Professional Documents
Culture Documents
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
Objectives
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
Unlicensed Frequency Bands
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4
Radio Frequency Transmission
Higher data rates have a shorter transmission range.
The receiver needs more signal strength and better SNR
to retrieve information.
Higher transmit power results in greater distance.
Higher frequencies allow higher data rates.
Higher frequencies have a shorter transmission range.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5
WLAN Regulation and Standardization
Regulatory agencies
FCC (United States)
ETSI (Europe)
Standardization
IEEE 802.11
http://standards.ieee.org/getieee802/
Certfication of equipment
Wi-Fi Alliance certifies
interoperability between products.
Certifications include 802.11a,
802.11b, 802.11g, dual-band
products, and security testing.
Certified products can be found at
http://www.wi-fi.org.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6
Standards and Implementation Process
Standards Group Industry Group Company
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
802.11b
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
802.11b Standard
Standard was ratified in September 1999
Operates in the 2.4-GHz band
Specifies Direct Sequence Spread Spectrum (DSSS)
Specifies four data rates up to 11 Mbps
1, 2, 5.5, 11 Mbps
Provides specifications for vendor interoperability (over
the air)
Defines basic security, encryption, and authentication for
the wireless link
Is the most commonly deployed wireless LAN standard
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
2.4-GHz Channels
Channel Channel Center Channel Frequency Regulatory Domain
Identifier Frequency Range [MHz]
Americas Europe, Middle Japan
East, and Asia
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10
2.4-GHz Channel Use
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12
802.11b Access Point Coverage
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
802.11a
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14
802.11a Standard
Standard was ratified September 1999
Operates in the 5-GHz band
Uses orthogonal frequency-division multiplexing (OFDM)
Uses eight data rates of up to 54 Mbps
6, 9, 12, 18, 24, 36, 48, 54 Mbps
Has from 12 to 23 nonoverlapping channels (FCC)
Has up to 19 nonoverlapping channels (ETSI)
Regulations different across countries
Transmit (Tx) power control and dynamic frequency
selection required (802.11h)
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15
Understanding the 5 GHz Spectrum
5 GHz 5.15 5.25 5.35 5.470 5.725 5.825
UNII Band
4 Ch 4 Ch 11 Ch 4 Ch
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16
IEEE 802.11h
Spectrum Management
Primary use of 5 GHz bands outdoors is radar in many
countries.
802.11h is an addition to the 802.11 family of standards.
802.11h rules are designed to minimize interference.
Uses Dynamic Frequency Selection (DFS) and Transmit
Power Control (TPC).
Radios must comply to benefit from 11 new channels.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
802.11a Channel Reuse
802.11h DFS not available
Manual channel assignment
required
802.11h DFS implemented
Channel assignment done by
Dynamic Frequency
Selection (DFS)
Only frequency bands can be
selected
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18
802.11g
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19
802.11g Standard
Standard was ratified June 2003
Operates in the 2.4-GHz band as 802.11b
Same three nonoverlapping channels: 1, 6,
11
DSSS (CCK) and OFDM transmission
12 data rates of up to 54 Mbps
1, 2, 5.5, 11 Mbps (DSSS / 802.11b)
6, 9, 12, 18, 24, 36, 48, 54 Mbps (OFDM)
Full backward compatiblity to 802.11b
standard
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20
802.11g Protection Mechanism
Problem: 802.11b stations cannot decode 802.11g radio signals.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21
Self Check
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22
802.11
Standards
Comparison
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23
802.11 RF Comparison
802.11b – 2.4 GHz 802.11g – 2.4 GHz 802.11a – 5 GHz
Most commonly Higher throughput Highest throughput
Pro
deployed WLAN
standard OFDM technology OFDM technology
reduces multipath reduces multipath
issues issues
Provides up to 23
nonoverlapping
channels
Interference and noise Interference and noise Lower market
Con
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24
802.11 Standards Comparison
802.11b 802.11g 802.11a
No of non- 3 3 Up to 23
overlapping
channels
Transmission DSSS DSSS OFDM OFDM
Data rates [Mbps] 1, 2, 5.5, 11 1, 2, 5.5, 11 6, 9, 12, 18, 24, 6, 9, 12, 18, 24,
36, 48, 54 36, 48, 54
Throughput Up to 6 Up to 22 Up to 28
[Mbps]
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25
WLAN Industry Standards
Network Radio Speeds
IEEE 802.11n
Multichannel
Greater Than 100 Mbps
IEEE 802.11g
2.4 GHz—OFDM
Up to 54 Mbps
IEEE 802.11a
5 GHz—OFDM
Up to 54 Mbps
IEEE 802.11b
2.4 GHz—DS
Up to 11 Mbps
IEEE 802.11a/b
Proprietary
Ratified
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26
Range Comparisons
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27
Ratified IEEE 802.11 Standards
802.11: WLAN 1 and 2 Mbps at 2.4 GHz
802.11a: WLAN 54-Mbps at 5 GHz
802.11b: WLAN 11-Mbps at 2.4 GHz
802.11d: Multiple regulatory domains
802.11e: Quality of Service
802.11f: Inter-Access Point Protocol (IAPP)
802.11g: WLAN 54-Mbps at 2.4 GHz
802.11h: Dynamic Frequency Selection (DFS)
Transmit Power Control (TPC) at 5 GHz
802.11i: Security
802.11j: 5-GHz channels for Japan
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28
Worldwide Availability
http://www.cisco.com/go/aironet/compliance
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29
General Office Wireless LAN Design
Eight 802.11g access
points deployed 54 Cubes—4 Conference Rooms
7 users per access Conference
Room
Conference
Room
points with no
conference rooms
provides 3.8 Mbps
120
throughput per user Feet
7 users + 1 conference
room (10 users) = 17
total users, provides Conference
Room
Reception Conference
Room
1.5 Mbps throughput
per user 95 Feet
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30
Activity
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31
Self Check
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 32
WLAN Security
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
Why WLAN Security?
Wide availability and low cost of
IEEE 802.11 wireless equipment
802.11 standard ease of use and
deployment
Availability of sniffers
Statistics on WLAN security
Media hype about
hot spots, WLAN hacking,
war driving
Nonoptimal implementation of
encryption in standard Wired
Equivalent Privacy (WEP)
encryption
Authentication vulnerability
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34
Wireless LAN Security Threats
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35
WLAN Sniffing and SSID Broadcasting
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36
Mitigating the Threats
Control and Integrity Privacy and Protection and
Confidentiality Availability
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37
Evolution of Wireless LAN Security
Initial Interim Interim Present
(1997) (2001) (2003)
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39
WPA and WPA2 Authentication
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40
WPA and WPA2 Encryption
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41
Wi-Fi Protected Access
What are WPA and WPA2? Gold
Authentication and encryption WPA2/802.11i
standards for Wi-Fi clients and • EAP-Fast
APs • AES
802.1x authentication
WPA uses TKIP encryption Silver
WPA
WPA2 uses AES block cipher • EAP-Fast
encryption • TKIP
Which should I use?
Gold, for supporting NIC/OSs
Lead
Dynamic WEP
Silver, if you have legacy clients • EAP-Fast/LEAP
Lead, if you absolutely have no • VLANs + ACLs
other choice.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42
WLAN Security Summary
Enhanced Security
Basic Security 802.1x, TKIP Encryption,
Open Access 40-bit or 128-bit Static Mutual Authentication,
No Encryption, WEP Encryption, WPA Scalable Key Mgmt., Etc.
Basic Authentication
Virtual
Business
Private
Remote Access Traveler,
Network
Telecommuter
(VPN)
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 43
Security Evaluation
Evaluate effectiveness of encrypted WLAN statistics.
Focus on proper planning and
implementation.
Estimate potential security threats
and the level of security needed.
Evaluate amount of WLAN traffic
being sent when selecting security methods.
Evaluate tools and options applicable
to WLAN design.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44
Activity
Packet sniffing programs have become more user friendly in recent
years. NetStumbler is one of the easiest packet sniffers to use.
Read this short Wikipedia article about NetStumbler and decide for
yourself if you want to download it and explore your wireless
network. http://en.wikipedia.org/wiki/NetStumbler
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45
Self Check
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46
Summary
The 2.4-GHz and 5-GHz frequency bands are used by
WLAN 802.11 standards.
The throughput per user depends on the data rate and
the number of users per wireless cell.
802.11b has data rates of up to 11 Mbps at 2.4 GHz.
802.11a has data rates of up to 54 Mbps at 5 GHz.
802.11g has data rates of up to 54 Mbps at 2.4 GHz.
802.11a has a shorter range than 802.11g.
For maximum efficiency, limit the number of users per
cell.
Different WLAN security types with authentication and
encryption satisfy the security requirements of enterprise
and home users.
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 47
Resources
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 48
Q and A
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49
BCMSN 6 – 3 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 50