1 / 30

Wireless

Wireless. Wireless Infrastructures. Wireless Infrastructures. Wireless LAN Predominantly 802.11 IEEE 802.11 A, B, G, N Wireless MAN WiMax 802.16 and its derivatives 802.16-2001 Fixed Broadband Wireless Access (10–63 GHz)

ledell
Download Presentation

Wireless

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Wireless Wireless Infrastructures

  2. Wireless Infrastructures • Wireless LAN • Predominantly 802.11 • IEEE 802.11 A, B, G, N • Wireless MAN • WiMax • 802.16 and its derivatives • 802.16-2001 Fixed Broadband Wireless Access (10–63 GHz) • Current : P802.16m Advanced Air Interface with data rates of 100 Mbit/s mobile & 1 Gbit/s fixed

  3. Bluetooth • 802.15 assortments • 802.15.1 WPAN (Wireless Personal Area Networks) • IEEE 802.15.2-2003 • coexistence of wireless personal area networks (WPAN) with other wireless devices operating in unlicensed frequency bands such as wireless local area networks (WLAN). • 802.15.2, • 802.15.3-2003 is a MAC and PHY standard for high-rate (11 to 55 Mbit/s) WPANs • 802.14.4 (Low Rate WPAN) ZigBee • 802.15.5 • Mesh networking of WPAN • 802.16.6 (medical purposes) • Body Area Network Technologies. The goal is a low-power and low-frequency short-range wireless standard

  4. Similarities Between WLAN and LAN • A wireless LAN is an IEEE 802 LAN. • Transmits data using RF carriers vs. data over the wire • Looks like a wired network to the user • Defines physical and data link layer • Uses MAC addresses • The same protocols/applications run over both WLANs and LANs. • IP (network layer) • IPSec VPNs (IP-based) • Web, FTP, SNMP (applications)

  5. 54 Mbps Speed 860 Kbps 1 and 2 Mbps 1 and 2 Mbps 11 Mbps Standards-based Network Proprietary 5 GHz Radio 900 MHz 2.4 GHz 2.4 GHz 1986 1998 2000 2003 1988 1990 1992 1994 1996 Current Standards – 802.11a,b,g, n • 802.11a • Up to 54 Mbps • 5 GHz • Not compatible with either 802.11b or 802.11g • 802.11b • Up to 11 Mbps • 2.4 GHz • 802.11g • Up to 54 Mbps • 2.4 GHz • 802.11n, the newest protocol, utilizes both 2.4-GHz and 5-GHz bands. • Datarate varying from 15 -150 Mbps)[ 802.11 Ratified 802.11a,b Ratified 802.11g Ratified • IEEE 802.11Begins Drafting 802.11g is backwards compatible with 802.11b 802.11n is backward compatible with existing 802.11a/b/g

  6. Radio Frequency Issues • As signal strength decreases, so will the transmission rate. • An 802.11b client’s speed may drop from 11 Mbps to 5.5 Mbps, to 2 Mbps, or even 1 Mbps. • This can all be associated with a combination of factors including: • Distance • Line of Sight • Obstructions • Reflection • Multpath Reflection • Refraction (partially blocked by obstruction) • Diffraction (bending of signal) • Noise and Interference

  7. Wireless Access Points • An access point (AP) is a WLAN device that can act as the center point of a stand-alone wireless network. • An AP can also be used as the connection point between wireless and wired networks. • In large installations, the roaming functionality provided by multiple APs allows wireless users to move freely throughout the facility, while maintaining seamless, uninterrupted access to the network.

  8. Wireless Bridges • The bridges connect hard-to-wire sites, noncontiguous floors, satellite offices, school or corporate campus settings, temporary networks, and warehouses. • Example: The Cisco Aironet 1300 Series Wireless Bridge is designed to connect two or more networks that are typically located in different buildings. • They can be configured for point-to-point or point-to-multipoint applications.

  9. Service Set Identifier (SSID) • SSID is used to logically separate WLANs. • The SSID must match on client and access point. • Access point can broadcast SSID in beacon. • Client can be configured without SSID.

  10. Basic Topologies Basic Infrastructure Topology (BSS) Peer-to-Peer (Ad Hoc) Topology (IBSS) Extended Infrastructure Topology (ESS)

  11. WiFi (802.11) Media Access Control • As all the devices in the network share the same frequency, to a common Access Point (AP) • They cannot all transmit at the same time as their signals will interfere. • Therefore, WiFi networks operate in half-duplex, using an access method similar called CSMA/CA. Access Point

  12. Using Wireless Routers

  13. Local area networks (LAN) 802.11b/g Channels • Adding an AP is also a way to add wireless devices and extend the range of an existing wired system. • If a single cell does not provide enough coverage, any number of cells can be added to extend the range. • It is recommended that adjacent BSS cells have a 10 to 15 percent overlap. 802.11a Channels

  14. Wireless repeater 50% overlap • A wireless repeater is simply an access point that isnotconnected to the wired backbone. • This setup requires a 50% overlap of the AP on the backbone and the wireless repeater. (So they can reach each other). • The user can set up a chain of several repeater access points, however, the throughput for client devices at the end of the repeater chain will be quite low, as each repeater must receive and re-transmit each frame. Not covered by 802.11 standards

  15. Wireless VLAN Deployment

  16. Combined deployment of infrastructure and non-infrastructure devices

  17. Cisco WLAN Implementation • Distributed WLAN solution • Autonomous AP • Wireless LAN Solution Engine (WLSE) • Centralized WLAN solution • Lightweight AP • Wireless LAN Controller (WLC) Cisco offers 2 “flavors” of wireless solutions:

  18. Autonomous WLAN: Autonomous access point Configuration of each access point Independent operation Management via CiscoWorks WLSE and WDS Access point redundancy Lightweight WLAN: Lightweight access point Configuration via Cisco Wireless LAN Controller Dependent on Cisco Wireless LAN Controller Management via Cisco Wireless LAN Controller Cisco Wireless LAN Controller redundancy Comparison of the WLAN Solutions

  19. Why Lightweight APs? • A WLAN controller system is used to create and enforce policies across many different lightweight access points. • With centralized intelligence, functions essential to WLAN operations such as security, mobility, and quality of service (QoS), can be efficiently managed across an entire wireless enterprise. • Splitting functions between the access point and the controller, simplifies management, improves performance, and increases security of large WLANs.

  20. Cisco Centralized WLAN Model • The control traffic between the access point and the controller is encapsulated by Lightweight Access Point Protocol (LWAPP). And encrypted via the Advanced Encryption Standard (AES). • The data traffic between the access point and controller is also encapsulated with LWAPP, but not encrypted.

  21. Layer-2 LWAPP Architecture • Access Points don’t require IP addressing • Controllers need to be on EVERY subnet on which APs reside • L2 LWAPP was the first step in the evolution of the architecture; many current products do not support this functionality

  22. Layer-3 LWAPP Architecture • Access Points require IP addressing • APs can communicate w/ WLC across routed boundaries • L3 LWAPP is more flexible than L2 LWAPP and all products support this LWAPP operational ‘flavor’

  23. Wireless Mesh Networking • Each access point runs the Cisco Adaptive Wireless Path protocol (AWP). • AWP allows access points to communicate with each other to determine the best path back to the wired network. • After the optimal path is established, AWP continues to run in the background to establish alternative routes back to the roof-top access point (RAP) if the topology changes or conditions cause the link strength to diminish.

  24. Wireless LAN Security Threats

  25. Wireless Security Protocols • Today, the standard that should be followed in most enterprise networks is the 802.11i standard. This is similar to the Wi-Fi Alliance WPA2 standard. • For enterprises, WPA2 includes a connection to a Remote Authentication Dial In User Service (RADIUS) database.

  26. Evolution of Wireless LAN Security Initial(1997) Interim(2003) Interim(2001) Present 802.1x EAP Encryption (WEP) Wi-Fi Protected Access (WPA) Wireless IDS • Identification and protection against attacks, DoS • AES strong encryption • Authentication • Dynamic key management • No strong authentication • Static, breakable keys • Not scalable • Dynamic keys • Improved encryption • Userauthentication • 802.1x EAP (LEAP, PEAP) • RADIUS • Standardized • Improved encryption • Strong, user authentication (e.g., LEAP, PEAP, EAP-FAST) IEEE 802.11i WPA2 (2004)

  27. WPA and WPA2 Authentication

  28. WPA and WPA2 Encryption

  29. What are WPA and WPA2? Authentication and encryption standards for Wi-Fi clients and APs 802.1x authentication WPA uses TKIP encryption WPA2 uses AES block cipher encryption Which should I use? Gold, for supporting NIC/OSs Silver, if you have legacy clients Lead, if you absolutely have no other choice. • Gold • WPA2/802.11i • EAP-Fast • AES • Silver • WPA • EAP-Fast • TKIP • Lead • Dynamic WEP • EAP-Fast/LEAP • VLANs + ACLs Wi-Fi Protected Access

  30. WLAN Security Summary Enhanced Security Basic Security 802.1x, TKIP Encryption, Mutual Authentication, Scalable Key Mgmt., Etc. Open Access 40-bit or 128-bit Static WEP Encryption, WPA No Encryption, Basic Authentication Public “Hotspots” Home Use Enterprise VirtualPrivateNetwork (VPN) Business Traveler, Telecommuter Remote Access

More Related