Wireless LANs 2003 Cisco Systems Inc All rights

Wireless LANs © 2003, Cisco Systems, Inc. All rights reserved. 2 -1

Wireless Data Technologies © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -2

Wireless Data Technologies (Cont. ) WAN (Wide Area Network) MAN (Metropolitan Area Network) LAN (Local Area Network) PAN (Personal Area Network) PAN LAN MAN WAN Standards Bluetooth IEEE 802. 11 a, 802. 11 b, 802. 11 g 802. 16 MMDS, LMDS GSM, GPRS, CDMA, 2. 5– 3 G Speed <1 Mbps 1– 54+ Mbps 22+ Mbps 10– 384 kbps Range Short Medium–long Long Applications Peer to peer, device to device Enterprise networks Fixed, lastmile access PDAs, mobile phones, cellular access © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -4

Wireless LAN (WLAN) • A WLAN is a shared network. • An access point is a shared device and functions like a shared Ethernet hub. • Data is transmitted over radio waves. • Two-way radio communications (half-duplex) are used. • The same radio frequency is used for sending and receiving (transceiver). © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -5

WLAN Evolution • Warehousing • Retail • Health care • Education • Businesses • Home © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -6

What Are WLANs? • They are: • Local • In building or campus for mobile users • Radio or infrared • Not required to have RF licenses in most countries • Using equipment owned by customers © 2003, Cisco Systems, Inc. All rights reserved. • They are not: • WAN or MAN networks • Cellular phones networks • Packet data transmission via celluar phone networks – Cellular digital packet data (CDPD) – General packet radio service (GPRS) – 2. 5 G to 3 G services BCMSN v 2. 0— 2 -7

Similarities Between WLAN and LAN • A WLAN is an 802 LAN. – Transmits data over the air vs. data over the wire – Looks like a wired network to the user – Defines physical and data link layer – Uses MAC addresses • The same protocols/applications run over both WLANs and LANs. – IP (network layer) – IPSec VPNs (IP-based) – Web, FTP, SNMP (applications) © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -8

Differences Between WLAN and LAN • WLANs use radio waves as the physical layer. – WLANs use CSMA/CA instead of CSMA/CD to access the network. • Radio waves have problems that are not found on wires. – Connectivity issues. • Coverage problems • Multipath issues • Interference, noise – Privacy issues. • WLANs use mobile clients. – No physical connection. – Battery-powered. • WLANs must meet country-specific RF regulations. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -9

Summary • Different wireless data technologies with different characteristics are available. • WLANs were introduced to provide local connectivity with higher data rates. • WLANs use half-duplex transmission. • WLANs have similarities and differences compared to wired LANS. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -10

Wireless LANs • Describing WLAN Topologies © 2003, Cisco Systems, Inc. All rights reserved. 2 -11

WLAN Topologies • Wireless client access – Mobile user connectivity • Wireless bridging – LAN-to-LAN connectivity • Wireless mesh networking – Combination of bridging and user connectivity © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -12

WLAN and LAN © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -13

Service Set Identifier (SSID) • SSID is used to logically separate WLANs. • The SSID must match on client and access point. • Access point broadcasts one SSID in beacon. • Client can be configured without SSID. • Client association steps: 1. Client sends probe request. 2. A point sends probe response. 3. Client initiates association. 4. A point accepts association. 5. A point adds client MAC address to association table. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -14

WLAN Access Topology © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -15

Wireless Repeater Topology © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -16

Workgroup Bridge Topology © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -17

Alternative Peer-to-Peer Topology © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -18

Service Sets and Modes Ad hoc mode • Independent Basic Service Set (IBSS) – Mobile clients connect directly without an intermediate access point. Infrastructure mode • Basic Service Set – Mobile clients use a single access point for connecting to each other or to wired network resources. • Extended Services Set – Two or more Basic Service Sets are connected by a common distribution system. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -19

Roaming Through Wireless Cells Roaming © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -21

Client Roaming • Maximum data retry count exceeded • Too many beacons missed • Data rate shifted • Periodic intervals • Roaming without interruption requires the same SSID on all access points. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -22

Layer 2 vs. Layer 3 Roaming © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -23

Wireless VLAN Support • Multiple SSIDs • Multiple security types • Support for multiple VLANs from switches • 802. 1 Q trunking protocol © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -24

Wireless VLAN Support (Cont. ) • VLANs propagate across access points. • VLAN numbers are unique. • Access points handle up to 16 VLANs. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -25

Enterprise Voice Architecture © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -26

Wireless Mesh Networking • In a mesh network topology, devices are connected with redundant connections between nodes. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -27

Wireless Mesh Networking • Mesh access points automatically establish connection to controller. – Rooftop access points (RAP) connect via wired connection. – Mesh access points (MAP) connect via self-configuring backhaul connection. • Cisco uses mesh access points. • Adaptive Wireless Path (AWP) protocol establishes best path to root. • Access point authenticates to controller and downloads configuration and radio parameters. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -28

Adaptive Wireless Path Protocol (AWP) • AWP protocol establishes an optimal path to root. • Each access point carries a feasible successor or successors if topology or link health changes. • AWP uses a “parent sticky” value to mitigate route flaps. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -29

Key Market Segments for Outdoor Wireless • Enterprise outdoor • Indoor and outdoor wireless solutions for education customers. • Rugged mesh solutions for enterprise customers. • Public sector • Connecting peripheral devices across the mesh. • Establishing hot zones for public safety or municipal departments. • Service provider • Hot spots become hot zones with Wi-Fi access. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -30

Summary • Types of WLAN topologies are client access, bridging, and mesh networking. • Wireless networks are built with multiple wireless cells. • WLAN roaming occurs seamlessly between wireless cells. • WLANs support VLANs and Qo. S. • WLAN mesh networks extend the wireless network beyond the boundaries of wired LANs. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -31

Wireless LANs • Explaining WLAN Technology and Standards © 2003, Cisco Systems, Inc. All rights reserved. 2 -32

Unlicensed Frequency Bands • ISM: Industry, scientific, and medical frequency band • No exclusive use • No license required • Interference possible © 2003, Cisco Systems, Inc. All rights reserved. • Best effort BCMSN v 2. 0— 2 -33

Radio Frequency Transmission • Radio frequencies are radiated into the air via an antenna, creating radio waves. • Radio waves are absorbed when they are propagated through objects (e. g. , walls). • Radio waves are reflected by objects (e. g. , metal surfaces). • This absorption and reflection cause areas of low signal strength or low signal quality. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -34

Radio Frequency Transmission • Higher data rates have a shorter transmission range. – The receiver needs more signal strength and better SNR to retrieve information. • Higher transmit power results in greater distance. • Higher frequencies allow higher data rates. • Higher frequencies have a shorter transmission range. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -35

WLAN Regulation and Standardization • Regulatory agencies • FCC (United States) • ETSI (Europe) • Standardization • IEEE 802. 11 • http: //standards. ieee. org/getieee 802/ • Certfication of equipment • Wi-Fi Alliance certifies interoperability between products. • Certifications include 802. 11 a, 802. 11 b, 802. 11 g, dual-band products, and security testing. • Certified products can be found at http: //www. wi-fi. org. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -36

IEEE 802. 11 standard § Released in 1997 § FHSS works by sending bursts of data over numerous frequencies § DSSS functions by dividing the data into several pieces and simultaneously sending the pieces on as many different frequencies as possible © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -37

Spread Spectrum Radio • Idea • originally designed to minimize interference – Jamming was military’s focus for spread spectrum development • introduce psuedo-random component to signal – Makes signal look like noise to a receiver that doesn’t know random sequence • spread signal over wider frequency band than required © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -38

Spread Spectrum Technologies COMPLETE WAVEBAND ALLOCATED • • Direct Sequence • Each symbol is transmitted over multiple frequencies at the same time • Very efficient (no overhead) • Higher speed than FH at comparable distances • System capacity (multiple channels) higher than FH Time Frequency Hopping • Sequential use of multiple frequencies • Hop sequence and rate will vary Time © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -39

F F F 1 2 N Sub-Ch 1 Sub-Ch 2 Sub-Ch N Demodulation Signal Processing Serial-to-Parallel Converter OFDM Digital Modulation • Orthogonal Frequency Division Multiplexing (OFDM) • The channel is split into a number of sub -channels • Each sub-channel transmits a part of the original information • Each sub-channel adjusted to its environment (S/N) • Reduces multipath & selective fading • Allows for higher speeds • Requires smart signal processing • Used in 802. 11 a(USA), DTTB(Eu), Hyperplan(Eu), Power Line Coms. standards. Delogne P, Bellanger M: The Impact of Signal Processing on an Efficient Use of the Spectrum, Radio Science Bulletin June 1999, 23 -28 Le. Floch B, Alard M, Berrou C: Coded Orthogonal Frequency Division Multiplex, Proc of IEEE June 1995, 982 -996 © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -40

802. 11 Collisions Avoidance • Similar to CSMA/CD (Ethernet) • Transmit when medium is idle, back off on collision • Problem: medium is not fully shared A © 2003, Cisco Systems, Inc. All rights reserved. B C D BCMSN v 2. 0— 2 -41

802. 11 Collisions Avoidance (contd. ) • Hidden node problem: A and C cannot hear each other • If they both transmit to B at the same time, there will be a collision which won’t be detected by A or C © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -42

802. 11 Collisions Avoidance (contd. ) • Exposed node problem: C could send to D while B is sending to A • C is blocked when B is sending © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -43

“Hidden stations” the solution A B C RTS: I want to send to B 500 bytes CTS: OK A, go ahead, so everybody quiet Data: the 500 bytes of data from A to B ACK: B received the data OK, so an ACK • IEEE 802. 11 defines: • MAC level RTS/CTS protocol (Request to Send / Clear to Send) • Can be switched off to reduce overhead (when no hidden nodes exist) • More robustness, and increased reliability • No interruptions when large files are transmitted © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -44

802. 11 b © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -45

802. 11 b Standard • Standard was ratified in September 1999 • Operates in the 2. 4 -GHz band • Specifies direct sequence spread spectrum (DSSS) • Specifies four data rates up to 11 Mbps – 1, 2, 5. 5, 11 Mbps • Provides specifications for vendor interoperability (over the air) • Defines basic security, encryption, and authentication for the wireless link • Is the most commonly deployed WLAN standard © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -46

2. 4 -GHz Channels Regulatory Domain Channel Identifier Channel Center Frequency Channel Frequency Range [MHz] Americas Europe, Middle East, and Asia Japan 1 2412 MHz 2401 – 2423 X X X 2 2417 MHz 2406 – 2428 X X X 3 2422 MHz 2411 – 2433 X X X 4 2427 MHz 2416 – 2438 X X X 5 2432 MHz 2421 – 2443 X X X 6 2437 MHz 2426 – 2448 X X X 7 2442 MHz 2431 – 2453 X X X 8 2447 MHz 2436 – 2458 X X X 9 2452 MHz 2441 – 2463 X X X 10 2457 MHz 2446 – 2468 X X X 11 2462 MHz 2451 – 2473 X X X 12 2467 MHz 2466 – 2478 X X 13 2472 MHz 2471 – 2483 X X 14 2484 MHz 2473 – 2495 X © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -47

2. 4 -GHz Channel Use • Each channel is 22 MHz wide. • North America: 11 channels. • Europe: 13 channels. • There are three nonoverlapping channels: 1, 6, 11. • Using any other channels will cause interference. • Three access points can occupy the same area. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -48

802. 11 b/g (2. 4 GHz) Channel Reuse © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -49

802. 11 b Access Point Coverage © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -50

802. 11 a © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -51

802. 11 a Standard • Standard was ratified September 1999 • Operates in the 5 -GHz band • Uses orthogonal frequency-division multiplexing (OFDM) • Uses eight data rates of up to 54 Mbps – 6, 9, 12, 18, 24, 36, 48, 54 Mbps • Has from 12 to 23 nonoverlapping channels (FCC) • Has up to 19 nonoverlapping channels (ETSI) • Regulations different across countries – Transmit (Tx) power control and dynamic frequency selection required (802. 11 h) © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -52

5 -GHz Channels with 802. 11 h • 802. 11 h implements TPC and DFS. • With 802. 11 h in February 2004, the FCC added 11 channels. – 23 channels in the United States (FCC) – 19 channels in Europe (ETSI) – UNII-3 band currently not allowed in most of Europe © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -53

802. 11 a Channel Reuse • 802. 11 h DFS not available • Manual channel assignment required • 802. 11 h DFS implemented • Channel assignment done by Dynamic Frequency Selection (DFS) • Only frequency bands can be selected © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -54

802. 11 g © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -55

802. 11 g Standard • Standard was ratified June 2003 • Operates in the 2. 4 -GHz band as 802. 11 b – Same three nonoverlapping channels: 1, 6, 11 • DSSS (CCK) and OFDM transmission • 12 data rates of up to 54 Mbps – 1, 2, 5. 5, 11 Mbps (DSSS / 802. 11 b) – 6, 9, 12, 18, 24, 36, 48, 54 Mbps (OFDM) • Full backward compatiblity to 802. 11 b standard © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -56

802. 11 g Protection Mechanism • Problem: 802. 11 b stations cannot decode 802. 11 g radio signals. • 802. 11 b/g access point communicates with 802. 11 b clients with max. 11 Mbps. • 802. 11 b/g access point communicates with 802. 11 g clients with max. 54 Mbps. • 802. 11 b/g access point activates RTS/CTS to avoid collisions when 802. 11 b clients are present. • 802. 11 b client learns from CTS frame the duration of the 802. 11 g transmission. • Reduced throughput is caused by additional overhead. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -57

802. 11 Standards Comparison © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -58

802. 11 RF Comparison 802. 11 b – 2. 4 GHz • Most commonly deployed WLAN standard 802. 11 g – 2. 4 GHz 802. 11 a – 5 GHz Pro • Higher throughput • Highest throughput • OFDM technology reduces multipath issues Con • Provides up to 23 nonoverlapping channels • Interference and noise • Lower market from other services in penetration • Interference and noise the 2. 4 -GHz band from other services in the 2. 4 -GHz band • Only three • Only 3 nonoverlapping channels • Distance limited by multipath issues © 2003, Cisco Systems, Inc. All rights reserved. nonoverlapping channels • Throughput degraded in the presence of 802. 11 b clients BCMSN v 2. 0— 2 -59

802. 11 Standards Comparison 802. 11 b 802. 11 g 802. 11 a Ratified 1999 2003 1999 Frequency band 2. 4 GHz 5 GHz No of channels 3 3 Up to 23 Transmission DSSS Data rates [Mbps] Throughput [Mbps] © 2003, Cisco Systems, Inc. All rights reserved. DSSS OFDM 1, 2, 5. 5, 11 Up to 6 OFDM 6, 9, 12, 18, 24, 36, 48, 54 Up to 22 Up to 28 BCMSN v 2. 0— 2 -60

Range Comparisons © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -61

Ratified IEEE 802. 11 Standards • • 802. 11: WLAN 1 and 2 Mbps at 2. 4 GHz 802. 11 a: WLAN 54 -Mbps at 5 GHz 802. 11 b: WLAN 11 -Mbps at 2. 4 GHz 802. 11 d: Multiple regulatory domains 802. 11 e: Quality of service 802. 11 f: Inter-Access Point Protocol (IAPP) 802. 11 g: WLAN 54 -Mbps at 2. 4 GHz 802. 11 h: Dynamic Frequency Selection (DFS) Transmit Power Control (TPC) at 5 GHz • 802. 11 i: Security • 802. 11 j: 5 -GHz channels for Japan http: //standards. ieee. org/getieee 802/ © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -62

Worldwide Availability http: //www. cisco. com/go/aironet/compliance © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -63

General Office WLAN Design • Eight 802. 11 g access points deployed • 7 users per access point with no conference rooms provides 3. 8 Mbps throughput per user • 7 users + 1 conference room (10 users) = 17 total users, provides 1. 5 Mbps throughput per user © 2003, Cisco Systems, Inc. All rights reserved. 54 Cubes— 4 Conference Rooms Conference Room 120 Feet Conference Room Reception Conference Room 95 Feet BCMSN v 2. 0— 2 -64

WLAN as a Shared Medium: Best Practices • 2. 4 -GHz 802. 11 b bandwidth calculations • 25 users per cell; general office maximum users limited by bandwidth • Peak true throughput 6. 8 Mbps – 6. 8 Mbps * 1024/25 = 278. 5 kbps per user • 2. 4 -GHz 802. 11 g bandwidth calculations • 20 users per cell; general office maximum users limited by bandwidth • Peak true throughput 32 Mbps – 32 Mbps * 1024/20 = 1683 kbps per user • 5 -GHz 802. 11 a bandwidth calculations • 15 users per cell; general office users limited by coverage, not bandwidth • Peak true throughput 32 Mbps – 32 Mbps * 1024/15 = 2188 kbps per user © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -65

WLAN Security © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -66

Why WLAN Security? • Wide availability and low cost of IEEE 802. 11 wireless equipment • 802. 11 standard ease of use and deployment • Availability of sniffers • Statistics on WLAN security • Media hype about hot spots, WLAN hacking, war driving • Nonoptimal implementation of encryption in standard Wired Equivalent Privacy (WEP) encryption • Authentication vulnerability © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -67

WLAN Security Threats © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -68

Mitigating the Threats Control and Integrity Privacy and Confidentiality Protection and Availability Authentication Encryption Intrusion Detection System (IDS) Ensure that legitimate Protect data as it is clients associate with transmitted and trusted access points. received. © 2003, Cisco Systems, Inc. All rights reserved. Track and mitigate unauthorized access and network attacks. BCMSN v 2. 0— 2 -69

Evolution of WLAN Security Initial (1997) Interim (2001) Interim (2003) Encryption (WEP) 802. 1 x EAP Wi-Fi Protected Access (WPA) • No strong authentication • Dynamic keys • Standardized • Improved encryption • User authentication • Strong, user authentication (e. g. , LEAP, PEAP, EAPFAST) • Static, breakable keys • Not scalable • 802. 1 x EAP (LEAP, PEAP) • RADIUS Present Wireless IDS • Identification and protection against attacks, Do. S IEEE 802. 11 i WPA 2 (2004) • AES strong encryption • Authentication • Dynamic key management © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -70

Wireless Client Association • Access points send out beacons announcing SSID, data rates, and other information. • Client scans all channels. • Client listens for beacons and responses from access points. • Client associates to access point with strongest signal. • Client will repeat scan if signal becomes low to reassociate to another access point (roaming). • During association SSID, MAC address and security settings are sent from the client to the access point and checked by the access point. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -71

WPA and WPA 2 Authentication © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -72

WPA and WPA 2 Encryption © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -73

WLAN Security Summary WPA Passphrase WEP Encryption © 2003, Cisco Systems, Inc. All rights reserved. 802. 1 x EAP Mutual Authentication TKIP Encryption WPA / WPA 2 802. 11 i Security BCMSN v 2. 0— 2 -74

Security Evaluation • Evaluate effectiveness of encrypted WLAN statistics. • Focus on proper planning and implementation. • Estimate potential security threats and the level of security needed. • Evaluate amount of WLAN traffic being sent when selecting security methods. • Evaluate tools and options applicable to WLAN design. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -75

Summary • The 2. 4 -GHz and 5 -GHz frequency bands are used by WLAN 802. 11 standards. • The throughput per user depends on the data rate and the number of users per wireless cell. • 802. 11 b has data rates of up to 11 Mbps at 2. 4 GHz. • 802. 11 a has data rates of up to 54 Mbps at 5 GHz. • 802. 11 g has data rates of up to 54 Mbps at 2. 4 GHz. • 802. 11 a has a shorter range than 802. 11 g. • For maximum efficiency, limit the number of users per cell. • Different WLAN security types with authentication and encryption satisfy the security requirements of enterprise and home users. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -76

Wireless LANs • Implementing WLANs © 2003, Cisco Systems, Inc. All rights reserved. 2 -77

Cisco WLAN Implementation • Autonomous WLAN solution • Autonomous access points • Lightweight WLAN solution • Lightweight access points • WLAN controller © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -78

Autonomous WLAN Solution • Autonomous access point – Cisco IOS software • Network infratructure – Po. E switch and router • Wireless Domain Services (WDS) – Management support • Wireless LAN Solution Engine (WLSE) – Centralized management • Acess Control Server (ACS) – RADIUS/TACACS+ security © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -79

Autonomous WLAN Solution • Wireless Domain Services (WDS) – Management support – WDS is a collection of Cisco IOS® Software features that enhance WLAN client mobility, and simplify WLAN deployment and management. WDS is a new feature for access points (APs) in Cisco IOS Software. WDS is a core function that enables other features, such as: • Fast secure roaming (FSR) • Wireless LAN Solution Engine (WLSE) interaction • Radio management (RM) © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -80

Autonomous WLAN Solution • Wireless LAN Solution Engine (WLSE) – Centralized management – Enhances network security: • Detects, locates, and mitigates rogue access points and unauthorized adhoc networks • Helps ensure the consistent application of security policies – Improves WLAN performance and availability: • Detects RF interference • Optimizes radio coverage and settings • Monitors performance and faults – Saves time and resources: • Automating the configuration of Cisco Aironet access points and bridges • Assisted site survey to determine optimal antenna selection and access point settings such as transmit power and channel selection © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -81

Lightweight WLAN Solution • Lightweight access point • Network infratructure – Po. E switch and router • Cisco Wireless LAN controller (WLC) – Access point configuration • Cisco Wireless Control System (WCS) – Management • Location appliance – Location tracking • Cisco Secure Acess Control Server (ACS) – RADIUS/TACACS+ security © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -82

Wireless Control System © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -83

Lightweight WLAN Solution © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -84

Lightweight Access Point Protocol • Real-time frame exchange and certain real-time portions of MAC management are accomplished within the access point. • Authentication, security management, and mobility are handled by WLAN controllers. • Data and control messages are exchanged between the access point and the WLAN controller using LWAPP. • Control messages are encrypted. • All client data traffic is sent via the WLAN controller. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -85

LWAPP • Layer 2 mode • Layer 2 LWAPP is in an Ethernet frame. • The WLAN controller and the access point must be in the same broadcast domain and IP subnet. • Layer 3 mode • Layer 3 LWAPP is in a UDP/IP frame. • The WLAN controller and access point can be in the same or different broadcast domains and IP subnets. • The access point must obtain an IP address via DHCP. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -86

Association of Access Point to WLAN Controller • Access points use LWAPP in Layer 2 and Layer 3 mode to associate to the WLAN controller. • In Layer 3 mode, the access point sends an LWAPP discovery request to the controller management IP address via a directed broadcast. • The controller responds with a discovery response from the manager IP address that includes the number of access points currently associated to the access point manager interface. • The access point chooses the access point manager IP address with the least number of access points and sends the join request. • All subsequent communication is to the WLAN controller access point manager IP address. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -87

Cisco Aironet WLCs • Scalability • Integrated Radio Resource Management (RRM) • Zero-configuration deployment WLC 2000 • Multilayered security • Intrusion detection, location, and containment • Mobility management • Reliability • Intuitive management interfaces © 2003, Cisco Systems, Inc. All rights reserved. WLC 4400 BCMSN v 2. 0— 2 -88

Comparison of the WLAN Configuration • Autonomous WLAN solution • Autonomous access points • Configuration of each access point • Independent operation • Centralized management via WLSE • Access point redundancy © 2003, Cisco Systems, Inc. All rights reserved. • Lightweight WLAN solution • Lightweight access points • Configuration via WLC • Dependent on WLC • Centralized management via WCS • WLC redundancy BCMSN v 2. 0— 2 -89

WLAN Components Autonomous Solution Wireless clients Lightweight Solution Autonomous access points Access points Lightweight access points Wireless Domain Services (WDS) Control WLAN controller WLAN Solution Engine (WLSE) WLAN management Cisco Wireless Control System (WCS) Po. E switches, routers Network infrastructure Po. E switches, routers DHCP, DNS, AAA Network services DHCP, DNS, AAA © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -90

Cisco Unified Wireless Network Unified Advanced Services Unified cellular and Wi-Fi Vo. IP. Advanced threat detection, identity networking, location-based security, asset tracking, and guest access. World-Class Network Management Same level of security, scalability, reliability, ease of deployment, and management for wireless LANs as wired LANs. Network Unification Integration into all major switching and routing platforms. Secure, innovative WLAN controllers. Mobility Platform Ubiquitous network access in all environments. Plug and play. Client Devices 90% of Wi-Fi silicon is Cisco Compatible certified. Advance services support. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -91

Cisco Unified Wireless Network (Cont. ) Cisco Self-Defending Network Unified Advanced Services Unified, built-in support of leading-edge applications, not an afterthought. Cisco Wireless Location Appliance, Cisco WCS, SDN, NAC, Wi-Fi phones, and RF firewalls. World-Class Network Management World Class NMS that visualizes and helps secure your air space. Cisco Wireless Control System (WCS). Network Unification Seamless network infrastructure across a range of platforms. Cisco 4400 and 2000 Wireless LAN Controllers. Future Cisco Catalyst 6500, Series Wi. SM, ISR, and 3750 integration. Mobility Platform Access points dynamically configured and managed through LWAPP. Cisco Aironet Access Points: 1500, 1300, 1240 AG, 1230 AG, 1130 AG, and 1000. Bridges: 1400 and 1300. Client Devices Secure clients that work out of the box. Cisco Compatible client devices & Cisco Aironet clients. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -92

Cisco Aironet Access Points and Bridges Indoor Access Points Mobility Platform Features • Industry’s best range and throughput 1130 AG • Enterprise-class security 1000 • Many configuration options Indoor Rugged Access Points • Simultaneous air monitoring and traffic delivery • Wide area networking for outdoor areas 1240 AG Benefits 1230 AG • Zero-touch management Outdoor Access Points/Bridges • No dedicated air monitors • Support for all deployment scenarios (indoor and outdoor) 1500 1400 © 2003, Cisco Systems, Inc. All rights reserved. 1300 • Secure coverage to advanced services BCMSN v 2. 0— 2 -93

Power over Ethernet © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -94

Power over Ethernet (Po. E) • Sending operating power over Ethernet Category 5 cable • Power-sourcing equipment (PSE) – Switches, power injector • Powered devices – Access points, IP phones • Up to 15. 4 W power port • Distances up to 100 meters • Alternative: AC power adapter © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -95

Po. E Delivery Detection of power requirements • IEEE 802. 3 af • Cisco proprietary inline power Two approved methods for “inserting” power into Ethernet cable: Pair 1, 2 and 3, 6 © 2003, Cisco Systems, Inc. All rights reserved. Pair 4, 5 and 7, 8 BCMSN v 2. 0— 2 -96

Midspan Power Injection • Uses pairs 4, 5 and 7, 8 • Requires eight-wire cabling • Does not extend 100 -m total length limit • Not possible for 1000 TX © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -97

Power-Sourcing Equipment • Power injector – AIR-PWRINJ 3/AIR-PWRINJ-FIB • Powering switch – Cisco Catalyst 3560 -PS/3750 -PS – Cisco Express CE 500 -LC/CE 500 -PC – Cisco Catalyst 4500/6500 switch with inline power line cards – Router module NM-16 ESW-PWR – Router card HWIC-4 ESW-POE – Router with Po. E support © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -98

Investment Protection • Cisco has shipped over 18 million ports with Po. E installed. • New Cisco devices (PSEs and powered devices) support both Po. E methods. – IEEE 802. 3 af – Cisco proprietary Po. E • Examples: – Access points 1131 AG, 1242 AG – Switches: 3560, 3750 – Router: 1812, HWIC-4 ESW-POE • Automatic detection; no configuration is required. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -99

Po. E Switch switch(config-if)# power inline {auto | never} • Po. E configuration switch# show power inline [interface] • Display Po. E statistics switch# show power inline Available: 370. 0(w) Used: 61. 6(w) Remaining: 308. 4(w) Interface Admin Oper Power Device Class Max (Watts) ------ ---------- ---Gi 0/1 auto off 0. 0 n/a 15. 4 Gi 0/2 auto on 15. 4 Ieee PD 3 15. 4 Gi 0/3 auto off 0. 0 n/a 15. 4 Gi 0/4 auto on 15. 4 Ieee PD 3 15. 4 Gi 0/5 auto off 0. 0 n/a 15. 4 Gi 0/6 auto on 15. 4 Ieee PD 3 15. 4 Gi 0/7 auto off 0. 0 n/a 15. 4 Gi 0/8 auto on 15. 4 Ieee PD 3 15. 4 © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -100

Po. E Switch Port Status © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -101

Antennas © 2003, Cisco Systems, Inc. All rights reserved. © 2005 Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -102

Antenna Concepts • Directionality • Omnidirectional antennas (360 degree coverage) • Directional antennas (limited range of coverage) • Gain • Measured in d. Bi (gain over theoretical isotropic) • More gain means focusing in certain directions, limited range of coverage • Polarization • Vertical polarization for WLAN © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -103

Antenna Theory • A theoretical isotropic antenna has a perfect 360 -degree vertical and horizontal beamwidth. • Reference for all antennas. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -104

Omnidirectional Antenna: Dipole • Energy lobes “pushed in” from the top and bottom • Higher gain • Smaller vertical beamwidth • Larger horizontal lobe • Typical dipole pattern Side View (Vertical Pattern) Vertical Beamwidth New Pattern (with Gain) Top View (Horizontal Pattern) 2 -d. Bi Dipole "Standard Rubber Duck" © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -105

Directional Antenna • • Lobes are pushed in a certain direction, causing the energy to be condensed in a particular area. Side View (Vertical Pattern) Very little energy is in the back side of a directional antenna. Top View (Horizontal Pattern) 6. 5 -d. Bi Diversity Patch Wall Mount – 55 degrees © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -106

Connectorized 5 -GHz Antennas Cisco 5 -GHz Rubber Antenna (Flat with Blue Dot) Cisco 2. 4 -GHz Rubber Antenna (Round, No Dot) 5 -GHz (802. 11 a) antennas have blue ID markers. Dual-band (2. 4 -GHz and 5 -GHz) antennas have yellow dots. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -107

Cisco Access Point/Bridge Antennas Frequency Antenna Horizontal Beamwidth Vertical Beamwidth 2. 4 GHz 2. 2 -d. Bi dipole 360 o 65 o 2. 4 GHz 5. 2 -d. Bi omni 360 o 38 o 2. 4 GHz 6 -d. Bi diversity patch 80 o 55 o 2. 4 GHz 9 -d. Bi patch 60 o 2. 4 GHz 10 -d. Bi Yagi 47 o 55 o 2. 4 GHz 13. 5 -d. Bi Yagi 30 o 25 o 2. 4 GHz 21 -d. Bi dish 12. 5 o 5 GHz 3. 5 -d. Bi dipole 360 o 40 o 5 GHz 6 -d. Bi omni 360 o 17 o 5 GHz 7 -d. Bi patch 70 o 50 o © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -108

Multipath Distortion • Multipath distortion (a form of radio degradation) occurs when radio signals bounce off metal objects in a room, such as metal cabinets or ceiling lights. • OFDM overcomes multipath distortion through parallel frequency use. © 2003, Cisco Systems, Inc. All rights reserved. • Multiple signals at receiver cause distortion of the signal. • As radio waves bounce, they arrive at the receiver slightly delayed, combining with the original signal, causing distortion. • Diversity systems use two antennas in different positions to reduce the degradation. BCMSN v 2. 0— 2 -109

Definition of Decibel (d. B) [d. B] = 10 log 10 (Ratio) • Ratio of one value to another 0 d. B 1: 1 • d. Bm = Power based on 1 milliwatt 10 d. B 10: 1 • 0 d. Bm = 1 m. W +3 d. B Multiply by 2 • d. Bi = Antenna gain based on isotropic antenna – 3 d. B Divide by 2 +10 d. B Multiply by 10 – 10 d. B Divide by 10 13 d. B = 10 + 3 20 = 10 * 2 20 d. B = 10 + 10 100 = 10 * 10 17 d. B = 20 – 3 50 = 100 / 2 © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -110

Effective Isotropic Radiated Power • Transmit power is rated in d. Bm or m. W. • Power coming off an antenna is Effective Isotropic Radiated Power (EIRP). • FCC and ETSI use EIRP for power limits in regulations for 2. 4 -GHz and 5 -GHz WLANs. • EIRP [d. Bm] = Power [d. Bm] – cable_loss [db] + antenna_gain [d. Bi] © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -111

Antenna Cable Loss LMR 400 • Use cable that is supplied with the antenna, avoiding long cable runs when possible. • Cisco offers these cables: • LMR 400 -style cables – 20 and 50 feet – Total loss of 1. 3 and 3. 4 d. B, respectively • LMR 600 -style cables – 100 and 150 feet – Total loss of 4. 4 and 6. 6 d. B, respectively © 2003, Cisco Systems, Inc. All rights reserved. LMR 600 Cable Type 2. 4 -GHz 5. 8 -GHz Loss (db/100 feet) LMR 400 6. 6 10. 8 LMR 600 4. 4 7. 25 BCMSN v 2. 0— 2 -112

2. 4 -GHz EIRP Rules for FCC-Governed Areas Point-to-Multipoint Transmitter Maximum Power d. Bm Gain EIRP FCC Maximum 1 W 30 d. Bm 6 d. Bi 36 d. Bm Cisco Maximum 100 m. W 20 d. Bm 16 d. Bi 36 d. Bm Reduced Tx Power 20 m. W 13 d. Bm 23 d. Bi 36 d. Bm The above values reflect the 1: 1 rule. • Point-to-multipoint • FCC allows increasing the gain of an antenna/cable system if the transmitter power is reduced below 30 d. Bm in a 1: 1 ratio. • Reduce transmit power below maximum of 30 d. Bm by 1 d. Bm and increase antenna/cable system gain by 1 -d. Bi. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -113

2. 4 -GHz EIRP Rules for ETSI-Governed Areas Transmitter Power Transmitter d. Bm Maximum Gain EIRP ETSI Maximum 50 m. W 17 d. Bm 3 d. Bi 20 d. Bm Cisco Maximum 50 m. W 17 d. Bm 2. 2 d. Bi 19. 2 d. Bm Reduced Tx Power 20 m. W 13 d. Bm 7 d. Bi 20 d. Bm Reduced Tx Power 10 m. W 10 d. Bm 10 d. Bi 20 d. Bm Reduced Tx Power 1 m. W 0 d. Bm 20 d. Bi 20 d. Bm • Currently ETSI allows a maximum of 20 d. Bm EIRP on point-to-multipoint and point-to-point installations— 17 d. Bm maximum transmitter power with 3 d. Bi in gain attributed to antenna and cable combination. • Reduce transmit power below maximum of 17 d. Bm by 1 d. Bm and increase antenna/cable system gain by 1 d. Bi. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -114

EIRP Rules: Summary FCC ETSI Frequency [GHz] No. of Channels (26 total) Channel Identifier Usage 2. 400 – 2. 483 3 1, 6, 11 Indoor Outdoor 30 d. Bm 6 d. Bi 36 d. Bm 20 d. Bm 5. 150 – 5. 250 4 36 – 48 Indoor only 16 d. Bm 6 d. Bi 22 d. Bm 23 d. Bm 5. 250 – 5. 350 4 52 – 64 Indoor Outdoor 24 d. Bm 6 d. Bi 30 d. Bm 23 d. Bm 5. 470 – 5. 725 11 100 – 140 Indoor Outdoor 24 d. Bm 6 d. Bi 30 d. Bm 5. 725 – 5. 825 4 149 – 161 Indoor Outdoor 30 d. Bm 6 d. Bi 36 d. Bm n/a TX Power Ant. Gain EIRP • 5. 725 MHz and above currently not allowed in most of Europe © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -115

Summary • Autonomous and lightweight WLAN solutions are the Cisco implementations of WLAN. • LWAPP is the protocol used between lightweight access points and WLAN controllers. • WLAN components include clients, access points, controllers, management systems, infrastructure devices, and security server. • The Cisco Unified Wireless Network provides a unified enterpriseclass wireless solution. • Cisco Aironet access points are available for indoor or outdoor use. • Access points and IP phones can be powered over Ethernet cable. • Characteristics of antennas are directionality, gain, and polarisation. • Multipath distortion cause low quality data transmission. • Antenna and RF power is measured in decibels. • EIRP limits are defined by FCC and ETSI regulations. © 2003, Cisco Systems, Inc. All rights reserved. BCMSN v 2. 0— 2 -116