The battle between local deployment and cloud-managed WLAN architecture

Enterprises that need to upgrade their traditional wireless LANs can do so by using a WLAN architecture managed by a local or cloud-hosted controller. While both approaches offer significant advantages, determining which implementation is better depends on several factors, including the company's structure, current network design, and wireless requirements.

The Evolution of WLAN Architecture Design

When enterprise WLANs were first deployed, each wireless access point was configured and managed independently of the other APs on the same network. This was not a problem, of course, because most companies designated specific areas for installing wireless hotspots, anywhere there were many users and few wired ports. These areas were typically places like conference rooms, lobbies, and outdoor patios.

As the demand for Wi-Fi access within the enterprise grew, so did the infrastructure required to provide it. Suddenly, network administrators had to manage hundreds or even thousands of APs in an attempt to blanket entire buildings and campuses with wireless signals. Even more problematic, the APs couldn’t communicate with each other. As a result, technical issues, including channel interference, power adjustments, and client roaming, made the network unstable and unpredictable.

[[260731]]

To solve these technical problems, WLAN vendors created wireless LAN controllers to force data and management control plane data back to one location. The controller's job is to be the node for AP configuration, communication, and policy execution. The APs themselves lose their own intelligence, and the controller becomes the brain of the entire WLAN.

This design has several major advantages. First, the wireless controller monitors all APs throughout the network, so it has a complete view of the WLAN. IT staff can use the controller to make intelligent radio adjustments as needed. This enables WLAN administrators to modify wireless channels when interference occurs, change wireless signal strength when APs are offline or online, and switch clients from one AP to another.

The second benefit is that control plane and data plane traffic is tunneled back to the wireless controller before being placed on the local data LAN. From a data plane perspective, this can be both a positive and a negative. It is positive in the sense that wireless policy for a specific service set identifier is only enforced in one location, which makes policy management very easy. It also provides better security because traffic from the AP is transmitted in an encrypted tunnel. But if not planned correctly, the overall design can create bottlenecks and single points of failure.

With cloud-managed WLANs, APs connect to a virtual controller, typically located in a public cloud on the Internet. Control plane information, AP management, and other WLAN services are performed between the cloud controller and local APs over an Internet connection. The main architectural difference between local controllers and cloud-based controllers is how data plane traffic flows.

In an on-premises design, control and data plane communications are tunneled back to the controller in a process called wireless backhaul. In contrast, in a cloud controller design, data plane information is offloaded once it reaches the LAN. This means that any policy enforcement is performed on the AP itself, which makes cloud-controlled APs semi-intelligent because they must own and enforce policy rules locally.

Today, both on-premises and cloud-managed WLANs are enterprise-grade in terms of management, automated intelligence, and reliability. Determining which implementation will deliver the best returns for your enterprise and Wi-Fi strategy depends on a variety of factors. Let's take a look at the advantages and best use cases for cloud-managed and on-premises WLANs.

Benefits of Local WLAN Architecture

(1) LAN architecture: The first thing to check is the current state of the LAN. Users who already have a local wireless controller installed may just want to upgrade. From a Layer 2 and Layer 3 perspective, changing to a cloud-based system requires reconfiguring the network to allow the cloud control network to offload wireless data directly to the LAN instead of transmitting it back to the local controller.

Depending on the size of the network, this will take considerable time to complete. Therefore, for many, simply upgrading to a next-generation field controller that can transmit control and data plane information back to the local controller is the simplest option.

(2) Internet connectivity: To function properly, cloud-managed wireless LANs rely heavily on the Internet. If your Internet connection is unstable, this can be a hindrance. In addition to wireless control data communications with local APs, cloud controllers often perform other wireless services such as DHCP provisioning and authentication.

All of these services incur additional Internet bandwidth overhead, so if your Internet connection is heavily used, unreliable, or has latency and throughput issues, it's best to stick with a local approach to controlling all of these features.

(3) WLAN complexity: In most cases, local controllers offer greater flexibility when it comes to the actual design and deployment of the WLAN. This includes more advanced support for traditional Wi-Fi devices and applications, as well as more granular control over specific wireless settings. For enterprises using thousands of APs in large campuses, multiple local controllers can work together to provide customers with robust WLAN access and failover. In these types of complex WLAN scenarios, local controllers offer significant advantages over cloud controllers.

Benefits of Cloud-Managed WLAN

(1) Easy configuration management: If your enterprise has hundreds or even thousands of branch sites geographically distributed, cloud-based WLAN management may be ideal. With a cloud approach, you can have a single point of management no matter where your IT staff is located. This eliminates the need to deploy a controller at each site, and network administrators don’t need to worry about remote access to each site because everything is controlled in the public cloud.

Many WLAN and Wi-Fi network vendors also offer other network equipment, including cloud-managed switches, routers, and firewalls. Therefore, if your enterprise is global, you may want to evaluate cloud-based WLANs and put all network management in the cloud.

Most vendors offer zero-touch provisioning, which means you can pre-configure your wireless network hardware before it is sent from the manufacturer to the remote site. The AP needs to be connected to the network, powered, and have access to the internet. Zero-touch devices will automatically set up using pre-configuration based on the serial number and MAC address. This means field technicians no longer need to travel to a branch office to set up a wireless network.

(2) No controller hardware limitations: With an on-premises controller, you are limited to the existing hardware in your organization. Smaller on-premises controllers can manage up to 25 APs, while other controllers can handle thousands of APs. However, either way, the amount of hardware a controller can handle is limited. New hardware must be purchased to quickly expand the infrastructure, while cloud WLANs theoretically have no limitations. In the cloud, your WLAN can consist of a handful or thousands of APs anywhere, without being limited by hardware.

Likewise, as new features emerge, older controllers must be manually upgraded to handle the advanced functionality, which can take a lot of time and labor. With a cloud controller, updates are performed by the provider in the cloud.

(3) Simplified backup and alerting: When a locally managed WLAN architecture is in place, the network administrator's only responsibility is to properly back up the WLAN configuration files. In the event of a major hardware failure, the network administrator can restore the WLAN using the configuration backup. With cloud-managed wireless LANs, configurations are automatically backed up as part of the cloud service, along with the ability to monitor and manage cloud-managed WLAN components. It is no longer necessary to spend time and money building your own Simple Network Management Protocol monitoring server to alert IT staff when a wireless AP fails. All enterprise-class cloud-managed WLAN platforms have built-in monitoring and alerting capabilities. All you have to do is provide the monitoring parameters and the desired alerting methods.

There is no right answer to the debate of on-premises vs. cloud-managed WLAN architectures. Each approach has its pros and cons. Before you buy, evaluate the current and recent state of your wireless LAN and Wi-Fi networks, then weigh which of the factors listed above are critical to your business' success. In all likelihood, a clear winner should emerge between on-premises and cloud-managed WLANs, and then you can focus on choosing the right vendor portfolio.