WEPHack (24th September 2013)
I'm not quite sure how your users are accessing Network Connections if Control Panel is blocked. They should be able to join a wireless network, but not view properties such as TCP/IP or anything else related to networking.
Now that's just bad advice.
If it's an important installation like a school, you do not want to have all your access points autonomous.
I would say anything from 6 AP's upwards is a contender for a managed solution.
Last edited by neilmac; 24th September 2013 at 12:20 PM.
I'm pretty confident even a junior technician could correctly setup 6 APs in an afternoon at a push. It's not difficult to juggle three channels over six APs.
This is not opinion, it's an established best practice.
If it's your home network, fine, but for a mission critical application like education, it need to be done right.
You need to be leveraging as much use as possible from 5GHz, plus you need to make subtle changes to network configs that can be pushed out. Managed networks are much more aware, and perform better. Controllers manage much more than just the configs.
Generally there isn't a huge saving when it's a lot of devices, the false economy is time and troubleshooting. If you have more than 6 AP's you should look at a managed solution. Just because some old networks function with a manual config doesn't mean it's a good way to do it.
If you sell a customer 20 access points and no control plane (either local controller or web management) you are doing him a disservice.
Most devices are still 2.4GHz only or 2.4GHz/5GHz mixed. I think a better way is when newer wireless standards are published, which inevitably will mean they'll be 5GHz only anyway. I can't say I've noticed any significant disadvantage to using 2.4GHz instead of 5GHz and clearly manufacturers think so also.
Controllers do go wrong and when they do, you'll lose all wireless availability. Individual APs connected via PoE work independently, so in theory they can be connected to any decent PoE switch. There are pros and cons to both methods, but the 20/25 is also about right to justify the need for a controller. Managing the wireless channels becomes considerably more difficult and any controller is going to cost considerably more than 6 APs.
It depends on the level of education - certainly senior schools and universities are very reliant on good wifi.
5 GHz has more available channels with no overlap so the capacity is higher for a given area. band steering should automatically push 5GHz capable devices to 5Ghz to reduce congestion in 2.4 GHz.
Controllers can go wrong, so really important installations have redundant controllers. Cloud managed systems give you all of the features without the danger of a failed controller, most manufacturers are moving towards cloud managed.
I will agree that around 6 AP's you can get away with autonomous. However more than 6 to me indicates you are covering a larger are and have more devices. Why wouldn't you want to have access to information that would allow you to centrally manage and troubleshoot your users ?
The additional cost of a control plane is negligible compared to the benefits it brings, to do without is a poor solution.
Out of interest, what autonomous access points are you installing ?
Last edited by neilmac; 24th September 2013 at 01:08 PM.
I agree, the higher you go up the education ladder the demands also get higher. I think it's safe to say however that most higher educational establishments would need more than 20/25 APs and could also budget for a controller, as well as a redundant controller.
I do agree also that 2.4GHz is more busy than 5GHz, but that's fairly inevitable given that the last few generations of G and N were primarily based on 2.4GHz operation. As bandwidth use gets higher, it makes sense to move to 5GHz. To justify upgrading all 2.4GHz to 5GHz compatible wireless adapters just isn't justified, especially when you may have 50, 100 or even more to upgrade. It would literally cost thousands.
You need a lot of time to monitor this kind of data, plus teachers these days are pretty good at highlighting problems as and when they occur. I prefer building up relationships with the staff I support and making myself visible, rather than sitting at a server for hours looking at wireless logs. It's how I work and it's how I encourage others who work with me to be the same.
It depends on the requirements/needs, but HP and Cisco are the most common.
I don't want to look like I am arguing with you, but your assumptions are wrong.
802.11 - 1997 - 2.4 GHz
802.11b - 1999 - 2.4 Ghz
802.11a - 1999 - 5GHz
802.11g - 2003 - 2.4 Ghz
802.11n - 2007 - 2.4 Ghz and 5GHz, 40 MHz only in 5 GHz
So, 5 Ghz has been an obvious option since 802.11n came out, in fact 5 Ghz is the only way to get the higher data rates with 2 spatial streams and 40Mhz.
802.11 ac is to be 5GHz only, but not a reason to upgrade in and of itself.
How old are your wifi adapters to not support 5 GHz ? Do you have short, mid and long term plans in place for these deployments ?
Building relationships with the staff is the right tactic and too often overlooked, you are right to mention this and I hope everyone understands that this is a big part of the job. But not the only answer. If you have a problematic device you need to look at the system to fix it. If you have connectivity issues, how do you begin to troubleshoot it ?
You need to understand how wifi works in order to maximise it and troubleshoot it. I encourage people to get trained and understand the technology they deploy. You need to be passionate about how wifi works in order to administer it correctly.
As for vendor choice, Cisco autonomous access points are more expensive than lightweight, so for a large deployment the costs would be similar. You should get good education discounts so cost should not be a differentiator. Cisco and HP are both more expensive than many managed solutions. Have you looked at alternatives ? Do you know about options like AirTight ?
Ultimitely, you deploy your own networks any way you choose, but there are established best practices and very good reasons for following them.
I wouldn't say 5GHz was obvious for wireless N, hence that's why 2.4GHz and 5GHz options are available. As you say, AC will be 5GHz only, but this in theory (on paper) will deliver near gigabit wireless connectivity, which is a considerable leap from wireless N's peak of a typical 300Mbps.
You'll find many lower end notebooks and netbooks have 2.4GHz only, so blame the manufacturers! To be honest the speeds offered by wireless N @ 2.4GHz is plenty for the majority of day to day tasks. Typically the device itself is the bottleneck - not enough memory installed or very large data transfers 1GB+ (which rarely happens).
Buying quality APs makes all the difference, in terms of how much they can scale, the uptime and also keeping problems to a minimum. I've had very few problems with wireless and it's usually faulty hardware or a damaged AP which typically creates the problem. As I say, I do rely on people communicating problems as I have plenty to keep myself and others occupied. I wouldn't say I'm passionate about wireless networks personally, but I do take pride in all the projects I get involved with. As long as the finished article is on time, on budget and delivers excellent results then I can sleep easy
There are many wireless solutions out there - many I've heard of and many I haven't heard of, such as Airtight like you mention. I could go and learn about all the different types of systems, security mechanisms or other, but that's why we need people like you who can deliver/answer these kind of questions. Clearly your specific interest/profession is in wireless networking, but I have responsibilities covering from A - Z and there's only so much I can cram into my brain, let alone the time to learn about every new technology.
Anyway, back on topic, I hope the OP gets their wireless connectivity/security issues resolved.
So I've confirmed that the Lenovo/Intel Centrino Wireless-N 2230 chipset won't connect to the WG302 (with the latest firmware) using WPA2 AES. It will with WPA TKIP. It's fine with the WNDAP350, so I'm guessing the issue is with the WG302.
Is there any huge benefit in switching from WEP to WPA TKIP if we're going to be changing all this in 6 months anyway?
Absolutely - WEP can be cracked within minutes.
Anyone with the key can read any traffic transiting your network, browse for shared files and worst of all, use your network as a gateway to the internet for all kinds of things.
Any illegal activity from distributing child porn to spamming to cyberattacks will point directly to you IP address. You MUST close this.
Having checked, the WAP does offer a joint WPA/WPA2 mode, and that does seem to be working with this wireless chipset. I'm guessing it tries to negotiate at the stronger encryption, then drops lower if it can't make the connection.
There was mention above of WPA being hackable with TKIP. How does that compare with WEP hacking for time, ease etc.?
One advantage to a longer wireless key is it makes it near impossible to remember if seen, so I may opt for the long key for this reason alone.
Last edited by WEPHack; 24th September 2013 at 04:53 PM.
WPA is OK as long as you use a complex password. If you only have WPA you don't get 802.11n speeds, but you don't have that anyway. If supported, allow WPA/WPA2.
Just get off WEP !
There are currently 1 users browsing this thread. (0 members and 1 guests)