Académique Documents
Professionnel Documents
Culture Documents
Wireless Connectivity
Solutions (CSBWC v2.0)
Objectives
Upon completion of this session, you will be able to:
Describe the components and functions of Wireless LANs.
Explain Cisco Wireless LAN solutions for Small and Medium
customers.
Identify the main hardware components of the Cisco Small
Business Wireless Product Families.
Solve typical deployment scenarios, common in th e day-to-day
operations.
Course Introduction
ICND1 v1.03
Course Objective
Provide the knowledge and skills set necessary to
understand how to create and implement wireless
networks that are effective and efficient, for Small
and Medium Customers
General Administration
Course-related
Facility-related
Class roster.
Lengths and durations.
Students materials.
Emergency procedures.
Services.
Telephone and Fax.
Agenda
Day 1
A
M
Course Introduction
Product Families for
Wireless Connectivity
Solutions
LUNCH
P
M
Students Presentation
Your name.
Your company.
Job responsibilities.
Skills and knowledge.
Short history.
Objective.
Why Now?
%
Employee
Change
Faster recovery
after dot-com
bust and 9/11
Faster recovery
after recession
5
4
3
2
1
0
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
-1
-2
<500 employees
-3
-4
Harder impact
from recession
Data Source: US Census Data
2009 Cisco Systems, Inc. All rights reserved.
500+ employees
2001
2002
2003
5.0%
4.0%
3.0%
Porcentual Change in
Employment
2.0%
1.0%
0.0%
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
-1.0%
-2.0%
-3.0%
<500 employees
>500 employees
-4.0%
Lower impact
in small
companies
Lower impact
in small
companies
$15.9B
<250 employees
<100 employees
$9.9B
Includes:
Switches LAN, routing,
network security, content
security, voice, storage,
unified communications
and wireless LANs
Why Cisco?
Unique DNA for
small customers
Technology
Reliability
Services
A-la-carte solutions
VARs
Network as
a platform
IT as a service
Value
Easy to use
Products
Commercialization channel
2009 Cisco Systems, Inc. All rights reserved.
Service
and
Support
Distribution
Partners
Productivity
Resources
Profitable
programs
2009 Cisco Systems, Inc. All rights reserved.
Marketing and
Demand
Generation
Association
with Cisco
Differentiation
Wide portfolio
of products
and solutions
Whole Offer
DISTRIBUTION VALUE ADD:
Busines Planning, Cisco Relations, Pre-post Sales, Marketing,
Training, Demo Kits, Professional Services, Information, etc.
TMM/ ICAM
PDF/UC 2/3/8%
Select JMF
OIP / PDR 6%
Registered Brand
Select Brand
Unregistered
2009 Cisco Systems, Inc. All rights reserved.
Quarterly Payments
- PDF makes quarterly payments to qualified partners for their purchases
on Cisco Small Business and Cisco Commercial products
-Provides a roadmap specifically design to benefit the partners, based on
their level of Cisco education an certification
For Registered
partners,non specialized,
non certified
SB PDF Cash
Back Basic
The SB Market
The SB Challenge
Security?
Resources?
Expansion?
Flexibility?
Productivity?
Oh,
and I need
to buy my
wifes
bithday
card!!!
Disaster Recovery?
Customer
Service?
Competitive
Pressure
Solution:
Minor Total Cost
Better response to
customers
Less time to market
Main Concerns
Securing Business
Assets
Solution:
Self Defending Network
Investment
Protection
Solution:
Leverage of prior
investment
Easy to migrate
Allows future growth
Operational
Efficiency
Solution:
Smart, simple, secure
infrastructure
Integrated applications
Higher productivity
Recommendations
Understand your customer and the business
If you understand their business problems, you can identify the
product features that will change it
Diagnose before you propose
Listen and qualify, and be patient; if you talk too soon, you might end
up loosing your customer attention and finishing the conversation
Find your customer's need, their driver and main concern, and
build a value proposition accordingly
Without this, the customer has the option to do nothing
The higher the value, the faster the customer will buy, and will be
less prone to asking for discounts
Wireless Networks
Challenges and Opportunities
Implementing Internet
access as a service for hosts
in their rooms and common
areas, swiming pool, lobby,
etc is very demanding
specifically when we talk
about structured cabling.
2009 Cisco Systems, Inc. All rights reserved.
The Solution
Value Proposition
Standard
Wi-Fi alliance
Is a nonprofit international association formed in 1999, with Cisco
as a founding member.
Certifies interoperability of WLAN products based on the IEEE
802.11 specification.
Certifies interoperability between wireless products of all vendors.
Certifies all compliant devices with the Wi-Fi brand.
Non-licensed bands
Advantages:
Facilitates and simplifies network deployment and operation.
Eliminates the need for administrative paperwork with
regulatory organisms for tits operation.
Lowers equipment costs.
Higher availability of products and options.
Disadvantages:
No exclusivity in the use of the frequency bands.
The same frequency bands are used by other developments:
Bluetooth, wireless phones, etc.
Unified Services
With the definition of extended security and quality of service in
wireless networks, there is now a possibility to develop unified
networks in which services are provided transparantly for the end
user, no matter if the network is wired or wireless.
Access security.
Authentication, encryption and integrity.
IPSec VPNs.
Quality of service and traffic prioritization.
This has made possible the extension of the wireless network, not
only to secure networks, but to IP Telephony, video over IP, music,
etc.
802.11
Standard technology for interconnecting networks wirelessly, defined
by the IEEE
Uses low power frequency bands, unlicensed.
Defines both the physical and the data link layers.
Allows the operation of multiple protocols at the network
layer.
Provides bridging mechanisms to operate as an extension
to Ethernet networks.
To identify end devices at the layer 2, uses MAC addresses,
48 bits long.
Provides different ways for interconnecting devices.
802.11 Architectures
Provides different network architecutres:
ad-hoc systems.
Infrastructure systems.
Basic
Extended
Wireless mesh (802.11s).
Bridged links.
Point-to-point bridging.
Point-to-multippoint bridging.
802.11Architectures
ad-hoc systems
802.11 Architectures
Basic Infrastructure
802.11Architectures
Extended Infrastructures
802.11Architectures
Wireless Mesh
802.11 Architectures
Bridged Links
Physical Layer
2.4 2.4835
2.4 2.4835
GHZ
GHZ
802.11b and g
802.11b and g
X Ray
Ultraviolet
Visible Light
infrared
High Frequency
Medium
Frequency
Low
Frequency
Frequency
5.150 a 5.825
5.150 a 5.825
GHZ
GHZ
802.11a
802.11a
Regulatory Organisms
The use of unlicensed frequencies depends on the approval from
regulatory agencies in each country.
Some regulatory agencias and other known organisms are:
The FCC as regulatory entity for USA.
The ETSI as regulatory entity for Europe.
The IEEE defines the standard 802.11 as part of the
networking standards grouped as IEEE 802.
The Wi-Fi alliance certified interoperability for devices from
different vendors.
IEEE Standards
IEEE 802.11b
2.4 GHz
IEEE 802.11g
2.4 GHz
IEEE 802.11a
5 GHz
IEEE 802.11n
2.4 / 5 GHz
Ratified on
1999
2003
1999
2009
Frequency
2.4 GHz.
2.4 GHz.
5 GHz.
2.4 or
5 GHz.
Possible
Channels
12 / 23
N/A
DSSS
DSSS
OFDM
OFDM
MIMO
DSSS
OFDM
Transmission
Rate. (Mbps)
1, 2, 5.5 and 11
1, 2, 5.5 y 11
6, 9 , 12, 18,
24, 36, 48 and
54
6, 9, 12, 18,
24, 36, 48 and
54
Up to 600
Mbps.
Throughput max.
6 Mbps.
22 Mbps.
28 Mbps.
Transmission
The Cell
When we start an access point, there is an
area of coverage that is generatet, in which
we can receive the radion frequency signal
transmitted by the cel, with a power enough
to establish a link between the AP and a
client. This is known as the CELL.
The Cell
The size of the 802.11 cell depends of:
The APs transmission power.
This power is limited by local regulations for the RF usage.
Interference in the air.
Is variable, and in some cases might be mitigated or avoided.
Sensitivity of the receiving client.
Is a technical parameter provided by the manufacturer.
Repeaters
Are access points that repete the APs signal, with the objective to
extend the coverage area.
This is NOT a solution described in the standard.
By extending the cell, the same bandwidth is being provided,
now for more users.
Reduces the performance in 50%.
Transmission Rates
IEEE 802.11 networks have a variable transmission rate:
Directly depends on the type of modulation (DSSS or OFDM)
and coding (BPSK, QPSK, QAM) used.
The better the signal quality, the more complex the coding
mechanism, and so, the higher the transmission rate.
As the signal degrades when we get away from the
transmitter, the transmission rate is reduced while we go away
from it.
The transmission rate is dynamically negotiated between the
transmitter and receivers, and varies, but this negotiation is
transparent for the end user.
Transmission Rates
The transmission rate depends on the location of the wireless
client, with respect to the AP:
The highest the transmission rates, the more power they need in order
to get to the receiver. When a client goes far from the AP, the
transmission rate decreases.
Wireless clients always try to communicate at the highest transmission
rate possible.
The client will reduce the transmission rate only if it reports errors and
transmission re-tries.
Transmission Rates
Comparing coverage radios for Aps working at the different
standars, in office environments, obstacle-free:
16 m.
33 m.
50 m.
66 m.
83 m.
100 m.
116 m.
Channel Definition
IEEE 802.11 defines the use of 22 MHz channels for the
establishment of the links:
FCC defines for USA 11 22 Mhz. Channels, numbered from 1 to 6.
ETSI defines for Europe 13 22 Mhz. Channels.
Each channel is identified by the frequency inside of it.
The begining of every channel is separated by 5 Mhz.
Consequently, consecutive channels are overlapped, and can
generate interference over each other.
The design recommendation is that when you install more than 1 AP, 4
channels are not used between the channels the different APs use.
This measure reduces interference and therefore optimizes the
throughput available in each cell.
2009 Cisco Systems, Inc. All rights reserved.
Frequency
USA
Argentina
Europe
Asia
Japan
10
11
12
---
13
---
14
---
---
Channel Reuse
In order to be able to enjoy the bigger throughput available,
adjacent cells should use non-overlapping channels. This way,
initially, we could only generate 3 cells.
However, while 2 adjacent cells do not use the same channel, the
same efficiency and optimization criteria is used.
Locating the cells in a well design way, we can reuse the 3
channels non stop, without generating interference
66
66
11
11
11
11
11
11
66
11
11
2009 Cisco Systems, Inc. All rights reserved.
66
11
66
11
11
11
11
AP
802.11g
Cliente 802.11 b
Cliente 802.11 g
Basic elements
2 basic resources provided in the standard:
SSID.
To start the association process, and being able to have netowrk
access, client and APs should use the same SSID.
We can eliminate the broadcasting of the SSID by the AP.
MAC address authentication.
The standard considers that the AP, when going through the
authentication process, filters clients based on their MAC address,
permitting or denying specific MAC addresses.
Even though those are valid resources, they are not enough to
respond to security requirements today.
Security elements
In order to provide minimum levesls of security, there is the need
for 2 additional components:
Authentication.
Mechanism that defines who has access to what resources in the
network.
Encryption.
Technique used to provide privacy to the information transmitted,
so that only authorized end points will be able to have access to
the information.
In the case of wireless networks, the authentication without
encryption leaves the information totally exposed.
802.11 Authentication
IEEE 802.11 provides 2 mechamisms for authenticating WLAN clients:
Open Authentication.
Shared Key Authentication.
Authentication is one of the phases of the integration of a client into a
WLAN cell:
1. Connection request
2. Beacon
3. Authentication Request
4. Authentication Acceptance
5. Association Request
6. Association Acceptance
7. Data Transfer
WEP
Wired Equivalent Privacy.
Security mechanism originally provided with IEEE 802.11,
Uses 64 bits (40 bits for the Key + 24 bits for VI) or 128 bits (104
bits for the key + 24 bits for VI).
Keys are configured statically in the client and in the access
point.
Designed for initial applications, and is ideal for devices with
lower processing capacities:
Very simple to deploy.
Low overhead.
Security Schemes
Standard
WEP
Key
Distribution
Device
Authentication?
Users
Authentication?
Encryption
Yes (weak)
No
Yes (weak)
PSK: Static
Yes
Pre-Shared-Key
TKIP
Ent.: Dynamic
Yes
802.1x
TKIP
PSK: Static
Yes
Pre-Shared-Key
AES
Ent.: Dynamic
Yes
802.1x
AES
Static
WPA
WPA2
IEEE 802.11i
Security Schemes
IEEE 802.11 includes its own security scheme or framework:
Encryption to provide privacy to the communication:
WEP.
Authentication to control access to network resources.
Open authentication.
Authentication via pre-shared keys.
Extended security for IEEE 802.11 networks.
WPA.
WPA2 IEEE 802.11i.
Considerations: WEP
Easy to implement and does not require high levels of
processing.
Does not scale well.
The cyphering mechanism has been violated.
Particularly weak when implementing both encryption and
authentication.
Not recommended for enterprise environments.
Usable in environments that do not require robust privacy,
when there is a need to limit access to the network.
Use it with open authentication.
Implement 128 bits keys.
Combine it with other resources, as not
broadcasting the SSID.
2009 Cisco Systems, Inc. All rights reserved.
Considerations: WPA
Is not an standard, but a model proposed by the WiFi
alliance.
Easy to implement and does not require high processing.
Scalable.
Has a relatively robust encryption mechanism (RC4).
Two ways to deplyo:
Enterprise: with IEEE 802.1x authentication.
SOHO: with PSK authentication.
Provides a robust security scheme.
Usable in deployments with medium security needs.
Considerations: WPA2
SOHO / Enterprise
WPA and WPA2 provide 2 ways to deploy:
Enterprise.
Deploys user authentication by the use of 802.1x.
Requires the implementation of a RADIUS server on
the network.
Highly scalable and provides very robust encryption.
SOHO.
Facilitates the implementation in reduced
environments, without the need for a RADIUS server.
Uses Pre Shared Keys.
Is less robust.
IEEE 802.11n
Outdoor
WAP200E
Indoor
WAP200
WET200
WAP2000
WAP4400N
WAP4410N
Feature comparison
Product
WAP200
WAP200E
WET200
WAP2000
WAP4400N
WAP4410N
Speed
10/100
10/100
10/100
10/100
10/100/1000
10/100/1000
Type
802.11g
802.11g
802.11g
802.11g
802.11g/n
802.11g/n
POE
Yes
Yes
Yes
Yes
Yes
Yes
Multiple BSSIDs
No
Multiple SSIDs
No
# Ports
802.1q
Yes
Yes
Yes
Yes
No
No
Removable Antennas
Yes
R N-Type
Yes
Yes
Yes
Yes
AP/Client
(Wireless Security
Monitor)
Yes
Yes
Yes
Yes
Yes
Yes
AP,
Repeater,
Bridge
AP,
Repeater,
Bridge
Bridge
AP,
Repeater,
Bridge
AP Only
AP,
Repeater,
Bridge
Yes
Yes
Yes
Yes
Yes
Yes
Multiple Modes
VLAN
Automatic Channel
Selection
Features: Power
Cisco Small Business solutions are ideal for small and medium
customers.
They are designed specifically for SB customers and offer
advanced features, typically found on enterprise solutions, such as:
PoE.
Power can be provided from a LAN PoE switch port.
Allows the installation of APs flexibly, on optimal locations
U-APSD.
Optimizes the use of power coming from Wi-Fi phones
batteries.
Features: Performance
Roaming 802.11f.
Standard roaming feature for several manufacturers. Offers mobility for
wireless clients.
Automatic radio frequency channel selection.
Selects the optimal channel for the best performance.
Rangebooster 1x2.
increases (deploying MIMO) up to 2 times the coverage range for cells in
802.11g networks.
Wireless n - 2x3 in WAP4400N and WAP 4410N.
Increases the range on 802.11g networks, up to 4 times, and the
throughput up to 9 times.
SNMP.
Allows management form a SNMP manager station.
Gigabit Interface on WAP4400N and WAP4410N.
High performance.
2009 Cisco Systems, Inc. All rights reserved.
Features: Security
Multiple SSIDs (4).
Each SSID creates a wireless network or different VLAN, making
it possible to separate the traffic on the air.
Multiple BSSIDs (4).
Advertises multiple SSIDs.
VLANs 802.1Q.
Multiple VLANs allow the separation of traffic that was separated
in the air via SSIDs, now on the LAN network.
WPA/WPA2 Enterprise.
Secure authentication, centralized, implementing RADIUS
servers.
New client detection or New AP detection - Wireless Security
Monitor.
Features: QoS
Wireless Clients
WPC200
WUSB200
WMP200
WPC4400N
2009 Cisco Systems, Inc. All rights reserved.
WPC200
WMP200
WUSB200
WPC4400N
Type
802.11g
802.11g
802.11g
802.11g/n
MIMO
1x2
1x2
1x2
2x3
Wireless support
Yes
Yes
Yes
Yes
802.1x
Yes
Yes
Yes
Yes
WEP
Yes
Yes
Yes
Yes
WPA
Yes
Yes
Yes
Yes
WPA2
Yes
Yes
Yes
Yes
802.11n / 802.11g
Range and Speed comparison
IEEE 802.11n
IEEE 802.11g
Access Point
Mode
Repeater
Mode
Bridge mode
Bridge mode
Scenario 1:
Scenario 2:
Scenario 3:
Scenario 4:
Deployment Scenarios
Our Scenario
The lawyers firm ABCLaw, our customer, wants to implement a
wireless network in which personnel at the office can use, without
the need for cables. considerations:
Initial Proposal
VLAN20: WLAN
F0/0
Auxiliaries
G1
G2
G1
G2
VLAN20: 172.16.20.0/24
Office
Lawyers
Lawyers
Server
Auxiliaries
Auxiliary
Server
Office
Initial proposal
Solutions:
Limitations
Relevant Concepts:
Broadcasting the SSID.
WEP
Enhanced proposal 1
SSID: lawyers.
VLAN21: 172.16.21.0/24
Security: WPA2-PSK.
VLAN21: 172.16.21.0/24
F0/0
E24
G1
G2
G1
G2
Lawyers
Office
Initial Proposal
Solutions:
Limitations:
Relevant Concepts:
WAP2-PSK.
Enhanced proposal 2
SSID: Visitors.
VLAN22: 172.16.22.0/24
Encryption WEP-64.
E24
F0/0
G1
G2
G1
G2
Lawyers
server
Lawyers
VLAN22: 172.16.22.0/24
Office
Visitors
Initial proposal
Solutions:
Traffic from visitors will remain separate from the rest of the
office.
WEP encryption makes sure that only those with the correct
key have access to the network.
Limitations:
Relevant Concepts:
WEP encryption.
Summary
The main aspects covered in this sessions were:
The business requirements and objectives of a SB customer.
The main components and functions of a wireless network
Products and solutions to create wireless connectivity for SB
customers
The main hardware components of the Cisco Small Business
producto families
Typical scenarios in the day-to-day operations.