Wireless networks are becoming more popular in smaller
companies, but how can enterprises overcome the implementation
challenges? Danny Bradbury reports.
For an industry that has historically concentrated on staying
connected, it is ironic that the focus today is on removing
physical links altogether. The wireless networking community is now
preoccupied with cutting the cables. The benefits for home and
business users are clear. But the bigger the company and the more
complex its infrastructure, the more challenges it has to overcome
before it can enjoy those benefits.
Hotdesking is one way of maximising the return on investment of a
wireless Lan. Companies with many mobile staff such as salespeople
who return to the office sporadically, or who move between offices,
will find WLans useful because they can minimise the fixed network
resources that they need to provide for employees. It is easier to
provide desks for occasional use in a cost-effective way when you
do not have to cable them together for network use.
But connecting buildings together, rather than the people in them,
is the clearest example of an enterprise-specific application for
WLans. Companies such as Proxim are providing wireless bridges
designed to work between buildings in a campus environment. Ian
Shepherd, solutions manager at networking consultancy Telindus, has
installed a number of WLans for corporate clients. He says although
there are alternative means of wireless inter-building
communication such as microwave links, 802.11 or higher-speed
Hiperlan2 connections are cheaper. You do not need a licence for a
WLan link, he says, whereas microwave bands require
registration.
However, there are some downsides to inter-building WLan bridges.
Frequency hopping throughout the 2.4GHz or 5GHz bandwidths used by
modern WLan systems can cause collisions. This will not be a
problem if two buildings are communicating with each other in an
unpolluted range of frequencies, but if WLan bridges are in a
densely populated corporate area or campus environment, more
collisions could occur. The 2.4GHz frequency is notoriously crowded
with signals from other devices anyway, which is a problem you
would not get using a microwave system.
Wireless bridges are still rare, and the bandwidth problem becomes
more pronounced behind the bridge where numerous clients are
sharing a single access point, says Martin Cassidy, regional
vice-president and general manager at WLan gateway supplier
BlueSocket. The shared nature of the medium, combined with its
Carrier Sense Multiple Access/Collision Detection-like method of
handling packet collisions, means that the true bandwidth on an
11megabit per second network is more like half that, he
explains.
Using Wired Equivalent Privacy (Wep) encryption - the most basic
encryption mechanism for WLans, which is relatively easy to break -
also reduces the network's throughput. With many companies rolling
out 100mbps links to the desktop, this could have significant
ramifications for an employee's experience on the network.
Videoconferencing, internet protocol telephony or applications that
require fast network access, such as call centre contact
management, could all suffer as a result. Allocating different
frequencies in the local WLan spectrum to different clients is one
solution, but this creates its own problems. Different frequencies
react differently to furniture and building elements such as walls,
which is why client devices need to frequency hop.
This problem will be at least partially alleviated by the
introduction of higher-bandwidth access points. The European
Telecommunications Standards Institute-approved Hiperlan2 standard
is one option, although the Institute of Electrical and Electronics
Engineers, which manages WLan standards, is hoping to approve an
extension to the base 802.11b standard in June. The extension,
called 802.11g, will extend the current 11mbps data rate to 54mbps.
The advantage is that users will be able to function at a higher
bandwidth without moving to the 5GHz frequency required by the
alternative high-bandwidth 802.11a standard.
The obvious answer to this problem is to put more access points in
the organisation so that the number of users per access point is
reduced. This is fine in principle, but it creates its own
management problems. Martin Cook, marketing development manager at
Cisco, recognises the problem. "Before, if you were using basic
access points, it was manageable. You could telnet in or use a web
interface on a one-to-one basis. But we are now seeing WLans with
several hundred or several thousand access points," he says. This
not only draws on the network manager's time but also creates
problems ensuring that policies are completely coherent throughout
the infrastructure.
Cisco has been adding WLan access point management into its
existing network management tools family. Its Ciscoworks Wireless
Lan Solution Engine uses template-based configuration in
conjunction with hierarchical grouping to help to apply policies to
sets of WLan servers. If, for example, the accounts department has
different management needs from the marketing team, the access
point policies can be set accordingly. The tool also includes
monitoring and performance alerting capabilities. It is also
necessary to standardise client-side configuration, says Cook,
adding that the standards bodies responsible are not addressing
such issues. Consequently, implementation is up to
manufacturers.
At least the development of the 802.1x protocol has helped to
address some of the digital key management problems that plagued
Wep. Wep keys had to be changed manually on client machines, making
it difficult to scale security systems based on this technology.
Apart from increased security, 802.1x also offers administrators
the ability to securely update keys across the network, making the
process less time consuming. It makes enterprise-level
implementation more likely, because companies can make their data
more secure. But other problems remain. In particular, inter-subnet
roaming is a challenge.
Cassidy says that in a wired building you would probably have a
subnet per floor, especially given the range of most wireless
access points. You would get an address from the floor you are on,
or from a central Dynamic Host Configuration Protocol (DHCP)
server. The problem happens when you move between floors (and
therefore between subnets); the new wireless access point would not
know you, so you would have to re-establish your connection. "It is
not elegant. If you are on Outlook e-mail, for example, it would
take a while for you to notice it has stopped sending and
receiving," he says. "You need to be able to hold the IP
address."
This may be true in theory, but in practice most people do not work
in this way. Because DHCP servers can be set to issue a short-term
lease, you simply reconnect when you move to a new subnet, says
Shepherd.
Claus Bjoernsten, regional mobile platforms manager at Intel, says
people mostly use WLan facilities when they are at a desk, making
the idea of losing a connection en route to a desk less
relevant.
There are some applications where disconnections during roaming
could present a problem, however. Using a wireless device for IP
telephony purposes would not be satisfactory if you lost your
connection while walking down the corridor. With companies such as
Cisco releasing wireless IP phones, this could become more
significant for customers over time.
Many suppliers are implementing their own solutions. BlueSocket
holds the IP address of a client across subnets using its own
gateway device, which enables it to maintain session state. Cisco
takes another approach, according to Cook, using its Proxy Mobile
IP technology. This takes the task of IP configuration away from
the mobile client, instead letting access points act as proxies. An
authoritative access point co-ordinates the whole process,
including the management of the mobile client's IP address by other
subnets' access points.
Wireless networks are slowly moving from the small office, home
office and small- and medium-sized enterprise market to the larger
corporate space. As the benefits of such implementations become
clear, enterprise IT departments will overcome the challenges
detailed here, probably using third-party solutions from companies
such as BlueSocket to complement their wireless
infrastructure.
The main factor that will slow down adoption, other than a flat
economy, is the extensive cabling infrastructure in most offices.
Because many buildings are already crammed with cabling, companies
will be less motivated to spend thousands of pounds on wireless
access points and associated infrastructure. The growth curve will
be slower than some suppliers might hope, but it will nevertheless
happen over the next few years. Intel's global wireless network
stemmed from a drive for a more mobile, notebook-based workforce.
After standardising its PC purchasing operation in 1995, the
company noticed a lower total cost of ownership for notebook-based
workers, who used their PCs for two or three hours more every week
than their desktop-based counterparts. The company therefore
increased the number of notebooks as a percentage of all PCs from
20% to more than 60%.
To support the move, Intel piloted a WLan in 2001 and is
implementing a global mobile network encompassing wireless Lans and
public wireless hot spots with virtual private network-enabled
clients. This year will see it deploy 802.11b access points and
cards across the company, but it hopes to move to a higher-speed
standard in time. It has chosen not to use the alternative 802.11g
standard when it is ratified because it operates in the same
crowded 2.4GHz spectrum as 802.11b. Instead, it will gradually
migrate to dual-band 802.11b and 802.11a devices next year.
Unlike Novell, the company will not allow open access to the
wireless network. Instead, it will handle security by using
specific service set identifiers in its wireless access points,
along with machine address code authentication for clients and VPN
software. When the 802.11i security standard is ratified later this
year, the company will implement that to provide extra network
security.
Reasons to be wireless
- Increased mobility makes hotdesking easier
- The emergence of high-bandwidth standards makes wireless Lans
more attractive than before
- The rise of public hotspots means that you can extend your
wireless Lan outside the enterprise using the same client hardware
and software
- Wireless IP phones can increase employee productivity while
lowering costs
- Suppliers are introducing management software to make
enterprise wireless management easier.
Supplier trends
Suppliers are doing their best to accelerate the adoption of
WLans. Intel, (which recently teamed up with Marriott to offer WLan
access at its hotels) is launching the Centrino low-power processor
with built-in Wi-Fi capabilities. Cisco is licensing its security
and management software under the "Cisco Compatible" programme to
help chip makers and other third parties make their wireless
implementations compatible. Meanwhile, many suppliers began
interoperability testing last month on the Wi-Fi Protected Access
(WPA) standard, which promises enhanced security for the 802.11b
protocol. WPA will be superceded by the 802.11i security standard,
due for ratification later this year.
Novell's wireless network
Novell executives waiting for their jets at the airport hangar
in Provo, Utah, can surf and gather e-mail using a wireless
network. The WLan connects via a wireless network bridge to a
larger WLan at the company's headquarters a few kilometres away.
This is just one Lan in a network of wireless Lans spanning Novell
offices across the world. In total, 6,000 devices including laptops
and personal digital assistants connect to 500 access points in the
global infrastructure.
John Adey, regional chief information officer for Novell,
explains that certain groups, such as developers, have not yet
migrated to the 802.11b network because of bandwidth
considerations. Nevertheless, 80% to 90% of staff use laptops, he
says, and all notebooks purchased now include a wireless option.
The firm handled roaming by putting each office on its own subnet,
while the management overhead was circumvented by doing away with
Wired Equivalent Privacy encryption altogether. The technical team
responsible for rolling out the network minimised the associated
security risk by restricting access to the internal company network
through a browser-based portal, managed by its iChain security
product. Neither machine address code authentication or encryption
are used on the open network, so that any wireless user coming into
contact with the network can surf the internet on it.
Although many offices have structured cabling, newer ones in
Japan are completely wireless. As more of these offices are
established, the cost benefits will become clearer, says Adey.
Moving to a wireless office has reduced networking costs to roughly
$30,000 (£19,000) from an average of $250,000. "If we move out of
one office to another one, we can take most of the kit with us," he
says.