Practice | Wireless AC+AP deployment solution

Characteristics and application environment of wireless LAN

The emergence of wireless LAN has solved the problems encountered by wired networks, and it allows users to expand and extend wired networks at will.

Wireless communication is realized only on the basis of wired network through wireless devices such as wireless access points, wireless bridges, wireless network cards, etc. It provides all the functions of wired LAN without traditional wiring.

Wireless AC can be used to manage a large number of APs in a wireless LAN. When the number of APs increases, they can be connected to the wireless AC to form a large centralized management system.

Wireless LAN has the following characteristics that traditional wired networks cannot match:

• Flexibility: no restrictions on cables, workstations can be added and configured at will;
• Low cost: wireless LAN no longer requires a lot of engineering wiring, while saving the cost of line maintenance;
• Mobility: users can roam in the network without being restricted by time or space;
• Easy to install. Compared with wired networks, wireless LANs are easier to build, configure and maintain.
• Moreover, the communication range is not limited by environmental conditions, and the network transmission coverage is greatly expanded, with transmission of tens of kilometers outdoors and tens or hundreds of meters indoors. In terms of network data transmission, there are also security encryption measures equivalent to those of wired networks.

All these characteristics of wireless LAN make it widely used in the following fields:

• Mobile office environment: large enterprises, hospitals and other environments where mobile workers are employed;
• Environments where wiring is difficult: historical buildings, campuses, factory workshops, urban buildings, large warehouses, and other environments where wiring is impossible or difficult;
• Frequently changing environments: mobile offices, retail stores, ticket offices, hospitals, field surveys, tests, military, public security, banking and finance, as well as mobile offices, LANs with frequently changing network structures or temporary establishments;
• LAN for special projects: airlines, airports, freight companies, docks, exhibitions and trade fairs, etc.;
• Small network users: office, home office (SOHO) users

Wireless Network Standards

1. IEEE 802.11 Standard

IEEE 802.11 is one of the standards for wireless LAN. This standard defines the protocol specifications of the physical layer (PHY) and the media access control layer (MAC) in the OSI seven-layer model, with the MAC layer being the focus. Its formulation enables wireless products from various manufacturers to interoperate at the physical layer, while the logical link layer (LLC) is consistent, that is, the MAC layer and below are transparent to network applications.

Below the MAC layer, 802.11 specifies three transmission and reception technologies: Spread Spectrum technology, Infared technology, and Narrow Band technology. Spread spectrum technology is further divided into Direct Sequence (DS) spread spectrum technology and Frequency Hopping (FH) spread spectrum technology.

2. IEEE 802.11b standard

3. IEEE802.11a standard

4. IEEE802.11g standard

5. IEEE802.11n standard

Wireless LAN Design Principles

According to the actual situation of the campus, taking into account user needs, coverage, user density, building structure, business composition and other aspects, the construction of campus wireless LAN is mainly to supplement the campus wired network, using wireless network technology to further expand the coverage of various buildings and outdoor areas of the school to promote teaching and scientific research development, further expand the research space; improve the campus network environment, improve management level and efficiency, and promote the school's informatization construction.

Therefore, when designing the network solution, the school wireless LAN is designed according to the following principles:

Focusing on practical applications, the coverage area is required to cover the office area, providing a practical wireless network environment for teaching and learning life. Adopting the popular network protocol standards, the current wireless LAN generally adopts the 802.11 series standards, so the campus wireless LAN will mainly support the 802.11a/b/g/n standards to provide relatively stable network communication services for practical applications.

A comprehensive wireless network support system is used to avoid problems caused by incompatibility between wireless devices and software or confusion in network management, ensuring the security of network access.

In order to prevent unauthorized users from accessing wireless networks and to prevent illegal interception of wireless LAN data streams, wireless networks must have corresponding security measures, including: physical address (MAC) filtering, service area identifier (SSID) matching, wired equivalent privacy (WEP), layer 2 isolation, WPA support, etc.

Wireless LAN Architecture

The wireless network this time adopts thin AP wireless architecture, and wireless AC controls all APs. It can better support office mobility and multimedia applications, simplify network deployment and management, provide excellent performance, security and scalability, and support emerging radio frequency technologies; and can provide campus networks with strong fault tolerance, special quality of service (QoS), enhanced voice capabilities, and complete security functions.

Wireless AC is designed for enterprise deployment and provides strong scalability support.

The AP does not require any configuration and is plug-and-play. All wireless network configurations are completed on the wireless AC. The AP supports PoE power supply. After connecting to the Internet cable, the AP can automatically obtain the address list of the Wireless Switch through DHCP, and then communicate with the Wireless Switch through WISPe (Wireless Switch Protocol enhanced).

This eliminates the need for complex AP configuration in fat AP mode, and also avoids the need for other thin AP manufacturers to manually configure the Wireless Switch configuration on the AP. When deploying a large wireless network, the workload is greatly reduced, greatly shortening the deployment time.

The deployment adopts a 2-layer architecture as shown in the figure. The deployment method of the core layer and access layer is as follows:

Solving the problem

Quickly deploy a temporary wireless environment. When you need to deploy a wireless network outside an office environment, the AC's quick deployment feature is more easily displayed.

For example, temporarily deploying an AP in a conference room. You only need to power on the AP and connect it to the Internet. The AP can automatically communicate with the wireless AC placed inside the enterprise. This temporary wireless network has exactly the same features as other APs.

It is easy to replace and upgrade APs, and all AC configuration and maintenance can be completed in the central computer room. The maintenance of the access end does not require professional management personnel, and can be done as simple as replacing a light bulb, saving daily maintenance costs.

When an AP fails, you can simply plug in a new AP. No configuration is required. After the Wireless Switch is upgraded, all APs can be automatically upgraded, avoiding the tedious work of manually upgrading each AP.

The unique easy-to-manage feature of AC wireless switching technology. As a single-point device, traditional APs require the enterprise's network administrators to set up, manage and maintain each AP individually. These settings include not only simple configurations such as IP addresses, but also a large number of service, security, QoS and other configurations.

When wireless networks become larger in size, the convenience they originally brought to IT staff has turned into a huge hassle. Managing and maintaining a multi-point wireless network requires a lot of manpower.

The wireless AC system can centrally manage hardware, software configuration and network policies. All configurations can be completed on the wireless AC. Automatically deploy configurations to all access points, greatly reducing the initialization workload.

Wireless switching system maintenance is very convenient. Once a traditional AP fails, IT managers are often required to rush to the site to handle it. All configuration and maintenance of the AP can be completed on the wireless AC, which can be as simple as replacing a light bulb, saving daily maintenance costs.

Safety Tips

In order to use wireless networks safely, it is recommended to solve the following issues related to wireless network security: make sure that the user of the wireless network is allowed (authenticated user); keep data confidential (encrypted); prevent illegal wireless network base stations from connecting to the network.

Today's wireless networks have a variety of security technologies. We can flexibly implement one or more security technologies according to specific needs to meet the security requirements of wireless networks.

1. SSID Service Identifier

SSID (Service Identifier) ​​is a configurable string used to distinguish different wireless network areas. Only users who set the correct SSID can communicate with the wireless network base station (Wireless Access Point), thereby increasing the security of the network.

2. Wired Equivalent Privacy (WEP)

Setting the WEP flag in the MAC header of an 802.11 frame indicates that the 802.11 frame is WEP encrypted. WEP provides data integrity despite random errors by including an integrity check value (ICV) in the encrypted portion of the wireless frame.

3. IEEE 802.1X

The IEEE 802.1X standard defines port-based network access control for providing authenticated network access for Ethernet networks. This port-based network access control uses the physical characteristics of the switched LAN infrastructure to authenticate devices connected to the LAN port. If the authentication process fails, they are denied access to the port. Although this standard was designed for wired Ethernet networks, it has been modified for use on 802.11 wireless LANs.

4. WPA (Wi-Fi Protected Access)

WPA includes three components: authentication, encryption, and data integrity verification, and is a complete security solution.

5. MAC address filtering

AP can also set MAC address filtering to allow or deny certain wireless network cards to connect to the wireless network, thereby increasing network security.

6. Wireless client isolation function

AP supports wireless client isolation function, which is very suitable for deployment in campus networks, enterprises, institutions or hot spots, allowing wireless users to access the Internet easily while ensuring maximum security.

7. Equipment failure or damage may occur during use, which may affect your normal work. In this case, it is recommended to have a backup AP that can be replaced immediately. For failure and damage of wireless AC, it is recommended to use 2 ACs to control AP at the same time, one as the main AC and the other as the backup AC. This is a hot backup solution. When the main AC fails, the backup AC will quickly replace the main AC and start working.