wireless networking n.
Skip this Video
Loading SlideShow in 5 Seconds..
Wireless Networking PowerPoint Presentation
Download Presentation
Wireless Networking

Loading in 2 Seconds...

play fullscreen
1 / 20

Wireless Networking - PowerPoint PPT Presentation

  • Uploaded on

Wireless Networking. TGIF, April 18th, 2003 Alvin Chew ( alchew@stanford.edu ) Kent Reuber (reuber@stanford.edu). Outline. Wireless technology overview ITSS Wireless Net Department wireless nets Home wireless nets Questions. Wireless Technology Overview. Why Wireless?.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Wireless Networking

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. Wireless Networking TGIF, April 18th, 2003 Alvin Chew (alchew@stanford.edu) Kent Reuber (reuber@stanford.edu)

    2. Outline • Wireless technology overview • ITSS Wireless Net • Department wireless nets • Home wireless nets • Questions

    3. Wireless Technology Overview

    4. Why Wireless? • (+) No wires. Convenience, flexible. But… • (-) Relatively slow speeds, typically 5 Mbps with 802.11b. Nowhere near the 100 Mbps of typical wired connection. • (-) Wireless access points are hubs, not switches. Bandwidth is shared among wireless users. Think of it as phone party lines. • (-) Data is freely available “in the air”. • Traffic is easily sniffed. • Data is not encrypted unless the protocol is encrypted (e.g., SSL and Kerberos). • Stanford does not use WEP, because it can be cracked.

    5. Wireless Terms • Access Point (or AP): device that sends and receives wireless signals. Usually directly connected to the wired net. • ITSS uses Cisco Aironet 350 AP’s. • SSID: the network name that Access Points broadcast. • ITSS uses “Stanford”. • Departments and home users may want to use other names. • Users can roam between access points with the same SSID. • Channel: radio frequency used by AP’s. • AP’s near one another should use different channels to minimize noise. • 802.11b: Channels 1, 6, and 11 don’t overlap. Channels 1, 4, 8, and 11 have only a little bit of overlap

    6. Wireless “Alphabet Soup” • 802.11b: • Most common wireless protocol. Uses 2.4GHz frequency, with 11 Mbps bandwidth. (5 Mbps is more typical). ITSS wireless net and most other campus wireless is based on this. • 802.11a: • Uses 5.5GHz range, 54 Mbps bandwidth (~20 Mbps is typical performance). Produces to much radio power to be certified in medical areas. Unlikely to become a standard at Stanford. • 802.11g: • Uses 2.4GHz band and is compatible with 802.11b. Also 54 Mbps bandwidth (~20 Mbps typical). An emerging standard, but likely to grow in the future.

    7. ITSS Wireless Net

    8. ITSS Wireless NetOverview • Coverage map at http://wirelessnet.stanford.edu • Wireless net uses separate physical and logical network. (Separate switches, fiber, and address space.) • Prevents layer 2 attacks (e.g., broadcasts, IP/MAC spoofing) on wired net • Prevents wired broadcasts/multicasts from saturating wireless bandwidth • Don’t have to dedicate department roaming IP’s for wireless users • You still have to register wireless cards in NetDB. • provide the hardware address of the wireless card • enable “DHCP” and “roaming”. • Wireless card recommendations • Recommend Cisco and Apple cards which are available at the Bookstore. • Any “WiFi” certified card should work.

    9. ITSS Wireless NetSecurity • Wireless networks are inherently insecure • Even with encryption, the data between client and AP’s are available for anyone to capture. • Most corporate wireless nets lie outside of firewalls. • ITSS Wireless doesn’t use WEP • Consumes client resources • Well-known security vulnerabilities • Other methods of wireless encryption are vendor-specific. • Stanford uses wireless authentication to protect campus resources.

    10. ITSS Wireless NetAuthentication • Protects the institution, not the user • S/ident integration • If you have PC/Mac-Leland, you’re all set • First net activity should bring up PC/Mac-Leland automatically • Web-based authentication backup • First web page you get is the authentication page • Automatically redirects you to your requested page after login • Future Guest Login feature • Any SUNet ID user will be able to sponsor a guest wireless account

    11. Department Wireless

    12. My Department Wants Wireless! • Net-to-jack clients are eligible for 1 AP for every 16 wired ports. • “Wireless net-to-jack”: For non-net-to-jack clients, ITSS will do a survey, install, monitor, maintain, and upgrade your wireless network. Price is $31/month per AP. • Or….

    13. Do-It-Yourself Options • Option 1: ITSS can place a “wireless entrance” switch in your building and that carries the ITSS Wireless net. • Option 2: Departments can put their wireless devices on their existing building net. • Both options require departments to purchase AP’s and switches. ITSS can recommend equipment, but departments will need to do their own survey and place access points.

    14. Department Wireless Setup • ITSS Wireless net always uses “Stanford” as the SSID. • AP’s plugged into the building net shouldn’t use “Stanford” • This has caused problems when users roam between access points. • Putting the department/group/lab name as the SSID makes it clear to users who to call in case of trouble.

    15. Recommended Cards and AP’s • 802.11b cards: • Apple Airport card, Cisco Aironet 350 PC Card • In principle, any card that adhere to the “WiFi” certification should work. • Access Points: • Cisco Aironet 350 AP’s for departments.

    16. Home Wireless Nets

    17. Keeping Your Neighbors Out • The range of wireless means that it’s very possible that your neighbors can use your wireless net too. And see all your traffic… • Precautions: • Most AP’s have MAC address filters so that only specific cards can associate. This is the most important thing to enable! • Most AP’s can also be set to not broadcast the SSID. (e.g., Apple Airports call this “Create a closed network”) That way, people have to know the name of your network in order to join. • Definitely want to use encrypted protocols whenever possible. • If available, consider turning down the power of your AP to restrict the range.

    18. Setup 1: Stanford DSL and Stanford West • In both cases, you can request multiple IP addresses for home machines. You don’t need a DSL router. • We suggest that you purchase access points that do “bridging”, where traffic is simply forwarded between the wired and wireless sides of the access point without alteration. • Examples: Cisco Aironet 350, Linksys WAP11, Apple Airport. • We’ve seen a number of people on the campus or Stanford West who have installed Airport base stations with DHCP enabled on the Ethernet side, disrupting DHCP service. • Breaks DHCP for other users. • We shut down their connections…

    19. Setup 2: Non-Stanford DSL or Cable Modem • In many cases, you only get one IP address. • Network Address Translation (NAT -- often provided by “DSL/wireless routers”) can be used to hide a network behind a single IP address: • Some wireless units do this by default. E.g., Apple Airport. • Note that NAT disrupts some Stanford services, especially WebAuth. • Also interferes with some VPN setups.

    20. Questions???