This action might not be possible to undo. Are you sure you want to continue?
The definitive guide for evaluating enterprise WLAN networks
Copyright ©2012, Aerohive Networks, Inc.
Only ten years ago, the idea of Wi-Fi as the primary access technology was little more than a vision. The WLANs of that period were designed primarily as convenience networks and were not well-suited for the operation of mission-critical applications and access. Over time, WLANs became increasingly pervasive and architectures evolved to better manage and contain WLAN traffic. For these convenience networks a model of centralized control and distinct points of presence via WLAN controllers eased the task of managing the increasing number of access points without overwhelming IT resources. This model was adequate for 802.11a/b/g deployments that really didn’t provide the robust network bandwidth and reliability to be a viable Ethernet replacement. The relatively low throughput of 802.11a/b/g networks also served to keep the centralized controller from being overwhelmed. The resulting centralized control model proved an effective way of “sandboxing” the wireless traffic and preventing it from disturbing traffic on the “main,” wired network. With the advent of the 802.11n standard the wireless LAN has become firmly planted as a viable alternative for Ethernet, even in the case of mission-critical applications. 802.11n introduced high throughput, enhanced methods to overcome interference, and the level of reliability needed to make Wi-Fi into a foundation-layer infrastructure technology. WLANs have become required everywhere in organizations. The pervasive nature of 802.11n, however, causes the centralized “point-of-presence” controller model to break down for several reasons. One issue is the cost of deploying a centralized control over a distributed network. Other problems include the limitations on bandwidth that the controller introduced, as it creates a bottleneck from both a device and WAN backhaul perspective. With today’s iEverything Enterprise, dominated by BYOD and the consumerization of IT, the barrier posed by centralized architectures that were intended to manage and secure WLANs of convenience is becoming increasingly intolerable. These trends provide compelling CapEx savings, but pose a challenge to a Wi-Fi network. Interestingly, as the endpoint devices become less sophisticated from a network intelligence standpoint, the onus of performing sophisticated services and security functions shifts to the network infrastructure. In other words, as devices get less intelligent about network services, the infrastructure must become more intelligent and automated to ensure that the simpler devices don’t become an administrative nightmare. 802.11n is the standard of choice today, but it is not the terminal point of the growth of WLAN speed or performance. The 802.11ac standard is on the horizon, promising throughput of up to 1Gb (1Gps?) per device. A key issue to understand is that while this standard isn’t available today, it must be considered now because of the degree to which it will impact network architecture. No longer can it be assumed that a centralized control model with distinct points-of-presence is suitable for WLANs running at high speed. If every client operates at up to 1Gbps, there is a high risk of significant bottlenecks that can impact any part of the network. The presence of a central control device, be it software or hardware based, in this scenario would be akin to introducing a traffic light into an eight-lane highway – all productivity would be dependent on the single device’s capacity to process data. When there are dozens of devices per access point running hundreds of megabits per second each across a dozens of access points, that capacity is reached very quickly.
Copyright ©2012, Aerohive Networks, Inc.
..................................... 6 Architectural Conclusions................................................................................................. 3 .................................. 16 Copyright ©2012.............................................................................................................. 10 Using The RFP Process To Select A WLAN ....... Inc.................... 9 10 Things A WLAN Must Do ........................................................................Table Of Contents Things To Consider ............................... Aerohive Networks..................................................... 4 Key Requirements .........................................
policy enforcement. It is far enough away from mass deployment (3-5 years) that the casual user may not see a reason for concern with what they are doing today. Where the data is forwarded to and from becomes critical. Architecturally. three converging trends – cloud. Second is the fact that these high-speed clients are. it is unquestionably a driving factor in the Wi-Fi world. mobility. As wired Ethernet progressed from 10Mbps to 100Mbps to 1Gbps to 10Gbps. with its potential for 1Gbps data rates. not a place you go. and policy must be enforced locally as well. By upgrading a single access point to support the higher 802. You cannot have point-to-point data forwarded to a central control point. Mobility with high data rates changes this on two vectors. First is the sheer volume of data. one must consider future trends and their impact to the network. the leaps in traffic were predictable and generally easy to calculate as endpoints were relatively static and the traffic increase was simply a factor of 10. While consumerization of IT and BYOD may be an overused term in networking today. These considerations can generally be categorized and analyzed in two distinct parts: Onboarding of devices: this encompasses how devices are brought on to the network and how policy is applied. and network services need to be locally enforced. but the bottleneck imposed by a central controller would be untenable. but the reality is that when architecting a network today for wireless access. Therefore the intelligence. Switching infrastructure can be upgraded to support dozens of potentially multi-gigabit AP links.11ac data rates you must now consider all the “upstream” links to this traffic. 802. not centrally. which becomes an exponential. device type identification. mobile. as the shift to wireless as a foundation-layer technology is made. With BYOD a primary factor in networks deployed today there are many important considerations that should be reviewed. it must be architected for today in order to handle both mobility and high bandwidth clients. in fact. As mentioned earlier.11ac. there is no way to balance multiple Gbps of data across the controllers. That is a fundamental change that impacts IT first and foremost. and virtualization –allow business-critical work to be done just about anywhere on any device. Work has become a thing you do.11ac is in the future. Aerohive Networks. The fact is that even though 802. 4 . This includes authentication. These phenomena drive the enterprise to deploy a wireless infrastructure. Inc. enterprise access policy and the application of context. If you architect a network to forward data to a central control point. Copyright ©2012. as it is in the controller-based model. user ID and location of the policy that is applied to that particular device. since many consumer devices don’t even have an Ethernet port. such as device-type. This makes load balancing across the infrastructure paramount. The architecture’s inherent limitations will leave you with little choice but to re-architect the network and invest large amounts of time and money. Additionally. it absolutely must be locally forwarded. the bandwidth and throughput it represents fundamentally changes the high throughput traffic patterns on a network. is just over the horizon.Things To Consider The evaluation of a Wi-Fi network requires that enterprises carefully consider the changes happening in the user population.
such as the cost of operating the solution. Any Wi-Fi network under consideration today should take into account the fact that the deployment will be required to scale to accommodate more devices. of course. more heavy applications. this means that the IT should review not only the cost of the hardware. WLAN management should mirror security and access policies in use on the wired network. It is clearly untenable to put in a Wi-Fi solution that is “maxed out” at 802. but the cost of any licenses that are needed to make the WLAN perform as specified. and. access corporate network services like file sharing. Most enterprises do not have a Wi-Fi expert on staff. and it is important to understand how much comparisons vary depending on feature set. Copyright ©2012. Once safely and securely on the network. newer. more users. It must include a means to make them useful and productive members of the corporate community.11n. Cost considerations should also include “soft” costs. 5 . IT must be able to compare “apples-to-apples” when generating comparisons between wireless vendors. in many branches. seamless upgrades. etc. faster WLAN technology.Providing service to the device once it’s onboard: this includes how the devices. there is not even an in-house IT staff. video conferencing. and should provide for easy. Another important element of cost is scalability. all without requiring RF expertise. As with any IT investment there is the consideration of WLAN cost predictability. Aerohive Networks. printing. which are neither owned nor managed by the IT department. Few people could have foreseen the iEverything explosion when considering their initial Wi-Fi network. you must consider how to enable added value. Inc. In many cases. BYOD is about more than “onboarding” mobile devices.
It is important to note that this architecture was not necessarily based on the fact that a centralized model was the optimal method to handle all traffic including control packets. multi-AP network. Other Copyright ©2012. which include: The Control Plane The need to handle control plane traffic was the basis upon which many WLAN vendors built their underlying architecture over the last decade. Three Planes Any consideration of WLAN technology necessarily begins with a brief discussion of the architectures derived from the traffic components themselves. Architectural Considerations The fundamental architecture of wired networks has probably not been considered by most IT professionals since the advent of Fast Ethernet. No enterprise. and contextual policies become the norm. Aerohive Networks. control plane traffic is anything that is needed to get wireless functioning in a coordinated. This is not the case in wireless networking. where many of today’s leading vendors base their implementations upon the usage expectations of legacy convenience networks that were prevalent a decade ago. will find this reasoning acceptable as Wi-Fi becomes the primary means of accessing corporate resources. as it would require a complete system redesign for these vendors to move to a distributed control model (see below). distribution. Ten years of processor development have led to processors that are far more powerful while at the same time exponentially less expensive. Inc. Wireless traffic is commonly abstracted into three planes. or originated by. While Wi-Fi technology has advanced exponentially since 2001. Interestingly. it is not sufficient to consider a WLAN vendor that is doing “business as usual. or if they have an expectation that the network architecture will change to accommodate their WLAN solution. so it is now possible to enable control plane processing in a distributed model. This is primarily a legacy issue. it can be considered the “signaling” of the network. however. highperformance access. many vendors continue to advocate a central controller architecture in one form or the other. Control plane packets are destined for. the WLAN equipment itself. In general. While there have certainly been advances in how to get the most out of the wired network. it is important to consider whether WLAN vendors have actually changed their architecture to be more seamlessly integrated into well-known network architectures (core. rather. to handle control plane traffic in 2001. and the carrier of mission-critical applications. 6 . it was the most effective way to enable processing in a wireless network while still keeping it affordable given the technology of the time. access) and their traffic flows. the underlying technology is very well understood.Key Requirements There are a number of requirements that must be closely examined when considering a WLAN purchase. As Wi-Fi moves to the primary access method. Vendors introduced the concept of a centralized control devices. consumerization of IT and BYOD drive the demand for reliable. since it is from them that the Wi-Fi network is built.” Wireless gear that was included at low or no cost as part of a larger networking equipment buy was understandable when the WLAN was a convenience-only addition to the wired network. or controllers.
control information. sometimes referred to as the data forwarding plane. The data plane is generally distributed. The Management Plane Management plane traffic carries the operations and administration traffic required for network management. are sent to and from the Cloud via an Internet connection. consistent policy application. The Data Plane The data plane. and that any disturbance in getting traffic to the device will affect overall WLAN traffic and network capability.” The industry is coming to understand the inherent limitations of a centralized controller model. session state across APs and subnets. etc. completely distributed architecture that closely resembles the control plane common among routing architectures. etc. According to industry veteran Bob O’Hara. therefore the data plane is often required to go through the controller in order to have policy enforced. including cost. These elements of WLAN traffic have spawned several different architectures. In this model. 7 . latency. Inc. Regardless of where the controller is located. including: • • • Central controller Central controller with distributed forwarding Distributed control and forwarding Central Control Model The concept of a central controller is derived from a lack of sufficient. flow classification.vendors have designed their systems from the ground up for pervasive. deep packet inspection. high-speed Wi-Fi and have found ways to use advanced processing capabilities to create a new. Control packets responsible for functions such as roaming. it is important to realize that it is still there. Management plane traffic has no functional impact on real-time operation of the network. is basically the traffic that goes through a WLAN device but not to those devices. however in a central control architecture many policy decisions are handled by the central control device. is passed from AP to AP. Some vendors who have architected their system around a central control model have come up with less expensive ways of delivering controller functions which include: Cloud-based control One method for disguising a central controller is to put it in the cloud. Aerohive Networks. low cost consumer devices. including QoS. In this situation. without the need for a central control point in any form. or to manage a physical piece of hardware. one of the originators of this architecture. They were created because that was one of the only ways to handle the problem given the balance between cost and processing power in 2001. It is most effective to centralize management to enable easy. “Centralized controllers were never the ‘right’ way to handle control traffic. there is no need to put a controller into the data center. affordable processing power to handle both control and data functions at the AP. however. including link and user state. and single point of failure because of modern day realities such as BYOD and high-speed.. Copyright ©2012.
. Aerohive Networks. is that the fundamental architecture – that is. deep packet inspection. This increases overall network performance and enables true QoS.e.Central control and distributed traffic forwarding In a distributed forwarding model local traffic (i. This makes the architecture extremely resilient and flexible. it can also act on an extremely high volume of control and policy decisions made at the edge of the network without having to forward everything to be processed by a separate device. 8 . Traffic that is forwarded between APs is therefore not subject to features that are only garnered via a trip through the controller. the APs in this model are able to dynamically route around it maintaining full state and operation. The resulting architecture looks more like the Internet. If a problem occurs. removing the central controller altogether. while at the same time making it more affordable because there is no additional equipment beyond the APs. Some examples of features not employed in a distributed traffic forwarding model could include policy enforcement. The important thing to remember. or Quality of Service. Copyright ©2012. Distributed Control and Forwarding Model Still another type of architecture takes advantage of the exponential increase in processing speed/power and the attendant decrease in cost to put both the data plane and control plane functions on the AP. with no central point of failure and a completely distributed control plane coordinating the communication and exchanging state with advanced protocols. Because a WLAN with distributed control and intelligence functions more like a grid computer. however. traffic originated and destined for a local resource) is forwarded between APs and not back to the controller. the centralized controller running control plane functions – is unchanged in this model. authentication. Inc.
Considering the explosion of high-speed devices and the BYOD phenomenon this is a given in any network. Legacy models feature a central controller. Therefore. however. Aerohive Networks. it’s important to realize. without the benefit of control plane information. 9 . housed in hardware. while a cloud-based controller could lower overall costs. it falls short in many others where security and QoS features (among others) are essential and require higher level. Some legacy controller vendors have implemented distributed forwarding. The second is that management must be centralized to enable easy. Inc. the data plane must be distributed. central management is largely also considered a given. a management device can easily be located in the cloud and still be completely effective. future-proofs the network. distributes processing for increased capacity. First. Newer models have put this central controller into the cloud. While this model may work in some situations. consistent views of network operations for more efficient problem resolution and minimal interruption of service. and provides full functionality without any single point of failure.Architectural Conclusions This quick examination of Wi-Fi network architectures highlights several considerations. The fact that management is centralized. that unlike management traffic. in a piece of hardware. This approach enables higher speed clients to be supported. Copyright ©2012. some vendors have taken advantage of low-cost processing power to pass control plane information from AP to AP. it can still be a liability to resilience and performance. control plane information must be constant and uninterrupted as it has direct functional impact on the WLAN. compute-intensive functions be performed by a central controller. does not necessarily imply that it must be located on premise. The majority of differences between Wi-Fi architectures today concern the control plane. however. Finally. Because management traffic is out-of-band. in which traffic is passed directly from AP to AP.
while not an employee. both in the corporate office as well as in branches. you should consider the following areas to ensure that the WLAN you choose will satisfy immediate requirements while enabling you to be prepared for the future: • Integrating BYOD and company-owned consumer devices has become a vital part of every network. • • • • • Management and Deployment of BYOD and Company-owned Consumer Devices Your WLAN must be able to enforce corporate policy based on user identity and fingerprint of their device • Business case: Although consumer-level devices used to be thought of as exactly that – consumer level – public and private cloud computing as well as technologies like desktop virtualization have enabled these devices to become productivity tools for corporate operations. installation and maintenance. Inc. in all locations. application types and protocols – including heavy applications like voice/video and virtualized or cloud-based apps. Cost.11n has created a compelling case for Wi-Fi as the primary access layer. 10 . Additionally. and policy enforcement needs to be automatic so as to ease any operational headaches or unnecessary support calls to the helpdesk. In order to make the right decision for your network. operating expenses and feature licenses. if a guest device or a device of a non-employee is allowed on the network it is important that their communication be secured. new sites are opened and new applications are developed. users. Performance. Aerohive Networks. Examples include students in a school that require privacy. which must be optimal for a variety of clients. Requirement: The optimal WLAN will have the inherent capability to tie to corporate LDAP services and automatically fingerprint the device coming on the network. Security. and legacy vendors may obscure underlying issues as they seek to retain their revenue base. Scalability. as well as the day-to-day issues of management. Security must be ensured for all user and device types. from corporate office to primary school campus. Securing these devices as they come on to the network and making them productive tools as part of the network are the keys to taming the iEverything explosion. Security and quality of service (QoS) policies • Copyright ©2012.10 Things A WLAN Must Do The combination of the iEverything explosion with the speed and reliability of 802. Onboarding these to the network needs to be as straightforward as a login from any corporate laptop. still deals with sensitive. Deployment. which is a key requirement as client loads increase. Unfortunately for the WLAN buyer. which includes the initial setup and deployment. which includes the price of the hardware. there is no longer a single architectural model from which to choose. company confidential information. which is vital for a primary access method running mission critical applications. or a contractor in an enterprise that.
Which do I use where? Controller? Virtual Controller? How large a controller to buy? If each site has a different architecture. it should have an understanding of network services available to BYOD devices and provide a means of making those services usable by BYOD devices without “hands-on” configuration. Having the ability to surf the Internet and retrieve email provides little return on investment (ROI) for your BYOD initiative. that is. this is a minimum requirement of any system and shouldn’t be an additional cost. and small APs – that simply bridge traffic blindly. Inc. as you may want to extend guest management capabilities even further. hence. dynamic. Requirement: The optimal WLAN should be “service-aware”. Further. One problem to avoid is the need to configure every device. employees should be able to print and project presentations.should be established based on the users’ context (identity. it doesn’t allow you to benefit from the CapEx savings promised by BYOD. • Deployment. because this will immediately erode all BYOD benefits via costly helpdesk calls. but does not alleviate the responsibility of giving an employee the tools needed to replace the corporate laptop with a personally owned tablet.). Therefore creating a way to enable Apple’s “Zero-Configuration Networking.” or Bonjour. the key question is what the user community will do with that device. Copyright ©2012. available corporate-wide in an efficient. Determine the services required for your BYOD environment. configurable preshared keys that are unique to each guest and can be configured to expire should protect guest connections. predictable manner is critical to a successful WLAN deployment. wireless. At a minimum. share files and use collaboration software. Aerohive Networks. The impact of how the architecture is implemented can very quickly increase the cost of deployment and maintenance. In order to provide true ROI for BYOD you need to make these devices into productive corporate tools. The vast majority of employee-owned devices that are intended to be used on the company or school networks are based on Apple iOS. etc. Your WLAN should provide service to BYOD devices once onboarded • Business case: Once a BYOD device is onboard your network. Without these basic capabilities the investment in a BYOD initiative boils down to giving an iPad user access to the Internet or other cloud services for quick reference. different WLAN approaches have different implications on how data forwarding and control traffic are handled. and application) and not solely on the type of connection (wired. because each architecture will require a different methodology for problem isolation and resolution based on the network deployed. 11 . device type. what will licenses cost at each site? When the IT admins troubleshoot a problem at a site all the same questions must be asked every time. The problem is the cost of implementation and maintenance vary based on the size and geographic location of each site. virtual controller. SSID. Installation and Maintenance Your WLAN should have a single consistent architecture that scales in both capital and operational costs • Business case: As discussed above. location. These features together will provide context-aware policy enforcement and safely onboard devices to the network. Some vendors offer as many as three different architectures – large controller.
Inc. Aerohive Networks. or 1000 APs at a large site. Then consider how the same equipment will fare if you double your user count. If considering a controller-based WLAN. which may not be related to the wireless network at all. Requirements: The optimal WLAN will be one in which it is easy to see the cause of a problem without having to troll through heaps of incomprehensible. examine what it will cost to enable your current deployment. 10 APs at a medium site. To ensure consistency. consumer mobile devices are optimized for battery life. maintain and upgrade. In many cases. Requirements: Ask for a full list of equipment and licenses required to handle your Wi-Fi networking needs today. AP and user performance should be easy to find quickly and should enable the speedy pinpointing of the issue. 12 . This quality is essential as WLAN moves to the primary access method. it is tempting to look at only the cost of the access points. maintain and upgrade • Business case: In networking. what size and what if that site grows or moves? Another consideration is that of feature licenses. Your WLAN must be easy for IT to manage. not for radio transmission – but the end user will not be aware of that. Then double the deployment and see what hardware and licenses would need to be added. increase your traffic load or move to more space. change is the only thing that stays the same. This is true not only in the corporate headquarters. the basic underlying architecture should be the same. Whether the deployment features a single AP at a small site.• Requirements: The optimal WLAN will use a single network architecture regardless of size and still provide reasonable costs. As new deployments come on line. more accurate problem isolation even at remote locations. new security or access policies are developed and new applications become available. Often the base hardware solution does not actually enable the firewall. All they will see is that the wireless network isn’t working! It is important to be able to visualize the problem without RF expertise and to quickly track down the primary issue. Management actions and commands should be written in language that is easy for a non-RF expert to understand. RF-centric logs. If a central controller is part of your considerations. to ensure consistent security and policy. does each site need a controller? If so. This allows the advantages and ROI of repeatability of network deployment and maintenance. but this is not the whole story. It is important that the WLAN provide a means to view a problem all the way down to client-level statistics for faster. it must be easy to enable the Wi-Fi network to keep pace. QoS or policy features that you actually need. • Cost Your WLAN must feature predictable capital expenditure • Business case: When considering capital expenditures. security. Requirements: The optimal WLAN should be easy to manage. • Copyright ©2012. but in remote or branch offices as well. it is vital that the WLAN be easy to troubleshoot. is it still cost effective? Also consider the number of sites your organization has. • Your WLAN must facilitate easy troubleshooting • Business case: Particularly in the era of BYOD. WLAN management should be a centralized function. and ideally should operate identically whether housed in the cloud or on the premises. Is a larger controller required? If so.
the ease of maintenance and upgrades. Wireless Privacy and Key Management – using keys to encrypt and secure traffic transmitted across the air. you must ensure that these features are included in your initial estimate. Active • - Copyright ©2012. the highest cost element in most deployments isn’t the capital expenditures. It is important to understand how this is achieved. Consider these factors: What is the management interface like? What are the steps required to specify a deployment? What are the steps required to deploy the solution? How easy is it to visualize a user problem? What would I need to do in order to expand this WLAN to more floors/offices if I purchased it? Can I deploy the same architecture in my branch office? If not. find out what that point is. but it has also created a myriad of new openings for network security threats. 13 . Also determining whether RADIUS. Inc. Requirements: The ideal solution must enforce advanced security features. This includes both how easy it is to get a full list of equipment required. and the ability to troubleshoot the system both in branch offices and headquarters without the need for RF engineers to be dispatched to every location. This means authenticating employees as well as guests and contractors.If there is a controller and there is a point at which the controller you are looking at will need to be amended. why not? What is the company’s history in WLAN upgrades and advances? Have they ever introduced upgrades that are not fully backward compatible? • Requirements: The ideal WLAN must have a low operating expense. In order to be truly enterprise-class. your WLAN must have comparable security to that found in your wired network. and these features must be included in the initial cost overview. the requirements for a deployment both in corporate offices and in branch office. along with any costs for upgrades and expansion. Authentication – identifying users as they come on the network. Aerohive Networks. Security Your WLAN must feature enterprise class security • Business case: The iEverything explosion has enabled incredible business productivity. Advanced security is considered a feature by some vendors and licensing for it comes at a cost. it’s what is required to keep the network running. Your WLAN must minimalize operating expense • Business case: As most networking professionals know.
however. which requires optimal performance. Many vendors will charge for the licenses you need. Inc. Requirements: Ensure that any solution under consideration provides consistent security at all times. or when it will hit. If a branch or cloud-based controller solution is dependent upon the WAN for security applications. Requirements: The WLAN solution must be able to handle VOIP. • High Performance Your WLAN must provide high performance throughput • Business case: The WLAN is now being considered as a primary access method largely because of the throughput provided by 802. and allow or deny access to specific applications or resources. Device Physical Security and Data Storage – ensuring the networking platform itself is securely implemented so that it cannot be compromised – even if stolen. like voice or video. and low throughput or high latency solutions are simply not up to the task of handling these “heavy” applications. Your WLAN solution must ensure consistent security at all times. if any. as a solution scales it could complicate operations significantly. and for all traffic types security must remain consistent and in place even if the WAN is down. Consideration of scalability applies both to increasing the coverage of a deployment and increasing the load on that deployment. and a way to ensure Quality of Service.Directory or LDAP is used for authentication. or makes the branch subject to variability in the WAN connection. even when it may be a factor of a lower powered battery in their mobile device. Identity Based Access Control – using the identity of a client to provide access to the correct VLAN. video or other heavy traffic. are omitted when traffic bypasses the controller. be sure to fully consider what features will fail if the WAN does. Copyright ©2012. If the vendor is pitching distributed or local forwarding. It is also important to consider feature licenses as part of the cost and complexity. If this requires the deployment of a new controller. it may not be the best solution for you. You should also look at what is necessary to deploy remote or branch locations.11n. It should not be sacrificed for the appearance of a lower cost. scalability was not a large factor in choosing the right equipment. Users are also becoming more and more dependent upon high bandwidth applications. the WLAN must scale. Your WLAN must therefore have security enabled at all times. • Scalability • Business case: When WLANs were considered a convenience network. The consumerization of IT means that users are intolerant of latency. Aerohive Networks. a means to handle legacy clients as well as 802. so be sure that they are included in any solution that is considered. As Wi-Fi moves into the primary access method. - • Business case: No one knows where the next network threat could come from. 14 .11n clients. make sure that you understand what security features.
Copyright ©2012.• Requirements: The WLAN should scale predictably. including hardware and software. Inc. New deployments should offer consistent features. 15 . Aerohive Networks. You should also examine what is required to scale a deployment up in terms of operating expenses.
In the last section we overviewed 10 things a WLAN must do. In this section. Copyright ©2012. If a controller is listed. Do end users need to reauthenticate in such an instance? - • Look for feature licenses – Some vendors’ base systems are virtually useless without features that are enabled via license. Inc. The majority of these considerations should be included under the Scope of Work section. at what point would you need to add another controller? WAN Outage – If vendor uses a cloud-based controller. they may be included at no charge with the base system. look for the number of access points specified for each site under consideration. be sure to ask how the cost changes if the deployment grows. 16 . cloud-based. You can also look for: • Wi-Fi Planning Tool – some vendors will provide a Wi-Fi planning tool. In such cases. Aerohive Networks. Technical Specifications Capacity and Scalability In this section. we’ll show how to use those requirements as part of an RFP process. and how that can change if your requirements change. They should also call out the client capacities of each AP/deployment. You may request that the deployment be specified for headquarters and branch locations. ask what features are disabled in the case of a WAN outage. or relies on a corporate controller to power branch WLANs.Using The RFP Process To Select A WLAN Most companies will use the RFP as a way to narrow the list of possible WLAN vendors to consider. or can even be located in a corporate office deployment if the proposal is for branch networks. • Look for controllers – This gear may be on premise hardware. This is also an appropriate section to request a complete parts list for the solution under discussion. Overview of Proposed Solution – Architecture This is a good place to ask the vendor to outline the architectural model that they are proposing. This section will give you a starting point for your WLAN RFP and initial “things to think about” while building your RFP. If licenses exist. either at no charge or as part of purchase. This tool will enable you to see the reasoning behind the gear that the vendor is specifying. in which the RFP requests a detailed list of the business and technical requirements. pay close attention to how the vendor answers these later questions: Scalability – does the use of a controller also bring with it a “stair step” cost model? If the deployment expands.
Additional questions include: System functionality in a mixed client environment – This is a very important consideration for several reasons.11a/b/g client can also functionally dominate the air because of the greater time required to pass traffic in comparison to . Conversely. particularly those with BYOD initiatives. - • Client Band Steering – Any WLAN under consideration. Inc. the greater the possible throughput.11na) is a long-standing technique to increase total throughput on an 802. an . Furthermore. What happens when the WAN connection is restored? Are sessions maintained? Do users need to reauthenticate? • • Protocol Support and Radio Frequency (RF) Management This section should call out which protocols are supported as well as what elements of RF management are supported by the system.11n clients can “drown out” a/b/g clients in some situations.11 network.11n clients.• Feature Licenses – In many cases. Total area throughput is limited by the number of channels that can be saturated. This section can show how the vendor’s architecture is prepared for the future. In either situation. Copyright ©2012. Are these licenses included with the gear? What if a site is added? Outage Management This section should describe how the system functions in the case of an outage.11n shows that it is likely that pre-standard chipsets will emerge at some point. Access Point Outage – What happens if an access point fails? Is traffic dropped? Are there any “selfhealing” capabilities in the system? WAN Outage – This area is significant if the WLAN architecture is dependent upon a cloud-based controller.11a and 802. what features are disabled? Consider how important these features are to your business and whether you are comfortable without them. Architectural functionality in an 802. Does the WLAN continue to pass traffic in the case of a WAN outage? If yes. or if a branch deployment relies on a controller in HQ. functionality is enabled via license. and could include: • WLAN Controller Outage – What happens if a WLAN controller fails? If a system is billed as resilient. so how they are handled should be examined. but recent experience with 802. look to see if this claim is supported by a backup controller. so the greater the number of non-overlapping channels available. whether of the outage involves a piece of the WLAN gear or the WAN.11ac environment – This standard is far from ratified. there will be a percentage of users that are unhappy. Aerohive Networks. 802. the noise floor on 5 GHz channels is often lower due to the smaller number of unlicensed devices. Additional areas to consider include: • Wireless standard support – Any WLAN under consideration should support 802. should be able to dynamically balance clients to their ideal frequency band. Frequency band steering in the unlicensed spectrum – Moving user traffic to the 5 GHz radio band (802. 17 .11n/a/b/g.
as well as how it will interact with existing network security specifications.Power Management This section should describe the features and controls required for power management of the WLAN access points. security event management. it is vital to consider: • • • LDAP Integration – Does the system integrate consistently with corporate identity services? If so. and rogue AP detection. including HIPAA. how is it enabled if the deployment expands? BYOD support BYOD support is a relatively new requirement. video conferencing. etc. network access control. Wireless Intrusion Detection (WIDs).). Quality of Service (QoS) This section should describe overall enterprise QoS requirements for business applications (e. Aerohive Networks. how easy is the deployment to troubleshoot? Copyright ©2012. Voice over WLAN. identity-based access controls. In addition to consideration of how to deploy the WLAN at Corporate or HQ. PCI-DSS and more. share files. Details could include firewalling. particularly in branch locations? What does the person installing the system need to know about networking in general and about RF in particular? If there are problems. This should include any preplanning capabilities. 802. 18 . Specific elements to look at include: • • • How is a BYOD device onboarded onto the network? Does the system enable a means to ensure policy consistency across user-owned devices? How do BYOD participants print. Specific details here may include access points that are capable of operating at both Power over Ethernet (PoE) modes. what are the costs? If the license cost is included with the base system. Security This section should describe how the WLAN provides security. Inc. or use projectors? Deployment and Configuration In this section.3af (low) and 802. how? Branch deployment – how does the solution scale? How are branches connected to HQ? Technical expertise – What level of technical expertise is required to set up the WLAN.3at (high). but must be considered for any new Wi-Fi network under consideration. Be sure that responses address any regulatory compliance requirements..g. the vendor should specify the steps required to deploy the WLAN. authentication methodology. Additional considerations include: • Security features enabled via license – Are any of the security capabilities described by the vendor enabled via licenses? If yes.
it must support rich applications. it must be easy to pinpoint problems as they come up. Also consider what additional licenses. since this will be the largest ongoing expense of the overall deployment. Could someone with a general understanding of networking operate the system? • • Quality of Service/Service Level Agreement As WLAN becomes the primary access layer. 19 . or the WLAN? How easy is it to make prioritization changes? RF expertise required – While RF faces unique challenges. how easy is it to see the nature of the issue. Consider: • Per-user throughput/issues – Does the management interface allow you to see throughput and performance by user? If there is a problem. Inc. are required when scaling the WLAN or extending it to branch locations. Additional considerations include: • • Web interface – Can the management UI be accessed via the Web? Management capabilities via license – In some situations. can you quickly and easily determine if the problem is the network overall. The vendor should list and clearly describe every element of the central management system required. that is. how does the process function? Is it automatic. What level of RF expertise is required to understand issues? To what degree would an administrator need to sort through RF-based logs to understand a reported problem? • Copyright ©2012. Management device flexibility – If management is handled via a centralized device. To what degree does the management interface support the separation and prioritization of this traffic? Is it possible to enable an enforceable SLA with this system? If yes. Make sure you know what is available as part of the system and what will cost more. vendors will integrate basic management functionality but charge for additional capabilities. is an additional device required for branch locations? Is there a cloud offering for management? RF expertise required – Consider what level of RF expertise is required to work with the management interface. many of which have strong QoS requirements. if any. it is very unlikely that each office/branch will have an RF expert onsite. Aerohive Networks. sometimes by user. the application itself.Systems Management It is crucial to thoroughly understand the systems management capabilities of any WLAN being considered. or does it require end user intervention? Troubleshooting WLAN is subject to a variety of issues that are unique to RF. For the WLAN to be useful.
Inc. Inc.About Aerohive Aerohive Networks reduces the cost and complexity of today’s networks with cloud-enabled.9918 Fax: 408. distributed Wi-Fi and routing solutions for enterprises and medium sized companies including branch offices and teleworkers. 330 Gibraltar Drive Sunnyvale. (NEA).com EMEA Headquarters Aerohive Networks Europe LTD Sequel House The Hart Surrey. Northern Light Venture Capital and New Enterprise Associates. Aerohive was founded in 2006 and is headquartered in Sunnyvale. UK GU9 7HW +44 (0)1252 736590 Fax: +44 (0) 1252711901 Copyright ©2012.866. Corporate Headquarters Aerohive Networks. Lightspeed Venture Partners.6199 info@aerohive. Inc.510. 20 .6100 Toll Free: 1. Aerohive’s award-winning cooperative control Wi-Fi architecture. Aerohive Networks. California 94089 USA Phone: 408.918. routing and VPN solutions eliminate costly controllers and single points of failure. The company’s investors include Kleiner Perkins Caufield & Byers. This gives its customers mission critical reliability with granular security and policy enforcement and the ability to start small and expand without limitations. Calif.aerohive. public or private cloud-enabled network management.com www.510.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.