n^
Earth Curvature
We find that the average earth curvature is almost 1/4 meter. We must add this to the
Fresnel Zone calculation for our overall mast height.
104
Mast Height
• Mast Height will now be calculated using the radius of

the Fresnel Zone, Earth Curvature, safety factor and
height of tallest obstruction
Mast Height = R+E+S+O 7 + 24 + 1 + 0 = 8.24

R = Fresnel Zone
E = Earth Curvature
S = safety Factor (typically 1 meter)
O = Height of obstruction (ifan
^
5 GHz
Earth Curvature
105
l|Li|N Link Budget Calculations
• Link Budget
• When looking at an RF Application, the link budget must

be calculated to find :
- Antenna gain needed
- Access Point attenuation (if needed)
- Cable type to use
- Available Data Rates
Link Budget planning is an integral part of designing a point to point RF system. Along with
link budget planning, you will use most of the fundamental units and formulas that have
been covered so far.
106
M Link Budget Calculations
•Link Budget
• To begin a link budget calculation for an application,

several pieces of information are needed.
• Distance of Point-to-Point link
• Mounting criteria for access points and antennas
• Cable type to be used
• Attenuation factors of each piece of equipment between

access point output and antenna input
Before we begin a link budget calculation, we have to have an idea of how much cable will
need to be used between the access point and antenna, attenuation factors of the cable,
surge arrestors and other devices in the hard-wired link. As well as a data sheet for the
access point listing the receive sensitivity for the various available data rates and the
output powers available for the available channels/frequencies.
It is recommended to do a link budget calculation before purchasing any equipment for the
application, as there are quite a few variables that can effect the performance and
reliability of the RF link.
107
TOPOLOGIES/ USES
108
Topologies
Stand alone Access point
Used to gain wireless access to a device or devices
In industrial applications, most commonly for

programming /maintenance use
t;
mo
This would also be an example of a BSS (Basic Service Set)
109
mmm Topologies ( roaming clients , AGV’s,
forklifts...)
M— — (Siy
<em
^
< l
This example depicts the use of an ESS (Extended Service Set).

- By using multiple access points connected to a wired backbone, the forklift is able to
seamlessly roam between all the access points
- Allows bigger area coverage using multiple access points
- Constant connectivity to the client(s)
- In this model, the AP’s would be considered “thick” AP’s, meaning each one gets
configured individually to be a part of the ESS
110
mmm Topologies (roaming clients , AGV ’s,
forklifts...)
^^ Tr
77
7 Lu
(?
4 pi) pi) ii
jfd» .
4
^ ^
(i
ii
Here we’ve added a WLC (Wireless LAN Controller)

- Still forms an ESS
- AP’s would be considered “thin” AP’s, meaning only the controller gets configured
- Controller hands out configs as the AP’s are added to the network (manually or
automatically, depending on the controller config)
- Eases administration
- If an AP’s gets replaced or added, the WLC hands out a new config and no need to touch
anything else
- If an AP gets stolen, the config is lost and no information about the network can be
gathered
- Centralized management, error logs…
111
N Multiple SSID’s
•Some Access Points support the use of Multiple

SSID’s per radio
• Allows for the use of different encryption types per SSID

(possibly to support legacy equipment)
• Each SSID can be configured with a maximum data rate

- Aids in the allocation of bandwidth per clients
• May also be used in conjunction with VLAN’s (if

equipment supports it.)
112
m L. Multiple SSID’s
SENDING All THE HIGH! SIGNALS
Multiple SSID’s
SSID: Production SSID: Public
Frequency: 2.4GHz Frequency: 2.4GHz
Channel: 1 Channel: 1
Encryption: WPA/AES Encryption: WPA/AES
Encryption key: Encryption key:
supersecure kindofeasytoremember
MCC
SSID: Accounting
( Master )
SSID: Engineering
Frequency: 2.4GHz
Frequency: 2.4GHz
Channel: 1
Channel: 1
Encryption: WPA/AES
Encryption: WPA/AES
Encryption key:
Encryption key:
acavemancouldrememberit
i: supercrypticandrandom
113
Multiple SSID’s
W* BAT 54 -Rail Dual Band Client with backgroun. .. ? X
Corrt xe: Herfaces »

Logical WLAN settings WLAN interface 1 Net. .. ? X
LAN
^
| WAN | Modem VLAN Span Tree |
Network Transmoswn
VLAN settngs
Packet size i1.550 byte
»\ Please note! -
IP LAN 1: Ethernet 1(No)
Mrmun transmt rate These settngs are only usefd in a VLAN network
You shotid only change them i you are aware of the ^ LAN - 2. Ethernet 2 (oj
Noy) -
Maxxmxn transmt rate Auto r consequences of these changes t is easdy possfcle to T" WLAN - 1: Wreless LAN l - Network 1(No)
lock yourself out of tho router here As a resul. the device y WIAN-2' Wreless LAN 2 Network 1 (No)
Broadcast rate |2 «S/J may only be accessMe after resettng
'T P2P - 1- 1: Pont -to -Pomt 1 •1 (No)
|2.3«7
RTS threshold byte VLAN modde enabled -- -
y py i fc Pont -to Pont 1•2 (No)
I- Use long preamble for 802 11b This table holds the defntion of al VLANs used --
" jr P2P 1 3: Pont-to -Pont 1 •3 (No)
Network table -- - -
IT P2P 1 4: Pont to Pont 1 4 (No)
1r P2P -1 S: Pont -to -Pont 1 •S (No)
-
This table holds VLAN -related configuration <ems for every port y P2P -1-6: Pont -to -Pont 1 - 6 (No)
OK Cancel the device has y P2P -2-1: Pont -to -Pont 2 1(No)
Port table r y P2P -2-2:Pont -to-Pont 2 2 (No)
T -- - -
P2P 2 3: Pont to Pont 2 3 (No)
VLANtaggng mode 8100
--
T P2P - 2 4: Pont -to -Pont 2 •4 (No)
-
T P2P -2 S: Pont -to Pont 2 •5 (No)
- - - -
'S~ P2P - 2 6: Pont to Pont 2 8 (No)
ft Network 2 (No)
WPA or Private WEP settings
Network 3 (No)
Interface Encryption Method / Key 1 Key 1/passphrase WPA session key type WPA version Authentication DefaJt key dent EAP m < > CK Network 4 (No)
Network 5 (No)
--
Wreless LAN 2 Network 1
Wreless LAN 1 Network 2
Activated
Activated
WEP 128 (104 bit)
WEP128 (104 bit)
0x 149827654381286583492736402 TKIP /AES
L008063FCF 350 TKIP /AES
WPAl
WPA1
Open system
Open system
Key 1
Key 1
US
TLS
Cancel Network 6 (No)
Wreless LAN 1- Network 3 Activated WEP128 (104 bit) L008063FCF 350 TKIP /AfS WPA 1 Open system Key 1 TLS Network 7 (No)
Wreless LAN 1 - Network 4 Activated WEP128 (104 bit) L008063FCF 35D TKIP /AES WPA1 Open system Key 1 US Network 8 (No)
l< I
-
Wreless LAN 1 Network S Activated WEP128 (104 bit) L008063FCE 35D TKIP /AES WPAl Open system Key 1 TLS
>
iv
Network 2 (No)
Network 3 (No)
Edit ... Network 4 (No)
Networks (No)
'i~ WLAN-2-6: Wreless LAN 2 - Network 6 (No)
T" WLAN- 2 -7: Wreless LAN 2 •Network 7 (No)
'3“ WLAN -2 -8: Wreless LAN 2 - Network 8 (No)
These functions can be used to spread or allocate bandwidth to certain devices, limit
access to certain resources and safely provide support for legacy devices (WEP).
114
m L. Multiple SSID’s and VLAN’s
SENDING All THE HIGH! SIGNALS
Multiple SSID’s with VLAN tagging per SSID

SSID: Production SSID: Public
Frequency: 2.4GHz Frequency: 2.4GHz
Channel: 1 Channel: 1
Encryption: WEP128 Encryption: WPA/AES
Encryption key: SI Encryption key:
notsecureatall Kindofeasytoremember
VLAN100 VLAN50
•»
SSID: Accounting
SSID: Engineering
Frequency: 2.4GHz
Frequency: 2.4GHz
Channel: 1
Channel: 1
Encryption: WPA/AES o tD
Encryption key: ' Encryption: WPA/AES
Encryption key:
acavemancouldrememberit
VLAN3900 C supercrypticandrandom
VLAN200
115
BELDEN Topologies
Dual Band P2P connections using Spanning Tree for

redundancy
5GHz
LANA LAN B
B
116
Topologies
Point to Multi-Point Topology

1 1
r
1
Slave
\
Slave
L *
z
Slave
4r
Slave
Here is an example of a Point to Multipoint topology

- Commonly used as a wireless backbone
- Stationary building to building, or site to site connectivity
117
BELPEN
Topoloqies
U
I
Point to Multi-Point Topology
54 Slave
Master
Maste
Slave
Video Server
- One design requirement is bandwidth planning

- In a high bandwidth application (such as hi-def video), in a point to multipoint
application such as this example, muiltiple units sharing the same master radio may
over be too much bandwidth for a single radio.
- Using a dual radio unit as the master and dividing the slave’s amongst these dual radios
may be must more feasible, reliable and will provide better performance
118
BEIXEN
StNCUNG AU IHE BtGHl SIGNALS
Topologies
Slave Slave
Master | Master |
Master
/ 4
%
> \
Slave
i
%* T *1
|
M
Slave
r »|
[
Hybrid Point to (Multi)point used to create a redundant static mesh network.
119
Topologies
2 Point to Point connections ( WDS - Wireless Distribution System)
5GHz Backbone
4 H
r
Wireless
Repeater
/
Remote Remote
fl
LAN
PLC PLC
120
SECURITY
121
BELDEN
SENDING AU THE RIGHT SIGNALS
Security
»
MB
Security features:
* Access-control list
Closed network
WEP
802.1x / EAP
802.11
IPSec
WPA /TKIP
^3
802.11i/AES ( WPA2 )
LEPS
WAN
DSL mode LAN Firewall with intrusion

detection, Denial-of-
Service protection, port
and protocol filters
122
JEN ACL
• ACL - Access Control List
• Access to the wireless LAN only for "approved"

wireless LAN clients.
• Maintenance of a MAC address list in the access

point.
• Maintenance of a MAC address list by RADIUS .
123
N Closed network
• No active communication of the SSID (wireless

LAN network name) by the access point
• Wireless LAN cannot be "found", e.g. by

"Windows zero configuration"
• No access possible with "ANY" SSID
124
M Weaknesses of ACL and closed network
• Neither ACL nor closed networks are a 100%

solution for access control.
• The 802.11 protocol definition calls for both MAC

addresses as well as the ESSID to be
transferred unencrypted in data and
management frames over the air.
• Special wireless LAN sniffer programs can be

used to spy out the information which are
included in every WLAN packet. This information
can then be faked to the client stations.
125
WEP (wired equivalent privacy)
• IEEE 802.11b describes WEP64 (40 bits).
• However, most wireless LAN adapters also

support WEP128 (104 bits) and some WEP152
(128 bits).
• Symmetric encryption method with static PSK

(pre-shared key).
• Encryption using an RC4 algorithm.
126
Structure of WEP encryption
-Data as clear text-

Message IVC
XOR
Key stream = RC4 (IV/WEP key)
IV encrypted data
Data packet that is to be

transmitted
127
N Weaknesses of WEP
• WEP is vulnerable to certain kinds of passive

attacks based on "known plain text" and
"dictionaries".
• Initial Vector (IV) too short.
• With WEP there is a large number of weak keys

due to a short IV.
• WEP does not include any key management;

key allocation occurs manually and all stations
use the same key.
128
: dI>1: 802.1x / EAP
M
RADIUS => Remote Authentication Dial In User

Service
• Authentication
• Authorization
• Accounting
Often called AAA Service
Defined in RFC 2856
Communication over UDP port 1812 (standard)
129
N 802.1 x / EAP
• There is no fixed key stored on the client.
• The client must authenticate to a RADIUS server

(TLS or TTLS).
• Dynamic negotiation of the key using EAP

(extensible authentication protocol)
• Regular key change via the EAP tunnel. -> No IV

collisions (key repetition)
130
IEEE 802.1x/EAP with WEP / WPA /IEEE
802.11i fWPA 9) r * —
Authenticator Encryption using WEP

/ WPA / IEEE 802.11i
Authentication o
EAP-over-LAN
using •4 (EAPOL) 4
RADIUS, Supplicant
802.1x / EAP
•* ** •*
131
BELDEN
IEEE 802.1x/EAP with WEP
Client RADIUS-Seiver
5> )
WLAN login
EAP/802. Ixjchallange
- — M
; message master secret ;
session-key
normal) data- transmission

naMdal
new session-key
normal data- transmission

^
132
m L. Structure of IEEE 802.1x /EAP check
r* li;-3a
'
A
V EAPoL- TLS
4: Oient
Certificate
WEPikey rollever
802 1x Acce&k Point
*
' LAN Switch
EAPcver RADIUS"
33?
tr- ^KJ
m1 If
' III
' Servers & Printers
Certification RADIUS
Authority Authenticator Server
(user database)
Server
Certificate
133
WM IEEE 802.1x/EAP security
• Based on known issues with the WEP encryption

the usage even with 802.1x is not
recommended.
• Offers the best authentication method for wired

and wireless network at the moment
• Multilevel certificates are possible
134
Nj IEEE 802.1x/EAP methods
• EAP and IEEE 802.1x provide the framework for

authentication.
• Actual verification of user and station identity is
determined by the EAP method.
• The most important methods use either digital
certificates or passwords for this.
EAP method Supplicant Authenticator Authentication server

EAP TLS Certificate ' Server certificate
Interface to certification
authority
EAP TTLS Password ' Server certificate
Interface to certification
authority, user database
EAP MD5 Password - User database
135
BELDEN
SSNOtNG AU THE BIGHT SIGNALS
Integrated Radius server 802.1x
When a BAT access

point is configured as a
Configure: |RADIUS Serve
General | Forwardng | EAP
.
J Neu Hirschmann LANconfig (Configuration.Icf
BQ
| Options |
RADIUS server it can i RADIUS service

Authentication port: fo
provide its own Accounting port [0
information on Accounting nterim interval |0 seconds
RADSEC service
authorized users to RADSEC port fo
other access points. RADIUS/RADSEC dents
The data ot the cfcents which shal be communeate with the
server can be entered at the folowng table
Clients |
I User database
The data ot the users which shal be authenticated by the
server can be entered at the folowng table
User table ... I

The server wi check authentication requests aganst the
folowng tables
Use the WLAN station table on MAC address requests
h HWSCHMANN OK | Abbrechen
136
BELDEN
StNOMCAUlHEBtSHTSICNAlS
Integrated Radius server access control list
**
C? Neu Hirschniann LANconfig (Configuration Icf .

When a BAT access Configure: |Wieless LAN
point is configured as a 3ene>el | Security Stations | 80211VWEP | IEEE 802 IX | WLC |
RADIUS server it can Filter stations

Data traffic between the wireless LAN and your local network
provide its own can be restricted as requred by excluding individual stations, or

ordy enabing specified stations
Fler function
information on C Hter out data from the Isted stations, transfer al other data
(
• transfer data from the listed stations, authenticate al other
authorized users to data via RADIUS or Nter it out
..
Stations. I
other access points.
Authentication via RADIUS
Server IP address: |141 1 1.1
Server port: |l.812
Shared secret: r
Source IP address: ||NTRANET 3
Backup server IP address: 1192168 2001
Backup server port: M.812
Backup server secret: r
Source IP address: |DMZ
h MinSCMMAHN | OK | Abbrechen |
137
IPsec over wireless LAN
• Encrypting wireless LAN communications with

VPN IPsec technology.
• Use of secure encryption algorithms such as

AES, blowfish or 3DES.
• IPsec is a "tried and tested", secure technology.

• Higher configuration overhead.
• Requires high performance from devices.
• Eagle VPN products could be used
• VPN performance of the BAT device will be to
slow for a WLAN encryption
138
WPA (WiFi protected access)
• Specification of WPA by WiFi Alliance
• TKIP and MIC ("Michael") encryption methods as

alternative to WEP
• Standardized handshake procedure between

client and access point in order to
determine/transfer session key (without RADIUS
server)
139
BELCEN TKIP ( temporary key integrity protocol)
• TKIP is a "transitional solution" on existing WEP /RC4 hardware
• Encryption algorithm with RC4 without the disadvantages of WEP
• Significantly larger address space of IV (now 48 bits)
• Integrity checking of data packets ("Michael")
• Individual key between client and AP
• TKIP is not standardized for the IEEE 802.11n based products

• WEP, WPA and IEEE802.11i with RC4 / TKIP based encryption may not
work anymore.
• All BAT products based on the HiLCOS supporting AES encryption
methods
140
IEEE 802.11i (WPA 2 )
• The new wireless LAN security standard
• WPA is parent standard of 802.11i
• WPA 2 is the implementation of the widely

stipulated IEEE 802.11i standard
• AES-CCM encryption method
• Encryption and integrity checking with AES
• According to IEEE 802.11i AES must be

supported, TKIP is optional
WPA2 and IEEE802.11i differ. WPA2 was invented again from the WiFi alliance after
the IEEE 802.11i standard was ratified. The HiLCOS based devices support both
authentication methods
141
IEEE 802.11i (WPA 2 )
• AES-CCM should be implemented in hardware

although a software implementation is possible
(with performance loss)
• Authentication of the client to the access point
• Individual key between every client and AP
• AES complies with the Federal Information

Standard 140-2
142
Nj WPA - IEEE 802.11i ( WPA 2)
IEEE 802.11i
WPA version WPA
(WPA 2)
Authentication PSK PSK
Personal
mode Encryption TKIP/ MIC AES-CCMP
802.1x/
Authentication 802.1x/ EAP
Enterprise EAP
mode
Encryption TKIP/ MIC AES-CCMP
143
BELDEN
IEEE 802.11i - client to AP
Authentication process:
• Encrypted exchange of
PSK
Pre-Shared
Key.: ******* • Establishment of
encrypted connection
• AES hardware
Pre-Shared / \ Pre-Shared encryption (128bit)
******* \ *******
• Each connection
receives a session key
ID ?
and is thus secure
Pre-Shared
| 0y .
*******
^ ;»
LAN /
Internet
144
Nj IEEE 802.11i - client to AP
Authentication process:
• Encrypted exchange of
PSK
• Establishment of
encrypted connection
• AES hardware encryption
(128bit)
• Each connection receives
a session key and is thus
riDOK?) secure
—
I
L ^jFgjsessionjSgyX,^^
i rZ )
C Internet
^
^ 0.34 6/8/2014 145
145
M Security in a wireless LAN
WEP WPA 802.11i

Encryption Uses 'soft ' keys. Better encryption with Security equivalent
Can be cracked TKIP and MIC. to VPN with AES.
with tools in a very Theoretically very
short time . long time between
key repetition.
Algorithm 40bit/104bit/128bit 128bit RC4 (TKIP) 128bitAES
RC4
Manual key Automatic key Automatic key
distribution, man- calculation due to calculation, AES in
in-the-middle keyphrase. hardware.
attacks possible
Authentication Key initially Encrypted key Encrypted key
transferred in plain exchange exchange
text over the link.
146
Nj Migration from WEP to IEEE 802.11i
• Converting an operational wireless LAN

infrastructure to the new 802.11i security
standard.
• What about
• 802.11b client adapters
• PDA without WPA support
• MDE devices (e. g. barcode scanners)
• .. . ?
• Solution: Wireless LAN with multiple SSIDs
147
BELDEN
SENDING AU 1HE RIGHT SIGNALS
Migration
^
from WEP to IEEE 802.11i
Up to 8 SSIDs per wireless LAN interface are possible. This infrastructure can be
facilitated by VLAN tagging in order to assign user groups to the appropriate
security level.
WEP128 security,
to connect as
many
clients as ^ 3
/ ,
possible./ **
*
Maximum security
through 802.11i / AES
< Sy
SP' in
WPA / TKIP acceptable Open network will
security with high encryption.
performance for clients
without AES support.
Bild ersetzten
148
Questions?
149

HiWP Technology Rev1 PDF

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

HiWP Technology Rev1 PDF

Transféré par

Droits d'auteur :

Formats disponibles

BELDEN

SENDING ALL THE RIGHT SIGNALS

• Untethered device/network access (roaming

•Replace standard cabling to reduce installation

•Installations where standard cabling is not

As wireless technology is being refined more and more, it becomes a more

By utilizing standards based wireless products, you have seamless

Wireless Lan’s generally provide one of two roles:

O Half Duplex - A device can only send or receive at a

O Full Duplex - A device can send and receive at the

O Think of Half Duplex as a two way radio - Only one

O Think of Full Duplex as a cell phone - each person can

•In wireless networks , collisions are always

• CSMA/ CA : Carrier Sense Multiple Access w/Collision

•The 3 possible modes of operation in a wireless

•In most all instances, the application

• A wireless infrastructure device (such as a BAT)

• Allows clients of all forms to connect to the wireless network

• Defines any encryption methods and keys

• Defines which channel ( or frequency ) the wireless network

Other things the access point can control would be:

Per the 802.11 standard, client’s can only connect to an Access

A client can only connect to one wireless network at a time

In an ESS (Extended Service Set), clients are allowed to roam

• Basic Service Set

• A single access point and all of it’s connected clients

• Most basic form of a WLAN (Wireless LAN)

• Clients can intercommunicate (in most cases)

• No roaming can happen

***Further criteria may be needed depending on the configuration of the AP

The access point will send out beacon frames containing:

Authentication and association

mobile station access point

- Unauthenticated and unassociated

• Extended Service Set

• Multiple interconnected access points sharing an SSID

• Allows for soft roaming clients

• Used for large area coverage where constant connectivity

Acces Acces Acces Acces

In the Extended Service Set:

Acces Acces Acces Acces

•Independent Basic Service Set

• No access point or infrastructure devices

•Client to client communication (1:1 only)

•Supported by 802.11b only (standardized)

•Infrastructure only mode

•Statically defined Access Point to Access Point

•Used for dedicated wireless “ backbone”

•Transparent to end devices

r Physical WLAN settings - WLAN interface

0 Do not forward between P2P Inks on the same rterface OK

Each unit gets it’s own “Station name”

•If the application requires clients to connect

•If the application has moving clients , and the area

•“ Site to site” or “ building to building” connectivity

WMM - Wireless Multi-media

• QoS for wireless

• Enables “ power-save” features

• Primarily a European Standard

•Implements TPC and DFS (Transmit Power

•Allows 5GHz operation in areas where radar or

•Wireless security standard

•Details WPA 2 encryption method