[wireless] version 1.2. course outline introduction to wireless customer needs and the solution ...
Post on 18-Dec-2015
218 views
TRANSCRIPT
[Wireless]Version 1.2
Course Outline Introduction to Wireless
Customer Needs and The Solution
Wireless Standards and Certifications
Wireless Access Point Operation Modes
Power Over Ethernet
Wireless Antenna
Wireless Security
D-Link Wireless Product
Wireless Solution
Wireless Application
D-Link Unified Access System
• Unified Access System Overview
• D-Link Unified Wireless Switch
• D-Link Wireless Switch Features and Advantages
• D-Link Unified Access Point
• Market Analysis for D-Link Wireless Switch
• Wireless Switch Deployment Application
• Success Stories
2
Introduction to WirelessDCS – Wireless
3
Introduction to Wireless
Introduction to Wireless
After this session, you should be capable of express:1. What is wireless LAN technology, its advantages and differences
between the wired LAN2. The evolution of wireless LAN3. Basic knowledge of wireless technology: What is the minimum
requirement to build a WLAN, types of wireless network and step-by-step needed in building WLAN
4
Wireless LAN Technology Overview Wireless LAN Definition
• Network infrastructure where all data are being transmitted and received use radio signals over the air instead of wires.
Advantages of implementing WLAN technology• Increase mobility• Low implementation and network expansion• Scalability
Differences between wired LAN and wireless LAN
Wired LAN Wireless LAN
• Run network cable installation• Limited by network media• Depend on physical location• Data are sent through network cable
• Not required to run network cable installation
• Not limited by network media• Independent on physical location• Data are sent through the air
WLAN Technology
Introduction to Wireless
5
Comparison between Wired LAN & Wireless LAN
Wired LAN Wireless LAN
Installation Moderate level of difficulty
Easier, but must be careful with the interference issue
Cost Less More
Reliability High Reasonably High
Performance Very Good Good
Security Reasonably Good Reasonably Good
Mobility Limited Outstanding
WLAN Technology
Introduction to Wireless
6
History of Wireless LAN Below are the evolution of Wireless LAN
• 1970 – ALOHAnet was developed at the University of Hawaii• 1985 – Federal Communication Commission (FCC) announced authorized
license-free wireless bands• 1991 – First workshop held by IEEE. WLAN product had been launched,
and IEEE had just started to develop wireless standard• 1997 – Federal Communication Commission (FCC) announced authorized
wireless equipment which used the license-free bands
History of WLAN
Introduction to Wireless
7
1970 1985 1991 1997
Page is Animated
Basic Component for Wireless Network
Basic Knowledge on Wireless Network
Introduction to Wireless
Basic component for wireless network• Wireless Client/STA – e.g. Wi-Fi Phone, PDA with Wi-Fi built-in, etc
– Wireless adapter for client device (used only for client that does not support wireless– Wireless USB Adapter– PCMCIA– Express Card and PICe
• Wireless device– Access Point– Wireless Router
• Antenna
8
D-Link Wireless USB Adapter
D-Link PCMCIA wireless network
adapter
D-Link Access Point
Outdoor Antenna
Wireless Network Types
Basic Knowledge on Wireless Network
Introduction to Wireless
Ad-Hoc type (1)• Connect to other wireless client devices
without the use of any wireless media• Useful for establishing a network where
wireless infrastructure does not exist or where services are not required
• Not suitable for large scale network Infrastructure type (2)
• Connect to other wireless client device with the use of any wireless media to act as a central point
• Suitable to be deployed for a large scale network
Hybrid type (3)• Combination between Ad-Hoc and
Infrastructure• Sometimes supported. Security
problem might appear if clients additionally formed Ad-Hoc network with no or simple authentication
9
Building Wireless LAN Steps in building WLAN
• Evaluate and assess customer requirements• Do site survey activity task• Plan and design the solution• Choose the right wireless equipment• Implement the solution• Enhance the network (security, etc)
Consideration in building WLAN• Same wireless channel cannot overlap• Same frequency used by other devices may interfere the performance of
wireless LAN
Basic Knowledge on Wireless Network
Introduction to Wireless
10
Summary Using wireless technology, all data are being transmitted and
received over the air use radio signal instead of wires. WLAN technology provides more advantages compared to LAN
technology, especially in flexibility and mobility. The idea of inventing wireless technology first came on 1970 when
ALOHAnet was developed at University of Hawaii and it was continuously improved until now.
To build a wireless network, the minimum devices required are Wireless compatible client (or wireless adapter needed for wireless incompatible client) and the wireless device such as access point.
Actually, there are two wireless network types: Ad-Hoc type for small network and infrastructure type for bigger network.
In building WLAN, there are things needed to be considered and it will be better if we follow the right steps.
Summary
Introduction to Wireless
11
Questions and Answers1. Select options that are not advantages of using wireless technology. (Choose all
that apply)A. Increase mobilityB. High implementation costC. No standardization for wireless technologyD. High scalabilityE. Easy network expansion
2. Select characteristics belonging to wireless technology. (Choose all that apply)A. Data are sent through network mediaB. Depend on the physical locationC. Not required to run network cable installationD. Data are sent using radio signal
3. Select year when FCC first announced authorized license-free wireless bands.A. 1970B. 1985C. 1991D. 1997
Questions and Answers
Introduction to Wireless
12
Questions and Answers4. Select requirements that are needed when building a wireless
network. (Choose two)A. Access PointB. RouterC. SwitchD. Wireless AdapterE. Bridge
5. Select the statement that best describes Ad-Hoc wireless network type.A. The wireless coverage area is known as Basic Service Set or CellB. Require single device that control the communication in the networkC. All clients within the network are equalD. Suitable to be deployed for a large scale network
Questions and Answers
Introduction to Wireless
13
Customer Needs and The Solutions
DCS – Wireless
14
Customer Needs and The Solutions
Customer Needs and The Solutions
After this section, you should be capable of expressing:1. Common customer needs when building network infrastructure2. Solutions that D-Link provide to fulfill all customer needs
15
Common Customer Needs when Deploying Network Infrastructure Flexibility Scalability Ease of deployment Secure network infrastructure Simple network management
Common Customer Needs
Customer Needs and The Solutions
16
Flexibility
D-Link Solutions for Customer Needs
Customer Needs and The Solutions
We can flexibly connect the WLAN with LAN
17
Mobile clientMobile client
Shared network printer
File Server
Layer 2 switch
Document to be printed
Send document to the network
printer
AP receive the packetForwards the packet to switch
Switch receive the packet and forward it to
network printer
Receive the packet,Print the documents
Mobile client
Get documents
from file server
Page is Animated
Scalability
D-Link Solutions for Customer Needs
Customer Needs and The Solutions
Network expansion is scalable by adding more wireless devices
18
Existing Network area New Extended network area
Mobile clientMobile client
Shared network printer
File Server
Layer 2 switch
Mobile client
PDA User
Additional wireless device
Page is Animated
Ease of Deployment
D-Link Solutions for Customer Needs
Customer Needs and The Solutions
Customers are not limited to physical area when deploy a wireless network infrastructure, for example: different location in the same building or connect building-to-building wireless infrastructure
Less effort in cable installation – Customers do not need to do so much cable installation
19
Mobile clientMobile client
Shared network printer
File Server
Layer 2 switch
Mobile client
PDA
Minimal Cable installation in the WLAN
Secure Network Infrastructure
D-Link Solutions for Customer Needs
Customer Needs and The Solutions
Permits only authorized users to connect to the network
20
Authorized Client
Unauthorized client
Access to network Allowed
Join to network,
Accessing network resources
Access to network denied
✕
Shared network printer
File Server
Layer 2 switch
Router
Page is Animated
Simple Network Management
D-Link Solutions for Customer Needs
Customer Needs and The Solutions
Administrator or authorized user can simply managed the network infrastructure
Easy when do some monitoring task and control network traffics
21
AP_1 AP_2
Manage any wireless devices and control
network traffics through client’s device
Page is Animated
Summary When building a network infrastructure, some requirements from
the customer that need to be fulfilled are quite common. Generally, the customer wants the network built were deployed easily, provides flexibility, scalability, secured, and easy to manage and monitor.
D-Link provides solutions for these customer needs. One of the solutions is implementing wireless technology. D-Link wireless products provide many advantages for customers and is widely known as a powerful device.
Summary
Customer Needs and The Solutions
22
Questions and Answers1. Select common customer needs when deploying network
infrastructure. (Choose all that apply)A. Complicated network infrastructure to prevent users from attacking the
internal networkB. Customers are not limited to physical area when deploying a wireless
network infrastructureC. Easy when doing some monitoring task and control network trafficsD. High effort in cable installation
Questions and Answers
Customer Needs and The Solutions
23
Wireless Standards and Certifications
DCS – Wireless
24
Wireless Standards and Certifications Wireless Standards Wireless Certifications
Wireless Standards and Certifications
25
Wireless Standards
Wireless Standards and Certifications
After this section, you should be capable of expressing:1. All wireless standards (802.11a/b/g/n) start from characteristics,
differences between each standard2. Advantages for the newest wireless standard (802.11n)
Wireless Standards
26
IEEE Wireless Standard Overview 802.11a – 5GHz, ratified in 1999 (shipping 2001) 802.11b – 11Mbps, 2.4GHz, ratified in 1999 802.11c – MAC-layer bridging (802.1d) 802.11d – Additional regulatory domains (world mode) 802.11e – Quality of Service 802.11f – Inter-Access Point Protocol (IAPP) 802.11g – Higher Data Rate (>20Mbps, actually 54Mbps), 2.4GHz 802.11h – 54Mbps at 5GHz using DFS and TPC (Europe) 802.11i – Authentication and security 802.11j – Japan regulatory conformance 802.11k – Radio Resource Management (Signal Quality, 2004) 802.11m – Various 802.11 improvements (bugfixes) 802.11n – Beyond 100Mbps, longer distances (2007) 802.11p – Wireless Access for the Vehicular Environment (WAVE) 802.11r – Fast roaming 802.11s – Mesh networks 802.11T – Wireless Performance Prediction (WPP), test methods and metrics 802.11u – Interoperability with non-802 networks (e.g. cellular) 802.11v – WLAN Management
Wireless Standards Overview
Wireless Standards and Certifications
27
List of Ratified Wireless StandardsStandards 802.11a 802.11b 802.11g
Release Date October 1999 October 1999 June 2003
Frequency 5 GHz 2.4 GHz 2.4 GHz
Throughput (Typical)
23 Mbps 4.3 Mbps 19 Mbps
Max. Data Rate 54 Mbps 11 Mbps 54 Mbps
Modulation Technique
OFDM DSSS OFDM
Range (Indoor)* ~ 35 meters ~ 38 meters ~ 38 meters
Range (Outdoor)**
~ 120 meters ~ 140 meters ~ 140 meters
* Range depends on number of walls and the type.** Range depends on total loss (include any obstacles)
Ratified Wireless Standards
Wireless Standards and Certifications
28
Comparison of 802.11a/b/g Wireless Standards802.11a 802.11b 802.11g
Speed Fast speed Slow speed Fast speed
Compatibility with other 802.11 standards
Not compatible with 802.11b/g standards
Compatible with 802.11g standard
Compatible with 802.11b standard
Vulnerable to interference
No No No
Distance coverage Short distance Long distance Long distance
Signal strength due to penetrating obstacles
Poor Lower Lower
Suitable application Nearby building-to-building connection
(rarely implemented today)
Hotspot area, office, hospital, etc
Ratified Wireless Standards
Wireless Standards and Certifications
29
Characteristics of 802.11n on D-Link Products802.11n **
Release Date September 2009
Speed 300 Mbps
Frequency 2.4GHz and 5.0GHz
Range 250 meters
802.11n Wireless Standard
Wireless Standards and Certifications
30
** 802.11n is still in draft (version 2) and has been not ratified yet, so maximum range value may change
Advantages of 802.11n
802.11n Wireless Standard
Wireless Standards and Certifications
31
802.11n - Wide Wireless coverage area
802.11b/g
802.11a
Wireless client AWireless client B
Client A want to send message to client B
Start to send message to AP
Client B received the message
Faster data transfer
Message received by AP,AP forward the message to client B
Multiple Antenna (MIMO)Optimize data speed and greater coverage area
Page is Animated
Summary: Wireless Standard Currently, there are three wireless standards which already ratified
by IEEE. Those standards are 802.11a, 802.11b, and 80211g. 802.11a runs on the frequency of 5GHz while 802.11b and 802.11g
run on the frequency of 2.4GHz. 802.11a and 802.11g provide 54Mbps of speeds, while 802.11b
provides only 11Mbps of speed. The newest wireless standards which has not been ratified yet is
802.11n. It runs on both frequency (2.4GHz and 5.0GHz). D-Link products do support 802.11n standard for both frequencies. The speed for this standard can be up to 300Mbps and provides the farthest signal strength.
Summary: Wireless Standard
Wireless Standards and Certifications
32
Questions and Answers: Wireless Standards1. Select ratified wireless standards that run on 2.4GHz frequency. (Choose
all that apply)A. 802.11aB. 802.11bC. 802.11gD. 802.11n
2. Select ratified wireless standards that provide the fastest speed. (Choose all that apply)A. 802.11aB. 802.11bC. 802.11gD. 802.11n
3. Select standard that is least prone to interference.A. 802.11aB. 802.11bC. 802.11gD. 802.11n
Questions and Answers: Wireless Standards
Wireless Standards and Certifications
33
Questions and Answers: Wireless Standards4. Select advantages of 802.11n over other wireless standards.
(Choose two)A. High level of securityB. Support dual-band operation (2.4GHZ, and 5.0GHz)C. Least prone to interferenceD. The use of MIMO speeds up data transfer
Questions and Answers: Wireless Standards
Wireless Standards and Certifications
34
Wireless Certifications
Wireless Standards and Certifications
After this section, you should be capable of expressing:1. What is Wi-Fi Alliance and its purpose2. Types of certifications defined by the Wi-Fi Alliance along with the
general information for each certification
Wireless Certifications
35
Wi-Fi Alliance Overview Wi-Fi Alliance is a non-profit international association formed in 1999
to certify interoperability of wireless Local Area Network products based on IEEE 802.11 specification.• 210 member companies from around the world• 865 products have received Wi-Fi® certification• The goal of the Wi-Fi Alliance’s members is to enhance the use
experience through product interoperability
Wi-Fi Alliance
Wireless Standards and Certifications
36
Certification defined by Wi-Fi Alliance Wireless Fidelity (Wi-Fi) Certification
• Wi-Fi CERTIFIED logo is the only assurance that a product has met rigorous interoperability testing requirements to ensure that compatible products from different vendors will work together.
Wireless Multimedia (WMM) Certification• Technology that maintains the priority of audio, video and voice
applications in a Wi-Fi network so that other applications and traffic are less likely to slow them.
Wireless Security Certification (WPA/WPA2)• Wi-Fi Alliance has to ensure that all Wi-Fi Certified wireless products must
support WPA/WPA2 for the security features
Wi-Fi Protected Setup (WPS) Certification• To standardize an easy and secure setup solution for Wi-Fi network• User can configure the home network with WPA2-PSK easily
Types of Certifications
Wireless Standards and Certifications
37
Summary: Wireless Certifications Wi-Fi Alliance is a non-profit international association formed to
certify interoperability of wireless Local Area Network products based on IEEE 802.11 specification.
Wi-Fi certification ensures that compatible products from different vendors will work together.
Wireless Multimedia (WMM) certification is wireless QoS technology that maintains the priority of audio, video and voice applications in a Wi-Fi network so that other applications and traffic are less likely to slow them.
Wireless security (WPA/WPA2) certification ensures that all Wi-Fi Certified wireless products must support WPA/WPA2 for security features.
Summary: Wireless Certifications
Wireless Standards and Certifications
38
Questions and Answers: Wireless Certifications1. Select certification defined by Wi-Fi Alliance that maintains the
priority of audio, video and voice applications in a Wi-Fi network.A. Wi-Fi certificationB. WMM certificationC. Wireless security certificationD. WPS certification
2. Select optional programs provide by Wi-Fi Alliance. (Choose two)A. WMM power saveB. WPA/WPA2 certificationC. Wi-Fi certificationD. Wi-Fi Protected Setup
Questions and Answers: Wireless Certification
Wireless Standards and Certifications
39
Wireless Access Point Operation Modes
DCS – Wireless
40
Wireless Access Point Operation Modes
Wireless Access Point Operation Modes
After this section, you should be capable of expressing:1. Types of AP operation modes2. Characteristics of each AP mode3. Benefits obtained for each AP mode4. General illustration on how to deploy each AP mode
41
Types of AP Operation Modes There are different operation modes where wireless AP can run
• Access Point• WDS• WDS with AP• Universal Repeater• Wireless Client• WISP Repeater*• WISP Client Router*
AP Operation Modes
Wireless Access Point Operation Modes
42
* WISP Repeater and WISP Client Router Modes are supported by DAP-1160.
Access Point Mode Overview and Illustration
Access Point Operation Mode
Wireless Access Point Operation Modes
Characteristics of AP mode• Device acts as a central connection point for any computer (client)
Benefits of using AP mode• Connect and share network resources from any mobile clients easily• Mobile connectivity regardless of the location
43
Hotspot area at a cafe
ADSL Ethernet Modem
Access Point
Café guest Café guest
Wireless Distribution System Mode Overview Characteristics of WDS mode
• Wirelessly connect separate LAN that cannot be connected together with a cable
Benefits of using WDS mode• Ease-of-deployment network extension – extend the network without any
difficulties, easier than deployment of wired network infrastructure• Cost reduction – customers can connect to the remote network wirelessly
at a minimal cost
WDS Operation Mode
Wireless Access Point Operation Modes
44
WDS Mode Application
WDS Operation Mode
Wireless Access Point Operation Modes
WDS mode application – Connect Head Office to Branch Office in different locations
• Branch office of a training center is located in Street A wants to connect its network to the Head Office located in Street B with a minimal cost.
45
Branch Office
Head Office
Access point at both of the office must be WDS mode
enabled for the two network can be connected
B
A
WDS with AP Mode Overview Characteristics of WDS mode with AP
• Has the same function with WDS mode, but it can also act as an access point
• Client with wireless adapter can wirelessly connect to the AP and then connect to other LAN
Benefits of using WDS mode with AP• Ease-of-deployment network extension• Cost reduction – customers can connect to the remote network wirelessly
at a minimal cost• Flexibility – connect to any type of network (wired or wireless)
WDS with AP Operation Mode
Wireless Access Point Operation Modes
46
WDS with AP Mode Application
WDS with AP Operation Mode
Wireless Access Point Operation Modes
Integrate separate wireless network across the campus buildings in a school• A university needs to interconnect the entire campus which includes main building
and remote business-administration faculty campus building where no wired infrastructure existed and it is just 160 meters away from the main building.
47
Main campus AreaBusiness-
Administration Faculty Campus
160m
Outdoor AP Indoor AP
WDS mode enabled WDS with AP mode enabled
Mobile users associated to the
AP
Indoor AP
Running AP mode
Connected via Ethernet
Mobile users associated to the
indoor AP
Universal Repeater Mode Overview Characteristics of universal repeater mode
• Increase the range of the wireless network by extending the wireless coverage of another AP or wireless router without the need to cable installation
• The use of universal repeater mode in an access point will gain an extra 50% coverage area
• Universal repeater mode means that this mode can be used in any types of access point regardless their brand
Benefits of universal repeater mode• Expand wireless coverage area• Increase users mobility
Universal Repeater Operation Mode
Wireless Access Point Operation Modes
48
Universal Repeater Mode Application
Universal Repeater Operation Mode
Wireless Access Point Operation Modes
Office area expansion due to new formed department• When a new department is formed, it means more space from the office will be
needed. Universal repeater mode can be used to expand the coverage area, so new department can be easily connected to the existing wireless infrastructure.
49
Office area expanded
Access Point
Access Point running repeater
mode
Mobile user Mobile user
PDA user
Wired network
NO cable installation needed
Two APs connect wirelessly
Wireless Client Mode Overview and Application
Wireless Client Operation Mode
Wireless Access Point Operation Modes
Characteristics of wireless client mode• The AP running wireless client mode enabled a wired device to act wirelessly as if it
is a wireless device• AP with wireless client mode enabled will not be visible as an access point. Hence,
it will not accept any wireless connections from client devices. Benefits of using wireless client mode
• Alternation solution to make a wired device to become a wireless device
50
Wireless client mode enabled
Access Point
Wired IP Camera
Enabled the wired device (i.e. IP camera) to act as a wireless
device
Access point mode
Mobile user Ethernet client
Ethernet switch
WISP Repeater Mode Overview and Application
WISP Operation Mode
Wireless Access Point Operation Modes
Wireless Internet Service Provider (WISP) Repeater mode / Client Router mode
• Characteristics of WISP Repeater mode– The device wirelessly connects to a WISP AP– It also acts as a router and share Internet connection for both wired and wireless clients on
the network
• Benefits of using WISP Repeater mode– Share Internet access to all clients without the need of extra device
51
WISP Client
Subscribe internet connection from WISP
Signal directed to the WISP
Share WISP connection to both wired and wireless client
Mobile users can surf to the internet
Antenna directed to WISP
www.yahoo.comwww.google.com
Access Point
Running WISP Repeater mode
The AP repeats the signal received from the WISP
WISP Client Router Mode Overview and Application
WISP Operation Mode
Wireless Access Point Operation Modes
Wireless Internet Service Provider (WISP) Client Router Mode• Characteristics of WISP client router mode
– The device wirelessly connect to a WISP AP– It also acts as a router for wired clients and provides Network Address Translation (NAT) and
DHCP server (generate IP addresses for wired clients)
• Benefits of using WISP client router mode– The WISP subscriber can share the WISP connection without the need for extra router.
52
Antenna directed to WISP
WISP Client
Subscribe internet connection from WISP
Signal directed to the WISP
Share Internet connection to the wired clients
Users from the wired LAN can surf to the internet
www.yahoo.comwww.google.com
Access Point
Running WISP Client router mode
Summary D-Link wireless access points provide six operation modes which are
AP mode, WDS mode, WDS with AP mode, universal repeater mode, wireless client mode and WISP repeater modes.
AP mode functions as a central connection point for any computers (clients)
WDS mode allows to connect multiple wireless LANs together (connect separate network wirelessly).
WDS with AP mode connect separate networks wirelessly while also functions as a central connection point for any clients.
Universal repeater mode allows to repeat the wireless signal of the root access point.
Wireless client mode allows any device with an Ethernet connect to connect to the wireless network.
WISP repeater mode enabled AP function to share Internet connection to all the clients without the need of extra device.
Summary
Wireless Access Point Operation Modes
53
Questions and Answers1. Select operation modes that can be used to connect separate
remote networks. (Choose all that apply)A. Access Point modeB. WDS modeC. WDS with AP modeD. Universal Repeater modeE. WISP Repeater mode
2. Select operation modes that do not allow clients to associate to the AP. (Choose all that apply)A. WDS modeB. WDS with AP modeC. Universal Repeater modeD. Wireless Client modeE. WISP Repeater
Questions and Answers
Wireless Access Point Operation Modes
54
Power over EthernetDCS – Wireless
55
Power over Ethernet
Power over Ethernet
After this section, you should be capable of expressing:1. What is Power over Ethernet technology (characteristics and
benefits)2. When is the most suitable time to implement PoE3. How to implement PoE technology
56
Power over Ethernet (PoE) Overview
Overview
Power over Ethernet
Characteristics of PoE device• Based on IEEE 802.3af standardization• It delivers electrical power (DC voltage) to a device over the same network cable which is
used to send data• Used when the AC power supply is not available at the location where the wireless LAN
infrastructure devices are installed Benefits of PoE devices
• Increase flexibility – clients can locate the access point anywhere without having to consider the existence of power outlet
• Managed fewer cable to the power outlet. This will make the wireless infrastructure deployment easier.
57
PoE Switch
Access Point Access Point Access Point
Distribute electrical power
Send and receive data
traffic
Send and receive
data traffic
PowerPower Power
Power over Ethernet Application
Application of PoE
Power over Ethernet
Setting an access point at the roof top of a building• An outdoor access point must be placed at the roof top of a building. This seems to
be an easy task, but what makes it difficult is to think how to plug the AP to the power outlet (there is no power outlet at the roof top).
• The easiest solution is using PoE switch which can delivers power to the AP. Just connect the AP to any of the switch port and connect the PoE switch to power outlet. The problem is now solved.
58
Outdoor Access Point
Impossible to plug the AP directly to power outlet
for this condition
Ethernet Switch
Located somewhere at the building within
100metres from the AP
Connected using network
cable
Summary Device provides PoE feature can deliver electrical power (DC
voltage) to a device over the same network cable which is used to send data.
It is based on IEEE 802.3af standardization. PoE can be used when the AC power supply is not available at the
location where the wireless LAN infrastructure devices are installed.
Summary
Power over Ethernet
59
Questions and Answers1. Select statement that is not characteristics of PoE devices
A. Based on IEEE 802.3ad standardizationB. Deliver electrical power (DC voltage)C. Use the same network cable to send dataD. None of the above
2. Select the most common implementation of PoEA. Deliver electrical power to all network devices in the server roomB. Place an access point at the roof top of a buildingC. Network deployment in the Campus environmentD. All of the above
Questions and Answers
Power over Ethernet
60
Wireless AntennaDCS – Wireless
61
Wireless Antenna
Wireless Antenna
After this section, you should be capable of expressing:1. Types of wireless antenna and the characteristics2. Differences between each antenna3. Suitable condition to use each antenna4. Models of wireless antennas
62
Wireless Antenna Characteristics and Types Characteristics of wireless antenna
• Used on wireless devices (APs, wireless bridges, wireless routers)• Increase the output signal strength from a wireless device• Receives wireless signals from other devices such as wireless client
Types of wireless antenna• Omni-directional antenna / Dipole antenna
– Antenna which radiates the signal to all directions
• Semi-directional antenna– Antenna which radiates the signal to certain direction in a shorter but wider
coverage area
• Highly-directional antenna– Antenna which radiates the signal to certain direction in a longer but narrower
distance coverage area
Overview
Wireless Antenna
63
Omni-Directional / Dipole Antenna
Types of Wireless Antennas
Wireless Antenna
Characteristics of omni-directional antenna• The most common wireless LAN antenna• The signal radiates equally in all directions• Suitable to be deployed in office area or in a building which connect multiple
networks from any directions
64
360° signal radiation
All wireless device around the antenna can receive the signal
Mobile user
Outside the coverage area, user can not receive the signalMobile user
PDA user
Signal Received
Signal Received
As long as users are inside the coverage area, they still can receive the signal
✕
Page is Animated
Semi-Directional Antenna
Types of Wireless Antennas
Wireless Antenna
Characteristics of semi-directional antenna• Radiate the signal in a certain direction• Suitable for short coverage area• Commonly deployed in an office or an area where the coverage area is limited or
to prevent the wireless coverage goes throughout the area which allows the stranger to access the wireless resources
65
Office area
Wireless coverage areaShorter but wider
Mobile user
Outside the coverage area
Can not access to network
Semi-directional antenna
Highly-Directional Antenna
Types of Wireless Antennas
Wireless Antenna
Characteristics of highly-directional antenna• Similar to semi-directional antenna which radiates the signal only to certain
direction but with longer distance of the signal radiation• Commonly deployed to connect building-to-building or area-to-area where the
distance is quite far but the signal only needs to radiate to the remote building/area (certain direction)
66
Separated to different location
Signal radiation is longer but narrower
Office A
Office B
Indoor Antenna Directional Antenna
Omni-Directional Antenna
Models of D-Link Wireless Antennas
Wireless Antenna
67
DWL-R60AT ANT24-0600
DWL-50ATANT24-0501 ANT24-0700cANT24-0501cANT24-0502ANT24-0700
Outdoor Antenna
Models of D-Link Wireless Antennas
Wireless Antenna
Directional Antenna for Point-to-Point transmission
68
ANT24-0801 ANT24-1400 ANT24-1201
ANT70-1800
ANT70-1000 ANT24-1800
ANT24-1200
ANT24-1801
Outdoor Antenna
Models of D-Link Wireless Antennas
Wireless Antenna
Omni-Directional Antenna for Point-to-Multi-Point transmission
69
ANT24-0800 ANT24-0500 ANT70-0800ANT70-0801
New Product Sector Antenna
Locate Omni-Directional Antenna here
Maximum Distance of D-Link Wireless Antennas
Maximum Distance of D-Link Wireless Antennas
Wireless Antenna
70
8dBi5dBi
PtMP(Omni)
ANT24-CB06N
ANT24-CB03N
ANT24-CB09N
2.0km 3.0km2.5km0.5km 1.5km1.0km (5.5km)
8.5dBi
14dBi 18dBi
PtP(Dir.) Patch
Outdoor 500m~2km
Outdoor 2km~5km
6dBi Patch
12dBi
PtMP(Dir.) Omni ANT24-0500
ANT24-0800ANT70-0800ANT70-0801
ANT24-CB06N
ANT24-CB03N
ANT24-CB09N
ANT24-0801ANT24-1200ANT70-1000
ANT24-1201
8dBi ANT24-1400ANT70-1800
(2.4GHz)
ANT24-1800 ANT24-1801ANT70-1800
(5GHz)
Summary There are three types of wireless antennas: Omni-directional / dipole
antenna, semi-directional antenna, and highly directional antenna. Omni-directional antenna is used to radiates the signal to all
directions. Semi-directional antenna is used to radiates the signal to certain
direction in a shorter but wider coverage area. Highly-directional antenna is used to radiates the signal to certain
direction in a narrower but longer distance of the signal radiation. There are both indoor antenna and outdoor antenna.
Summary
Wireless Antenna
71
Questions and Answers1. Select wireless antennas that radiate signal only to certain direction.
(Choose two)A. Omni-directional antennaB. Dipole antennaC. Semi-directional antennaD. Highly-directional antenna
2. Select wireless antenna that is most suitable to connect two buildings.A. Omni-directional antennaB. Dipole antennaC. Semi-directional antennaD. Highly-directional antenna
3. Select the advantages of using wireless antenna. (Choose all that apply)A. Increase the output of signal strength receives from wireless device\B. Receive wireless signal from wireless clientsC. Prevent unauthorized user from receiving the signal from the APD. Classified into the way it radiates the signal
Questions and Answers
Wireless Antenna
72
Wireless SecurityDCS – Wireless
73
Wireless Security
Wireless Security
After this section, you should be capable of expressing:1. Risks of deploying WLAN2. How to overcome security issues (the risk of deploying WLAN)3. Characteristics of WEP, WPA/WPA2 and the differences between
each other4. What is RADIUS and the way it authenticates users5. What is MAC filtering
74
Risk of Deploying Wireless LAN (1)
Risk of WLAN
Wireless Security
Unauthorized users may access the network facilities such as Internet connection freely
75
Wireless coverage area excess the office
This may allow unauthorized users to access network resources from the office
Unauthorizeduser
Wireless network detected!!! Try to connect to the network…
Wireless network connected successfully!!!DANGER!!!
Page is Animated
Risk of Deploying Wireless LAN (2)
Risk of WLAN
Wireless Security
Some people try to get some important / confidential data sent through the air by using wireless
76
Hotspot area
User A
Access Point
User A is browsing the Internet and send confidential data
Confidential data is send to the AP
The hacker comes in and try to sniff the data
Data SNIFFED!!!
RECEIVE ALL the data(Password, Credit card number, etc)
DANGER!!!
Hacker
Risk of WLAN in public area
Page is Animated
Solutions for Security Issues Overview Configure wireless security on your WLAN with one or more of the
methods below• Wired Equivalent Privacy (WEP)
– Weak authentication method using static key
• Wi-Fi Protected Access (WPA/WPA2)– Strong authentication method using dynamic key
• Remote Access Dial-Up Service (RADIUS)– Centralized authentication user’s protocol
• MAC Filtering / IP Filtering– Allow clients to join the network based on client’s MAC address / IP address
• WLAN Partition– Isolate the wireless network, so mobile clients are not allowed to exchange
data through the access point
Solutions for Security Issues
Wireless Security
77
Wired Equivalent Privacy (WEP) Overview Characteristics of WEP
• Most basic security for wireless LAN• Commonly used for home users, but is not suitable to be implemented
for enterprise environment• All the clients must share the same key with the one configured in the
access point in order to communicate with each other Weaknesses of WEP
• Password hold by all clients is never changed unless the administrator change it (static key)
• Most vulnerable security type which can be easily cracked by using hacking tools
Solutions for Security Issues
Wireless Security
78
Wired Equivalent Privacy (WEP) Illustration
Solutions for Security Issues
Wireless Security
Illustration on how WEP works
79
Access point configured with WEPUser A
User A and user B want to connect to the network
Send request for association Receive the request
I’ve received the requests,What is the shared key?
Send request for association
User B
Shared Key = abc
I want to join the network
I also want to join the network
Challenge
Shared Key = abc Shared Key = xyz
Respond the challenge Respond the challenge
Key = abcUser A, Password matched.
User authenticated
Password matched
Password unmatched
User A welcome to the network!!!
User B, Password unmatched.
Request rejected
Request rejected
Association failed
Challenge
Key = xyz
➀ ➀
➁ ➁➂ ➂
➃
➄
Page is Animated
Wi-Fi Protected Access (WPA) Overview Characteristics of WPA
• Improved version of WEP• This infrastructure includes clients, access points and authentication
servers (typically RADIUS servers)• Key always changes automatically (dynamic key)
Benefits of using WPA instead of WEP• Provide a stronger method of authentication compared to WEP
Solutions for Security Issues
Wireless Security
80
WPA2 Overview Characteristics of WPA2
• Personal mode – protects unauthorized network access by utilizing a set-up password
• Enterprise mode – Authenticate network clients through a server, usually is RADIUS server
• Compatible (can communicate) with device secured using WPA authentication method
• Similar to WPA authentication method, the main difference is that WPA2 uses more advanced encryption technique
WPA WPA2
Enterprise Mode(Business, Government, Education)
Authentication: IEEE 802.1X/EAPEncryption: TKIP/MIC
Authentication: IEEE 802.1X/EAPEncryption: AES-CCMP
Personal Mode(SOHO, Home/Personal)
Authentication: PSKEncryption: TKIP/MIC
Authentication: PSKEncryption: AES-CCMP
Solutions for Security Issues
Wireless Security
81
Different authentication methods for different environment
WPA / WPA2 Illustration
Solutions for Security Issues
Wireless Security
WPA / WPA2 provide stronger authentication method with dynamic encrypted key per user, per session, and per packet data
82
Access Point configured with WPA/WPA2
Mobile user
Request for association Compare the encrypted keyEncrypted key
Key matched!Allow the user to join
the network
Client join the network successfully
User want to send data
Data + key1Compare the encrypted key
Key matched!Data received
Every time user send data to the AP, the data will sent along with dynamic key
Page is Animated
Differences between WEP, WPA and WPA2Differences between WEP – WPA – WPA2 are shown in the table below
WEP WPA WPA2
Encryption method
WEP/RC4 TKIP/RC4 CCMP/AES
Security level Weak Strong Strongest
Main characteristic
Use static key Use dynamic key Use dynamic key
Solutions for Security Issues
Wireless Security
83
Remote Access Dial-Up Service Overview Characteristics of RADIUS
• A protocol for centralized remote user authentication and accounting• RADIUS stores the authentication data either locally at the RADIUS server
or in an external database• RADIUS accounting can be used independently to log certain events
Benefits RADIUS• RADIUS enables centralized management of authentication data, such as
usernames and passwords• Significantly increase security by enabling the centralization of password
management
Solutions for Security Issues
Wireless Security
84
Step-by-Step RADIUS Operation
Solutions for Security Issues
Wireless Security
Steps which are done by RADIUS to authenticate the client1. Client attempts to connect to the access point2. Access point prompts for username and password or challenge3. User replies4. RADIUS client sends username and encrypted password to the RADIUS server5. RADIUS server responds with Accept, Reject6. When access-accept message received and RADIUS accounting is enabled, access point sends a
RADIUS Accounting-Request (Start) message to the RADIUS Server
85
RADIUS Server
Mobile user Access Point
RADIUS Client
1
2
3
4
5
6
Server adds an accounting record to its log and acknowledges the request
Authentication process
Authorization process
Accounting process
MAC Filtering Overview
Solutions for Security Issues
Wireless Security
Characteristics of MAC Filtering• Easily control which computers can gain access to the network based on specific
MAC address• Rarely used as a single method because it can be hacked easily by anyone using
tools that can alter the MAC address on the wireless adapter Advantages of MAC Filtering
• It does not affect the network performance
86
List of allowed MAC address
AA
BB
CC
User AMAC: AA
User EMAC: EE
User A attempt to join the network
AP check client’s MAC address from the database
MAC address is in the list
Allow User A to join the network
User E attempt to join the network
MAC address is not in the list
User E cannot join the network
Page is Animated
Summary When deploying wireless technology in a network, security becomes
the main issue. Some risks such as unauthorized users trying to access internal network or get some important/confidential data sent through the air by using wireless have to be considered.
To prevent these unwanted conditions, security enhancement is needed. This can be achieved by configuring security method to the network.
Methods provided are by applying authentication to all users with one of the following: WEP, WPA, WPA2 or using RADIUS authentication. Other methods that can be additional security enhancement is implementing MAC filtering.
Summary
Wireless Security
87
Questions and Answers1. Select security method that provides the weakest authentication method using
static key.A. WEPB. WPAC. WPA2D. MAC Filtering
2. Select the reason why WPA2 is more superior than WPA.A. It protects unauthorized network access by utilized a dynamic keyB. The encryption of data is upgraded with Advanced Encryption Standard (AES)C. It can filter users based on specific physical addressD. It enables centralized management of authentication data
3. Select the statement that does not describe RADIUS.A. Protocol for centralized user authentication and accountingB. Provide three steps of operation which include authentication, authorization and
accountingC. The accounting features of the RADIUS protocol cannot be used independently of
RADIUS authentication or authorizationD. Centralized password management
Questions and Answers
Wireless Security
88
Questions and Answers4. Select statements that describe MAC filtering. (Choose all that
apply)A. Often used as single security methodB. Strongest authentication method because MAC address cannot be
modifiedC. Control access to the network based on specific logical addressD. Control access to the network based on specific physical address
Questions and Answers
Wireless Security
89
D-Link Wireless ProductDCS – Wireless
90
D-Link Wireless Product
D-Link Wireless Product
After this section, you should be capable of expressing:1. Features for each D-Link Access Point2. Feature differences between D-Link Access Points
91
DWL-2100AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS• AP Repeater• AP Client
Connectivity Performance
• 802.11g wireless standard• Up to 108Mbps (Turbo Mode) Wireless Speed• Wireless connection to Ethernet network / servers through 10/100BASE-TX port• AP grouping for Load Balancing
Security / QoS • 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with TKIP and AES support• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID (Up to
8) for network segmentation• WMM (Wi-Fi) Multimedia Certified
Setup / Management
• Windows-based AP manager utility• Web-based management with SSL• Remote management using Telnet or SSH• Built-in MIB for SNMP management (SNMPv3)• IP address limit for management access• System log
D-Link Indoor Access Points
D-Link Wireless Product
92
DWL-2200AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS
Connectivity Performance
• 802.11g wireless standard• 802.3af Power over Ethernet• Up to 108Mbps (Turbo Mode) Wireless Speed• Wireless connection to Ethernet network / servers through 10/100BASE-TX port• AP grouping for Load Balancing
Security / QoS • 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with TKIP and AES support• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID (Up to
4) for network segmentation• WMM (Wi-Fi) Multimedia Certified
Setup / Management
• Windows-based AP manager utility• Web-based management (HTTP)• Remote management using Telnet• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Indoor Access Points
D-Link Wireless Product
93
DWL-3200AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS
Connectivity Performance
• 802.11g wireless standard• 802.3af Power over Ethernet• Up to 108Mbps (Turbo Mode) Wireless Speed
Security / QoS
• 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with TKIP and AES support• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID
(Up to 8) for network segmentation• WMM (Wi-Fi) Multimedia Certified• Rogue AP detection
Setup / Management
• Windows-based AP manager utility• Web-based management (HTTP and HTTPS)• Remote management using Telnet and SSH• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Indoor Access Points
D-Link Wireless Product
94
DWL-7100AP Features OverviewConfigurable Operation Modes
• Access Point• WDS (PtP, PtMP)• Repeater• Wireless Client
Connectivity Performance
• 802.11a/b/g wireless standards• 802.3af Power over Ethernet• Up to 108Mbps (Turbo Mode) Wireless Speed
Security / QoS
• 64/128/152-bit WEP data encryption• WPA Personal and Enterprise security with TKIP and AES support• User access control MAC address filtering• Wireless Station Partition (STA)
Setup / Management
• Windows-based AP manager utility• Web-based management (HTTP)• Remote management using Telnet• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Indoor Access Points
D-Link Wireless Product
95
DWL-82000AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS/Bridge (No AP Broadcasting)
Connectivity Performance
• 802.11a/g wireless standard• Dual-band operation (2.4GHz and 5GHz)• Up to 108Mbps (Turbo Mode) Wireless Speed• Dual Ethernet ports with 802.3x flow control
Security / QoS
• 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with EAP and PSK support• WPA PSK/AES over WDS• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID
(Up to 16) for network segmentation• WMM (Wi-Fi) Multimedia Certified• Rogue AP detection
Setup / Management
• Windows-based AP manager utility• Web-based management (HTTP and HTTPS)• Remote management using Telnet and SSH• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Indoor Access Points
D-Link Wireless Product
96
DWL-2700AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS
Connectivity Performance
• 802.11g wireless standard• 802.3af Power over Ethernet• Up to 108Mbps (Turbo Mode) Wireless Speed• Dual Ethernet ports with 802.3x flow control• Load Balancing• Wireless connection to Ethernet network/servers through 10/100BASE-TX port
Security / QoS • 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with EAP and PSK support• WPA PSK/AES over WDS• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID (Up to
8) Multiple SSID for network segmentation• WMM (Wi-Fi) Multimedia Certified• Rogue AP detection
Setup / Management
• Windows-based AP manager utility• Web-based management (HTTP and HTTPS)• Remote management using Telnet and SSH• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Outdoor Access Points
D-Link Wireless Product
97
DWL-7700AP Features OverviewConfigurable Operation Modes
• Access Point• WDS with AP• WDS
Connectivity Performance
• 802.11a/g wireless standards• 802.3af Power over Ethernet• Load Balancing• Wireless connection to Ethernet network / servers through 10/100BASE-
TX port
Security / QoS
• 64/128/152-bit WEP data encryption• WPA/WPA2 Personal and Enterprise security with EAP and PSK support• User access control MAC address filtering• Wireless Station Partition (STA), 802.1Q VLAN tagging and Multiple SSID
(UP to 4) for network segmentation
Setup / Management
• Windows-based AP manager utility• Web-based management• Remote management using Telnet• Built-in MIB for SNMP management (SNMPv3)• System log
D-Link Outdoor Access Points
D-Link Wireless Product
98
DAP-3220 Features OverviewCharacteristics • Water / dustproof IP65 standard
• Internal thermostat and heater• Steal-proof design• Convenient outdoor installation with locking brackets included
Configurable Operation Modes
• Access Point• WDS with AP• WDS• Wireless Client
Connectivity Performance
• 802.11g wireless standard• Up to 108Mbps Wireless Speed (when operating with other D-Link 108G devices)• 802.3af Power over Ethernet
Security / QoS • Multiple SSID and 802.1Q VLAN tagging• MAC address filtering• Rogue AP detection• WPA/WPA2 Personal / Enterprise• WPA PSK/AES over WDS• 64/128/152-bit WEP Encryption• WMM (QoS)
Setup / Management
• Web browser (HTTP / HTTPS)• CLI using Telnet / SSH• SNMPv3 (D-View module / private MIB)• AP Manager II Software included
D-Link Outdoor Access Points
D-Link Wireless Product
99
Summary D-Link provides several access points with various features where
users can choose it flexibly depends on their requirements. D-Link provides two types of access points: indoor access points and
outdoor access points. For indoor access points, the models are DWL-2100AP, DWL-2200AP,
DWL-3200AP, DWL-3260AP, DWL-7100AP, DWL-8200AP. For outdoor access points, the models are DWL-2700AP, DWL-
7700AP, DAP-3220. DAP-3220 is D-Link new model for outdoor AP.
Summary
D-Link Wireless Product
100
Questions and Answers1. Select D-Link outdoor access point models. (Choose two)
A. DWL-2200APB. DWL-2700APC. DWL-7100APD. DWL-7700AP
2. Select D-Link indoor access point models. (Choose all that apply)A. DWL-2100APB. DWL-2200APC. DWL-2700APD. DWL-7100APE. DWL-7700AP
3. Select model that can run on either 2.4GHz or 5GHz frequency.A. DWL-2100APB. DWL-2200APC. DWL-2700APD. DWL-8200AP
Questions and Answers
D-Link Wireless Product
101
Wireless SolutionDCS – Wireless
102
Wireless Solution
Wireless Solution
After this section, you should be capable of expressing:1. What is Multiple SSID2. Characteristics and benefits of deploying wireless WLAN3. When to deploy wireless VLAN4. Characteristics and advantages of wireless roaming5. Characteristics and benefits of 802.1p priority queue6. What is rogue AP detection and the benefits of this feature7. What is SNMP8. What is D-View SNMP Network Management System and its benefits9. Characteristics and benefits of QoS WMM
103
Multiple SSID
Wireless VLAN
Wireless Solution
By assigning multiple SSIDs to the access point, it logically divides the access point into several virtual access point within a single hardware device.
Each Virtual AP appears to stations (STAs) to be an independent physical AP.
104
Virtually divided into several APs
SSID_1 SSID_2 SSID_3
Multiple SSID
Virtual AP Virtual AP Virtual AP
Mobile user
Wireless network detected!!!
SSID_1, SSID_2, SSID_3
Wireless VLAN Overview Characteristics of wireless VLAN
• Wireless VLANs define the area where clients are logically grouped into one segment
• In the wireless VLANs, multiple SSIDs are applied (each VLAN hold different SSIDs)
• Each SSID is mapped to a VLAN-ID Benefits of deploying wireless VLAN
• Segment users into different department without additional device• Enable the separation of wireless applications based on security and
performance requirements
Wireless VLAN
Wireless Solution
105
Common Wireless VLAN Infrastructure
Wireless VLAN
Wireless Solution
Wireless VLAN applied in the office which consist of two departments (Operational and Marketing). There are three VLANs configured for each department and for guests to separate the company’s policies between each VLAN.
106
Layer 3 Switch
802.1q trunk
802.1q trunk
AP_1
AP_2
SSID=Operational
SSID=Marketing
SSID=Guest
SSID=Operational
SSID=Marketing
SSID VLAN ID Security Policy
Marketing 20 WPA/WPA2
Operational 30 WPA/WPA2
Guest 40 Open
Wireless Roaming Overview Characteristics of wireless roaming
• Enables personalized, seamless and secure connectivity for mobile customers when moving across different WLANs.
• Wireless Roaming maintains client’s connectivity so that clients do not need to re-authenticate and re-login every time they move to different WLANs.
Advantages of wireless roaming• Increased effectiveness• Increased flexibility
Roaming
Wireless Solution
107
Common Application of Wireless Roaming
Roaming
Wireless Solution
108
PDA User
User connected to network A
Access Point
Network A
Access Point
Network B
The user is movingUser disconnected from the network
PDA User PDA User
User connected to network B
User attempt to connect to AP The user is moving againUser attempt to connect to APUser connected to network A
Page is Animated
Priority Queue (802.1p) Overview Characteristics of 802.1p Priority Queue
• A specification to give Layer 2 switches the ability to prioritize traffic (and perform dynamic multicast filtering)
• Eight classes of traffic types are defined by 802.1p Benefits of 802.1p Priority Queue
• Critical data traffic can be prioritized
Priority Queue
Wireless Solution
109
Rogue AP Detection Overview
Rogue AP Detection
Wireless Solution
Typically, rogue APs are connected to a network by well-intentioned employees unaware of the security risks they cause
Advantages of rogue AP protection• Automatically detect rogue AP
based on criteria specified by the administrator
• Administrator can add rogue APs to the AP list
• Better control of the network’s environment which will help to avoid RF interference and minimize bandwidth utilization
110
SNMP Overview
Single Network Management Protocol
Wireless Solution
Definition of SNMP• Simple Network Management Protocol (SNMP) is a set of protocols for managing
complex networks used in network management systems to monitor network-attached devices for conditions that warrant administrative attention.
• SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth
Implementation of SNMP• An SNMP-managed network consists of three key components: managed devices,
agents and network-management systems (NMSs)
111
D-View SNMP Network Management System D-View Overview
• D-Link SNMP Network Management System is a comprehensive standard-based management tool designed to centrally manage critical network characteristics such as availability, responsiveness, resilience and security in a consistent way.
• D-View provides useful tools to allow the user to effectively manage device configurations, fault tolerance, performance, security and accounting services
Features and benefits• Modular architecture• Managing third-party devices• Microsoft Access format database• Versatile features• User Account Management & Billing System Outfitted in Professional
Version
Single Network Management Protocol
Wireless Solution
112
Quality of Service - WMM Characteristics of QoS (Wi-Fi Multimedia)
• Provides basic QoS features to IEEE 802.11 networks• WMM prioritizes traffic according to the four ACs (Access Categories) –
voice, video, best effort, and background• Suitable for simple applications that require QoS, such as VoIP on Wi-Fi
phones Advantages of WMM
• Interoperability• Availability• Wide appeal• User confidence• Coexists with devices that do not support WMM• Adapts well to dynamic data rates• Compatible with Universal Plug and Play (UPnP) QoS
Quality of Service
Wireless Solution
113
Summary Multiple SSID is used to logically devices the access point into
several virtual access point within a single hardware device. Multiple SSID is usually applied when implement wireless VLAN. Wireless VLAN enables the separation of wireless applications based
on security and performance requirements. Wireless Roaming maintains client’s connectivity so clients do not
need to re-authenticate and re-login every time they move to different WLAN.
802.1p is a specification to give Layer 2 switches the ability to prioritize traffic (and perform dynamic multicast filtering).
Rogue AP detection is used to detect rogue AP based on criteria specified by the administrator.
Simple Network Management Protocol (SNMP) enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
WMM prioritizes traffic to 802.11 networks according to the four ACs (Access Categories) – voice, video, best effort and background.
Summary
Wireless Solution
114
Questions and Answers1. Select two options that are required to deploy wireless VLAN. (Choose all that
apply)A. Multiple SSID is appliedB. To deploy VLAN, users from different group must be associated to different APC. One SSID is used to all VLANs in the networkD. Each SSID is mapped to a VLAN ID
2. Select feature that enable consistent connectivity for mobile customers when moving across different WLAN.
A. Wireless VLANB. Wireless roamingC. Quality of ServiceD. Priority Queue
3. Select advantages of Rogue AP Protection feature. (Choose all that apply)A. Remove rogue AP found from the networkB. Blacklist all rogue AP found in the network automaticallyC. Avoid RF interferenceD. Minimize bandwidth utilization
Questions and Answers
Wireless Solution
115
Questions and Answers4. Select categories uses to prioritize data traffic in the network using
WMM. (Choose all that apply)A. VoiceB. VideoC. ForegroundD. Data size
5. Select traffic type that are defined by 802.1p. (Choose all that apply)A. Data-critical trafficsB. Delay-sensitive applicationsC. Control-Load applicationsD. Background applications
Questions and Answers
Wireless Solution
116
Wireless ApplicationDCS – Wireless
117
Wireless Application
Wireless Application
After this section, you should be capable of expressing:1. Where wireless technology is usually applied
118
Small Office Home Office (SOHO)
Application Illustration Example
Wireless Application
Wireless application are now commonly used in the SOHO or small business environment, where there is one (or more) access point connect to the LAN and WLAN. Sometimes, it also connects to the Internet for the client to gain access to it.
119
Meeting Area
Network printer Access Point
Connect WLAN and LAN
Wireless routerFor Internet sharing
Small office layout
Mobile users
Ethernet client
Ethernet client
Extending Existing Network Infrastructure
Application Illustration Example
Wireless Application
Wireless network can serves as a network extension which connect to the wired network or connect to another wireless network in different location.
For example, there are another network in different floor or even in different building.
120
PDA client
Mobile client
Mobile client
Office Area
Wired network
Server Farm
PDA clientMobile client
Warehouse areal
Antenna
Different networks can be connected
Page is Animated
Network Infrastructure in Public Area for Mobile Computing
Application Illustration Example
Wireless Application
Wireless network mainly supports mobility and flexibility where mobile users can gain network access easily.
Nowadays, there are many public area facilitate wireless hotspot area, for example: Malls, Cafes, Hospitals, etc.
121
Hotspot area at a restaurant Wireless coverage area
Access pointMobile user
PDA user
Mobile user
Connecting Network Between Two Buildings
Application Illustration Example
Wireless Application
Wireless network can implemented to connect two buildings at different areas.
One real case that had been implemented recently in Singapore was deployment of wireless network infrastructure as a backup connection to provide redundancy from Mount Faber cable car station to Harbourfront Tower 2 cable car station to cable station at Sentosa Island.
122
Office A Office B
Located at two different location
Deploy wireless network infrastructure to Sentosa Island
Site Survey Consideration
Site Survey Consideration
Wireless Application
Main Point• Decide type and model of antenna that will be used• Decide the quality of the antenna
Second Point• Consider the interference issue (building, tower, trees, etc)• Consider the throughput require and distance between building (Point-to-Point or
Point-to-Multi-Port)• Consider the number of base stations
123
Max. distance supported
Total bandwidth given. (E.g. 11Mbps)
Wireless ISP Application
Deploy a Wireless Application
Wireless Application
Equipment Required:• Omni-directional antenna• Directional antenna• Outdoor access point• Wireless router• Wireless LAN card
Deployment Steps:1. Select a center location2. Setup AP and outdoor omni-
directional antenna3. Setup modem to connect to the
Internet4. Setup directional antenna to receive
the signal from the center5. Use wireless LAN card to receive the
signal from the outside
124
1, 2
3
5
4
School Roaming Application
Deploy a Wireless Application
Wireless Application
Equipment Required:• Omni-directional antenna• Directional antenna• Outdoor access point
Deployment Steps:1. Use wireless technology using 5.0
GHz of frequency (low noise) as a backbone
2. Setup directional antenna to receive the signal from the backbone
3. Setup Omni antenna to transmit signal for students using roaming by 2.4GHz)
125
Summary There is no (or few) restrictions when deploying wireless network. Its
flexibility makes wireless technology to be widely applied for most conditions and requirements.
Wireless technology can be applied in SOHO, to extend existing network infrastructure, to provide Internet connectivity in public area, to connect remote networks and many more.
Summary
Wireless Application
126
Questions and Answers1. Select common purposes when implement wireless technology.
(Choose all that apply)A. Connect networks between buildingsB. Shrink existing network infrastructureC. Increase mobility and flexibilityD. All of the above
Questions and Answers
Wireless Application
127
D-Link Unified Access System
DCS – Wireless
128
D-Link Unified Access System Unified Access System Overview D-Link Unified Wireless Switch D-Link Wireless Switch Features and Advantages D-Link Unified Access Point Market Analysis for D-Link Wireless Switch Wireless Switch Deployment Application Success Stories
D-Link Unified Access System
129
Unified Access System Overview
D-Link Unified Access System
After this section, you should be capable of expressing:1. Characteristics of legacy WLAN deployment2. What are common customer needs to improve legacy WLAN
deployment3. Solutions provided by D-Link for these customer needs4. What is Unified Access System Solution5. How to deploy unified access system using overlay solution or
unified solution
Unified Access System Overview
130
Characteristics of Legacy WLAN Deployment
Legacy WLAN Deployment
D-Link Unified Access System
131
Decentralized AP configuration, security
and management
Complex network management causes inefficiency in time
Difficult to maintain wireless area
coverage
Channel overlapping causes network performance degradation
Layer 3 SwitchServer Farm
Layer 2 switch Layer 2 switch
Page is Animated
Illustration of Legacy WLAN
Legacy WLAN Deployment
D-Link Unified Access System
132
Server Room
Server FarmAccess Point
Access Point
Access Point
Access Point
Channel 6
Coverage hole
Channel overlap causes network performance down
to 50%
Power level is too weak
Rogue AP
RF Interference
Security breach
Layer 2 switch
Layer 3 Switch
Customer Needs Unified wired and wireless access system United management and security
• Centralized AP and client management• Rogue AP detection / mitigation
Better performance• Guarantee on no-overlapping wireless coverage area
Seamless roaming
Customer Needs and D-Link Solution
D-Link Unified Access System
133
D-Link Unified Access System Solution D-Link Unified Access System Solution can provide:
• Unified Switching (=Wireless Controller + L2+ Switch)• Centralized Policy Management• Automatic Power/Channel Adjustment• AP Load Balancing• Fast L2/L3 Roaming• Rogue AP Management• Log for Dynamic RF Status
Customer Needs and D-Link Solution
D-Link Unified Access System
134
All D-LINK features above give what customer needs for unified network infrastructure and for better performance
Introduction to Unified Access System Solution What is Unified Access System Solution
• D-Link solution that enables WLAN deployment while providing state-of-the-art wireless networking features.
• It provides secure wireless connectivity and seamless layer 2 and layer 3 roaming for end users.
D-Link Unified Access System Component• D-Link Unified Switch (DWS-3024 and DWS-3026)• D-Link Unified Access Point (DWL-3500AP and DWL-8500AP)
Introduction to Wireless Switch
D-Link Unified Access System
135
Overlay Solution
Wireless Switch Deployment Solution
D-Link Unified Access System
In overlay solution deployment, Wireless switch is introduced into existing network infrastructure to protect current investment in network infrastructure with all the benefits of WLAN switching.
136
Wireless Switch Layer 3 Switch Server Farm
Layer 2 switch Layer 2 switch
Page is Animated
Unified Solution
Wireless Switch Deployment Solution
D-Link Unified Access System
Unified Solution / Converged Edge Deployment• Deploy at the network edge for greatest scalability• Peer-to-peer WLAN Switches facilitate “Converged” WLAN Edge by distributing
WLAN Switching capability• Full Gigabit Ethernet speed ready for next generation 802.11n
137
Layer 2 switchLayer 2 switchWireless Switch Wireless Switch
Layer 3 Switch Server Farm
All layer 2 switches are replaced with wireless switch
Page is Animated
Summary: D-Link Unified Access System Overview
On larger networks the legacy wireless deployment may cause several difficulties such as time consuming network management which then make customer needs a new solution that provides centralized network management.
D-Link provides solution to cover those problems faces by the customer with D-Link Unified Access System Solution.
D-Link Unified Access System is a wireless local area network (WLAN) solution that enables WLAN deployment while providing state-of-the-art wireless networking features.
To implement D-Link unified access system solution, it requires D-Link wireless switch and D-Link unified access point.
Customers can deploy the unified access system solution using either overlay solution or unified solution.
Summary: D-Link Unified Access System Overview
D-Link Unified Access System
138
Questions and Answers: D-Link Unified Access System Overview1. Select devices that are component of D-Link Unified Access System. (Choose all that
apply)A. DWS-3024 and DWS-3026B. DWL-3260APC. DWL-3500APD. DWL-8200APE. DWL-8500AP
2. Select characteristics of overlay solution deployment for D-Link unified access system. (Choose all that apply)
A. With this solution, the wireless APs are not connected to the wireless switch directlyB. With this solution, the deployment of wireless switches is at the network edgeC. Peer-to-peer WLAN switches facilitate “converged” WLAN Edge by distributing WLAN Switching
capabilityD. Alls customers to keep their existing network hardware/switches
3. Select characteristics of unified solution deployment for D-Link unified access system. (Choose all that apply)
A. With this solution, the wireless AP’s are not connected to the wireless switch directlyB. With this solution, the deployment of wireless switches is at the network edgeC. Peer-to-peer WLAN switches facilitate “converged” WLAN Edge by distributing WLAN Switching
capabilityD. Allows customers to keep their existing network hardware/switches
Questions and Answers: D-Link Unified Access System Overview
D-Link Unified Access System
139
D-Link Unified Wireless Switch
D-Link Unified Access System
After this section, you should be capable of expressing:1. Functions of Unified Wireless Switch2. Models for D-Link Unified Wireless Switch3. Advantages of Unified Wireless Switch4. Features of Unified Wireless Switch
D-Link Unified Wireless Switch
140
Unified Wireless Switch Overview Unified Wireless Switch allows to control the discovery, validation,
authentication, and monitoring of peer unified switches, D-Link Access Points, and clients on the WLAN, including discovery and status of rogue APs and clients.
The D-Link Unified Access System works with the following D-Link switches:• DWS-3024 (24 GE ports)• DWS-3026 (24 GE ports + 2 10GE ports)
D-Link Unified Wireless Switch
D-Link Unified Access System
141
Unified Wireless Switch Advantages Core units controlling entire wireless network High performance, easy deployment 24 Gigabit ports, no restriction on port usage Scalable expansion & unified wired/wireless deployment Authentication, security & power management Simplified configuration & deployment Maximum performance Maximum network performance Maximum investment protection
D-Link Unified Wireless Switch
D-Link Unified Access System
142
Unified Wireless Switch Features List (1)Centralized management of wireless network
• Track and maintain user authentication as users roam throughout the network
• Intelligently designates users to virtual groups based on user’s authenticated identity
• Provide scaled, resilient, integrated management infrastructure
• Centrally manage user authentication/security policies• Provide key management for each security protocol• Configure and control all connected access points
Scalable unified wired/wireless network infrastructure
• 24 10/100/1000BASE-T Gigabit ports• Up to 48 wireless APs direct/indirect connections• Mixed wired/wireless connection from any port• Four combo SFP for flexible fiber connection• Two open slots for optional 10-Gigabit attachment to fiber
backbone*• Expandable to four peer switches
Simplified and resilient network deployment
• 802.3af Power over Ethernet simplify AP installation• Gigabit connection ready for future wireless speed upgrade• Redundant power supply support maximizes network uptime
D-Link Unified Wireless Switch
D-Link Unified Access System
143
* Available on DWS-3026 only
Unified Wireless Switch Features List (2)Security management • 64/128/152-bit WEP data encryption
• WPA/WPA2 personal• WPA/WPA2 enterprise• MAC address filtering• Rouge AP classification and detection
Bandwidth and power management
• Auto-adjust RF channels for AP• Provide fast intra-switch or inter-switch roaming• Advanced inter-subnet roaming• Auto-adjust transmit output for AP• Allow remote boot of AP
LAN management • L2+ features: spanning tree, 802.3ad link aggregation, port mirroring, jumbo frames
• IPv4 packet routing• QoS with 802.1p priority queues, granular bandwidth control• LAN security with ACL, RADIUS, TACACS+ authentication, DoS
prevention, broadcast storm control
Secure and versatile management
• Web access using HTTP• Telnet server/client• SSH v2, SSLv3• SNMP v1, v2c, v3, RMON• SYSLOG, Dual image• CLI
D-Link Unified Wireless Switch
D-Link Unified Access System
144
Summary: D-Link Unified Wireless Switch Wireless Switch allows to control the discovery, validation,
authentication, and monitoring of peer unified switches, D-Link access points, and clients on the WLAN, including discover and status of rogue APs and clients.
D-Link provides DWS-3024 and DWS-3026 for Unified Wireless Switch.
D-Link Unified Wireless Switch offers several advanced features to manage the entire network.
Summary: D-Link Unified Wireless Switch
D-Link Unified Access System
145
Questions and Answers: D-Link Unified Wireless Switch1. Select statement that shows the difference between DWS-3024 and
DWS-3026.A. Control entire wireless networkB. Only DWS-3026 supports WPA2 authentication methodC. Only DWS-3024 provides four combo SFP for flexible fiber connectionD. DWS-3026 provides two open slots for optional 10-Gigabit attachment to
fiber or copper backbone
2. Select advantages of unified wireless switch. (Choose all that apply)A. Control the entire wireless networkB. Unified wired/wireless networkC. High level of security by applying restrictions on port usageD. Support IPv6 packet routing
Questions and Answers: D-Link Unified Wireless Switch
D-Link Unified Access System
146
D-Link Wireless Switch’s Features and Advantages Overview
D-Link Unified Access System
After this section, you should be capable of expressing:1. What is pre-set configuration and centralized management and its
benefits2. What is automatic channel adjustment and the benefits3. What is automatic power adjustment and the benefits4. Characteristics of load balancing and the way it works5. What is rogue AP management and the benefits6. Characteristics and benefits of fast roaming7. Network monitoring in D-Link wireless switch and WLAN
visualization8. Capabilities of D-Link wireless switch that support large scale WLAN
deployment
Wireless Switch Features and Advantages
147
D-Link Wireless Switch Features and Advantages
Pre-set configuration and centralized AP management RF management
• Automatic channel adjustment• Automatic power adjustment
Self-healing wireless network• Load balancing
Enhanced security enforcement Fast wireless roaming Simple network monitoring Suitable for medium to large scale network deployment
Wireless Switch Features and Advantages
D-Link Unified Access System
148
D-Link wireless switch + unified access point
Pre-set Configuration and Centralized Management
Wireless Switch Features and Advantages
D-Link Unified Access System
Security can be pre-set and management of AP can be centralized• The Profile configuration is applied to a managed AP on the event such as when an
AP initially transitions to managed mode, or when AP is reset.• Wireless switch will automatically detect all APs attached to the switch.• When an AP is removed or added, the switch automatically configures new AP with
same configuration of replaced unit.
149
Wireless switch
AP-1
AP-2
AP-3
1> AP-3 appear and attached to a
wireless switch port
2> New AP detected!!!
APs detected on the network
AP-1
AP-2AP-3
3> Configured AP with the pre-set profile
configuration
Page is Animated
Pre-set Configuration and Centralized Management
Wireless Switch Features and Advantages
D-Link Unified Access System
Central Policy Control• Security setting/configuration can be saved even when the AP is powered off.
150
Wireless Switch L3-switch
L2-switch
Access points attached to the network
Pre-set profile
configuration
Content of pre-set profile configuration packet:
•RADIUS server settings
•Security settings
•Radio configuration
•SSIDs, VLAN & Tunnel setting
•QoS configuration
Pre-set profile
configuration
Pre-set profile
configuration
Pre-set profile
configuration
Page is Animated
RF Management
Wireless Switch Features and Advantages
D-Link Unified Access System
Automatic channel adjustment• Wireless Switch automatically adjusts channels in the controlled access points in
an event such as a new AP being added or being removed• Wireless Switch can be programmed to automatically readjust channels
periodically at certain time or upon a certain interval.
151
Wireless Switch
Channel 36
Channel 40
Channel 44
Channel 48
New AP attached to the networkScan RF area for occupied channel…Select non-interfering channel
Channel 44Appear rogue AP
which using channel 44
Experience signal interference,Change channel
Channel 52
Page is Animated
RF Management
Wireless Switch Features and Advantages
D-Link Unified Access System
Automatic power adjustment• Automatically adjust the RF signal to broadcast far enough to reach wireless
clients, but not so far that it interferes with RF signals broadcast by other APs.• When a managed AP is powered down, the power of its neighboring AP(s) managed
by the same switch is immediately increased by 20% (Fail-safe feature).
152
Wireless coverage area
Wireless coverage area
Another AP appear on the network
Power adjusted to prevent interference
The AP is powered down
Power increased
Page is Animated
Self-Healing Wireless Network (Load Utilization)
Wireless Switch Features and Advantages
D-Link Unified Access System
Wireless switch performs load utilization across the switch-managed access points on per radio basis based on AP’s utilization rate.
The APs report bandwidth utilization to the wireless switch regularly. If the bandwidth utilization reaches a configured threshold then the new
client associations are rejected. The new client will be forced to connect to an overlapped neighbor AP with lower utilization.
153
Wireless Switch
Default bandwidth
utilization: 60%
AP-1 AP-2
user4
user4
Utilization rate increased
Reach utilization threshold!!!
Utilization rate for AP-2: 10%
Attempt to connect AP-1
User4 rejectedForce to connect
to AP-2
User4 connect to AP-2
Page is Animated
Enhanced Security Enforcement Rogue AP Management
• An AP is considered to be a rogue if the following conditions are met:– Switch learns about an AP that is not in the database, and the AP has not tried to discover
the switch.– AP is not managed by a peer switch.– The MAC address of the AP is in the local or RADIUS MAC address database with the mode
set to “WS Managed”, but the AP is not actively managed by the wireless switch or a peer switch.
• Using rogue AP management, rogue AP can be acknowledged as a valid AP• Administrator can get better control of the environment through knowing rogue
APs’ information (MAC, SSID, Channel, etc) Complete Security Features
Wireless Wired
• Managed AP MAC list• Wireless Client MAC list• WEP (Static/Dynamic)• WPA Enterprise/Personal• WPA2 Enterprise/Personal
• ACL• 802.1X• DoS Control• Broadcast Storm Control• Port Security• RADIUS/TACACS+
Wireless Switch Features and Advantages
D-Link Unified Access System
154
Fast Roaming
Wireless Switch Features and Advantages
D-Link Unified Access System
Roaming allows wireless clients to move from one location to another, seamlessly switching from one Access Point to another and maintaining access to the network.
This feature can be supported within a subnet (Layer 2) or across subnet boundaries.
When a wireless client (fast) roams among different APs on the same SSID, the same security setting and IP address “follows” the client. That means there is no need for IP re-allocation and re-authentication in order to keep the connection alive. Hence, it is seamless.
155
Wireless switch
Mobile user
No re-authenticate when user moves
With Fast Roaming feature, mobile users can move to any place where covered by an overlapped neighbor without the need to re-authenticate
Mobile user want to move
HERE
Page is Animated
Wireless Switch Operation
Wireless Switch Features and Advantages
D-Link Unified Access System
Steps of wireless switch from attach an AP to user authentication process.1. AP-1 is attached to a switch port and switch will discover AP-1 automatically.2. Network admin can determine whether AP-1 is a rogue or a legal AP.3. Network admin can perform central management of AP, including configuration,
firmware upload, security and RF control.4. All clients are authenticated by the Central Policy Control on the switch.5. Roaming from AP-1 to AP-2 without re-allocating IP and re-authentication to keep
the connection alive.
156
Wireless switch
AP-1 AP-2
PDA User
AP-1 is legal
Page is Animated
Comprehensive Network Management D-Link Unified Access System includes a set of comprehensive
management functions for managing and monitoring the WLAN by using one of the three methods provided• Web-based Management Interface
• Command-Line Interface(CLI)– The CLI is a text-based way to manage and monitor the system. CLI can be accessed
by using a direct serial connection or by using a remote logical connection with Telnet or SSH.
• Simple Network Management Protocol (SNMP)– D-Link Unified Switch uses both standard public MIBs for standard functionality as
well as a number of additional private MIBs for additional functionality supported by the switch.
Wireless Switch Features and Advantages
D-Link Unified Access System
157
Comprehensive Network Management D-Link Unified Switch can discover, validate, authenticate, or monitor
the following system devices:• Peer unified switches• D-Link access points• Wireless clients• Rogue APs• Rogue wireless clients
The following monitoring task that can be done by the unified switch:• Monitoring wireless global information• Monitoring peer switch status• Monitoring all access points• Monitoring managed access point status• Viewing access point authentication failure status• Monitoring rogue and RF scan access points• Monitoring associated client information• Viewing client authentication failure status• Monitoring and managing ad hoc clients
Wireless Switch Features and Advantages
D-Link Unified Access System
158
Monitoring Wireless Global Information
Wireless Switch Features and Advantages
D-Link Unified Access System
Show status and statistics collected periodically about the peer switches and all of the objects associated with it.
159
Monitoring Peer Switch Status
Wireless Switch Features and Advantages
D-Link Unified Access System
The Peer Switch page provides information about other D-Link Unified Switches in the network.
160
Monitoring All Access Points
Wireless Switch Features and Advantages
D-Link Unified Access System
Show summary information about managed, failed and rogue access points the switch has discovered or detected.
The font color for the AP listing indicates that the AP is one of the following types:
• Green – Managed AP• Red – Failed AP• Gray – Rogue AP
161
Monitoring Managed Access Points Status
Wireless Switch Features and Advantages
D-Link Unified Access System
Provide a variety of information about each AP that the switch manages.• Status tab provides configuration and association information about managed APs
and their neighbors.• Statistics tab displays information about the number of packets and bytes
transmitted and received on different interfaces.
162
Viewing Access Point Authentication Failure Status
Wireless Switch Features and Advantages
D-Link Unified Access System
Show information about APs that failed to establish communication with the D-Link Unified Switch. The AP can fail due to one of the following reasons:
• No Database Entry – The MAC address of the AP is not in the local valid AP database or the external RADIUS server database, so the AP has not been validated.
• Authentication – The authentication password configured in the AP did not match the password configured in the local database or RADIUS database.
163
Monitoring Rogue and RF Scan Access Points
Wireless Switch Features and Advantages
D-Link Unified Access System
Show information about all APs detected via RF scan, including those reported as Rogues.
164
Monitoring Associated Client Information
Wireless Switch Features and Advantages
D-Link Unified Access System
Show a variety of information about the wireless clients that are associated with the APs the switches manages.
165
Viewing Client Authentication Failure Status
Wireless Switch Features and Advantages
D-Link Unified Access System
Shows a list of clients that fail to associate or authenticate with the D-Link Access Point.
166
Monitoring and Managing Ad-Hoc Clients
Wireless Switch Features and Advantages
D-Link Unified Access System
View and manage wireless clients that are connected to the WLAN through an ad hoc network.
167
Simple Network Monitoring
Wireless Switch Features and Advantages
D-Link Unified Access System
Capture screen of associated client status.
168
Network Monitoring – WLAN Visualization WLAN visualization Overview
• An optional feature that graphically shows information about the wireless network.
• Display D-Link WLAN Controller Switches, D-Link Access Points, other access points and associated wireless clients.
Benefits of WLAN visualization• Track how and how many managed APs are deployed graphically.• Monitor the wireless network stats via the dynamic updated diagram.• Access visual information, such as how APs are placed, how many clients
are associated to a certain AP, and where rogue APs are located graphically.
Wireless Switch Features and Advantages
D-Link Unified Access System
169
Network Monitoring – WLAN Visualization
Wireless Switch Features and Advantages
D-Link Unified Access System
The diagram below shows an example of a floor plan and network with a D-Link Unified Switch that manages two APs. The graph also shows a peer switch and a rogue AP in the network.
170
Medium to Large Scale WLAN Deployment Visual Access Points forms Roaming group
• Geographical overlapped wireless network is made possible with minimum number of physical APs.
Medium to Large Scale of AP Deployment• Four Peer Switches in the same Roaming Group
– Not only can D-Link’s DWS-3000 series supports fast roaming between APs being managed by a particular switch, but can support up to four peer Unified Switches in a roaming group.
– Support up to 192 APs.– Since each switch can support up to 48 APs, this means up to 192 APs can be
supported in a mobility group or domain.
Wireless Switch Features and Advantages
D-Link Unified Access System
171
Note: The maximum number of managed AP – 192 only applies on APs in the same roaming group. There is no constraint for the number of managed APs at a site if not for roaming. But still, each switch can manage up to 48 APs.
Summary: Wireless Switch Features & Advantages
Using D-Link wireless switch, security can be pre-set and management of certain model of APs can be centralized.
Wireless switch provides automatic channel adjustment and automatic power adjustment feature. Wireless switch automatically adjust channel in the controlled Access Points in an event such as a new AP being removed. It will also adjust RF signal to broadcast far enough to reach wireless clients, but not so far that it interferes with RF signals broadcast by other APs.
Wireless switch performs load balancing across the switch-managed access points on per radio basis based on AP’s utilization rate.
Using rogue AP management feature, the administrator can get better control of the environment through knowing rogue AP’s information (MAC, SSID, Channel, etc).
Summary: Wireless Switch Features and Advantages
D-Link Unified Access System
172
Summary: Wireless Switch Features & Advantages
Fast Roaming allows wireless clients to move from one location to another, seamlessly switching from one Access Point to another and maintaining access to the network.
Wireless switch provides simple network monitoring and WLAN visualization feature that graphically shows information about the wireless network.
Wireless switch can be used to deploy large scale WLAN infrastructure.
Summary: Wireless Switch Features and Advantages
D-Link Unified Access System
173
Questions and Answers: Wireless Switch Features and Advantages1. Select features that can be used to avoid network interference. (Choose two)
A. Self-healing wireless networkB. Automatic channel adjustmentC. Fast roamingD. Automatic power adjustment
2. Select contents of pre-set profile configuration packet. (Choose all that apply)A. TCP/IP settingsB. Security settingsC. QoS configurationD. Firmware upgradeE. VLAN ID
3. Select characteristics of load balancing in wireless switch. (Choose all that apply)A. Load balancing is performed across the managed APs on per radio basis.B. Default value for the wireless bandwidth utilization threshold is 70%.C. If the bandwidth utilization reaches a configured threshold, the new client cannot connect to the
network until the bandwidth utilization is lower than the predefined value.D. Load balancing sets thresholds for client associations and AP utilization.E. If the bandwidth utilization reaches a configured threshold, then new client associations are
rejected and enforced to connect to an overlapped neighbor AP with lower utilization.
Questions and Answers: Wireless Switch Features and Advantages
D-Link Unified Access System
174
Questions and Answers: Wireless Switch Features and Advantages4. Select the characteristics of rogue AP. (Choose all that apply)
A. AP is not managed by the wireless switch.B. AP which failed to connect to wireless switch.C. AP what is not in the local or RADIUS MAC address database but is actively managed by the
wireless switch.D. Switch learns about an AP that is not in the database, and the AP has not tried to discover the
switch.
5. Select the advantage of fast roaming.A. Wireless clients can move to the external network that is out of control from the switchB. Fast roaming can be applied up to 200 APsC. Allow wireless clients to move from one location to another, seamlessly switching from one
Access Point to another and maintaining access to the networkD. All the APs can be in different Roaming Groups
6. Select devices that can be monitored by D-Link wireless switch. (Choose all that apply)A. Peer unified switchesB. D-Link access pointsC. Ethernet switchesD. BridgesE. Wireless clients
Questions and Answers: Wireless Switch Features and Advantages
D-Link Unified Access System
175
Questions and Answers: Wireless Switch Features and Advantages7. Select monitoring task that can be done by D-Link wireless switch.
(Choose all that apply)A. Monitoring offline wireless devicesB. Monitoring managed access point statusC. Viewing access point authentication success statusD. Monitoring associated client information
Questions and Answers: Wireless Switch Features and Advantages
D-Link Unified Access System
176
Unified Access Point
D-Link Unified Access System
After this section, you should be capable of expressing:1. Models of D-Link Unified Access Point and the features for all models2. Operation mode supported by the unified access point and the
differences between each mode
Unified Access Point
177
Unified Access Point Overview Can work in both standalone mode and managed mode Provide migration ability and deployment flexibility
DWL-3500AP DWL-8500AP
• Wireless G access point• Up to 108Mbps wireless speed• PoE support• Two high gain antennas• WMM for QoS• Connect directly to wireless switch
or indirectly through LAN switch
• Wireless AG access point• Up to 108Mbps wireless speed• PoE support• Two high gain antennas• WMM for QoS• Connect directly to wireless switch
or indirect through LAN switch
Unified Access Point
D-Link Unified Access System
178
Modes in Unified Access Point
Unified Access Point
D-Link Unified Access System
Standalone Mode• Independent access point (Decentralized management)• Suitable for small scope network• Manually set up the configuration, such as:
– SSID– User authentication– Power level– QoS– etc
179
Layer 2 switch
Manual set up configuration
Manual set up configuration
Manual set up configuration
Standalone mode UAP
Standalone mode UAP
Standalone mode UAP
Ethernet LAN
Modes in Unified Access Point
Unified Access Point
D-Link Unified Access System
Managed Mode• Managed / controlled by the wireless switch
– Centralized management with all extra benefits from wireless switch
• Automatically received the configuration from wireless switch• Suitable for large scope network
180
Layer 2 switch
Managedmode UAP
Ethernet LAN
Wireless switch
Managedmode UAP
No Manual Configuration for each AP
Centralized AP profile dispatch
Centralized security policy enforcement
Centralized wired/wireless VLAN/QoS/ACL control
Auto Power/Channel adjustment
AP Self healing & Fail-over
Fast Roaming
Instead
Managedmode UAP
Standalone mode UAP
Large network deployment using managed mode UAP
Page is Animated
Summary: Unified Access Point There are two models of unified access point provided by D-Link,
which are DWL-3500AP and DWL-8500AP. These unified access point can be used along with the D-Link
wireless switch. Two operation modes supported for both models of unified access
point: standalone mode and managed mode.
Summary: Unified Access Point
D-Link Unified Access System
181
Questions and Answers: Unified Access Point1. Select the main difference between DWL-3500AP and DWL-8500AP.
(Choose two)A. DWL-8500AP supports WMM for QoS while DWL-3500AP does notB. DWL-3500AP supports PoE while DWL-8500AP does notC. DWL-3500AP supports 802.11a standard while DWL-8500AP support 802.11a
and 802.11g standardD. DWL-3500AP provides only one antenna while DWL-8500AP provides two
antennas
2. Select characteristics that describe managed mode unified access point. (Choose all that apply)A. “Fat” access point with centralized management from the wireless switch.B. “Thin” access point with centralized management from the wireless switch.C. All AP configurations are automatically received from the wireless switch.D. AP configuration configured all the wireless switch must be applied manually
to the AP.
Questions and Answers: Unified Access Point
D-Link Unified Access System
182
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
After this section, you should be capable of expressing:1. D-Link wireless switch target market2. Product comparison between each model of D-Link wireless switch3. Prospect for D-Link wireless switch product in the market4. Product comparison between D-Link wireless switch and
competitor’s products
Market Analysis for D-Link Wireless Switch
183
Highlight of WLAN Market Revenue from sales of WLAN switches and controllers increased
92% year on year, totally $572 million (equivalent to 43% of the WLAN market revenue).
The business market will continue the gradual shift from the traditional stand-alone WLAN architecture to the newer, centralized one (WLAN switches and controllers managing coordinated access points) in 2007.
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
184
Source: Gartner, 2007
D-Link Wireless Switch Market Target customer – Medium to enterprise business solution
• Entertainment• Education• Manufacture• All business category
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
185
D-Link Product Comparison
Category Product DWS-3024 DWS-3026
HW Interface Gigabit and 10G Uplink 24GE + 4 Combo SFP for fiber uplink to LAN
24GE + 2 10GE
Redundant Power Supply Yes Yes
L2 Switching Full 4K VLAN Support Yes Yes
L3 Routing Static Routing, VRRP Yes Yes
Wireless Deployment Overlay Deployment Yes Yes
Unified Edge Deployment Yes Yes
# APs supported per Switch Yes Yes
Wireless Switching Fast Layer 3 Roaming Yes Yes
Inter-Switch Layer 3 Roaming Yes Yes
RF Management Dynamic Channel and Power Yes Yes
Self healing around failed APs Yes Yes
Monitoring Topology Visualization Yes Yes
Wireless Security Rogue AP and Client Detection Yes Yes
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
186
Prospect for D-Link Wireless Switch Product
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
Competitor Analysis – Gigabit wireless controller / switch
187
P e r f o
r m a
n c
e
Strength
Weakness
• Third party AP support• RF Attack Mitigation
• Weak L2/L3 feature • No Peer Switching• Less no. of VLANs• Lower Switching Capacity
• More Advanced Security - VPN/Firewall• Proprietary features• RF Attack Mitigation• Location tracking
• Thin APs only• Weak L2/L3 feature• Less no. of VLANs• Lower Switching Capacity
• Ring Master Management Tool• Third Party AP Support• RF Attack Mitigation• Individual User Groups
• No embedded Network Visualization (RFMaps)• Lower Switching Capacity
P r i c eP r i c e
3Com WX4400
Current Wireless Controller don’t have Unified Switching capability
Aruba 2400
Cisco 4400
D-Link DWS-3000
3Com Unified Gigabit Switch
• No L3 roaming• Weak L2/L3 feature • No Peer Switching• No embedded• No Network Visualization• Lower Switching Capacity
DES-1228P + WLAN ManagerIs the match <->
Page is Animated
Product Comparison Between Competitor
Category Feature DWS-3026 3Com Unified Switch
Aruba 2400 Cisco 4402
HW Interface Gigabit and 10G Uplink 24GE+2 10GE
24GE 24 10/100 (2 GBIC Slots)
2GE
Redundant Power Supply Yes No No Yes
L2 Switching Full 4K VLAN Support Yes No No No
L3 Routing Static Routing VRRP Yes No Yes No
Wireless Deployment
Overlay Deployment Yes No Yes Yes
Unified Edge Deployment Yes Yes No No
#APs supported per switch 48 24 48 12/25/50/100
Wireless Switching
Fast Layer 3 Roaming Yes No Yes Yes
Inter-Switch Layer 3 Roaming Yes No Yes Yes
RF Management
Dynamic Channel and Power Yes Yes Yes Yes
Self-Healing around failed APs Yes Yes Yes Yes
Monitoring Topology Visualization Yes No Yes Yes
Wireless Security
Rogue AP and Client Detection Yes Yes Yes Yes
Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
188Wireless Controllers* Different number of APs supported based on buying upgrade licenses
Summary: Market Analysis for D-Link Wireless Switch The business market will continue the gradual shift from the
traditional stand-alone WLAN architecture to the one (WLAN switches and controllers managing coordinated access points) in 2007.
D-Link target market for its wireless switch products is mainly for medium to enterprise business solution for any fields.
D-Link wireless switch provides many advantages and features that are not supported in competitor’s products.
Summary: Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
189
Questions and Answers: Market Analysis for D-Link Wireless Switch1. Select target markets for D-Link Unified Access System. (Choose
two)A. SOHOB. ISP/WISPC. UniversityD. Internet Cafe
2. Select the advantages of D-Link wireless switch over the other competitors. (Choose two)A. D-Link wireless switch provides 24 Gigabit Ethernet ports and two 10GE
uplink ports which other competitors provide only 24 Gigabit Ethernet without uplink ports.
B. D-Link wireless switch is so much cheaper than other competitors’ products.
C. D-Link wireless switch provides lifetime warranty while other competitors’ products must pay extra fee to get lifetime warranty.
D. D-Link wireless switch provides full 4K VLAN support while other competitors do not.
Questions and Answers: Market Analysis for D-Link Wireless Switch
D-Link Unified Access System
190
Wireless Switch Deployment Application
D-Link Unified Access System
After this section, you should be capable of expressing:1. Suitable implementation for different scenarios and requirement2. Basic topology for deploying network infrastructure using wireless
switch product series
Wireless Switch Deployment Application
191
Wireless Switch Deployment in a School
Wireless Switch Deployment Application
D-Link Unified Access System
In this project, three wireless switches were used to connect the entire campus (Class rooms, labs, teacher room, library). All APs distributed to all campus are managed centrally at the wireless switch. Thus, it makes network management and monitoring easier.
192
Server RoomToilet
Classroom-1
Classroom-2
Classroom-3
Classroom-4
Classroom-5
Classroom-6Classroom-7
Classroom-8
Library
Labs
Toilet
Teacher’s room
Administrator Office
Classroom-9
Classroom-10
Classroom-11
Main Hall
Wireless Switch Deployment in a Hotel
Wireless Switch Deployment Application
D-Link Unified Access System
A hotel wants to build wireless hotspot area to enhance customer satisfaction. The network must run reliably with high speed Internet connection. It has to be easier to maintain as no staff knows about wireless technology.
D-Link wireless switch provides the solution. It provides control, security and management features that are key requirements to allow the hotel staff to manage AP better and easier.
193
11th floor
12th floor
2 Wireless switch are each placed at 11th floor and 12th floor. furthermore, 95 wireless AP managed by the wireless switch are distributed to all floors over the hotel. 5 AP for each floor, placed at common area.
……
….
……
….
19th floor
1st floor
Summary: Wireless Switch Deployment Application
D-Link wireless switch can be implemented widely depending on the condition and requirement from the customer, mainly on medium to large business environment.
For example, implementation in a hotel, university, bank, etc.
Wireless Switch Deployment Application
D-Link Unified Access System
194
Success Stories Lankwitzer Premium Coating, Germany American School of Dubai, Middle East Concorde Hotel, Malaysia
Success Stories
D-Link Unified Access System
195
Lankwitzer Counts on Innovative Wireless Switching Solution
Success Stories
D-Link Unified Access System
Lankwitzer wants to connect its new building wirelessly for the transmission of data and voice, especially wireless telecommunication through an internal Voice over IP-telephone system.
D-Link Germany in cooperation with the Multicomp Systemhaus helped to implement a wireless network infrastructure, which offers a maximum of flexibility and bandwidth as well as superior security and management functions using wireless switch solution.
List of devices used:• D-Link wireless switch, DWS-3024• 24 D-Link unified access point, DWL-8500AP• xStack switch, unmanaged switch, firewall
196
Wireless Switch Solution for Mobile Learning Space in ASD
Success Stories
D-Link Unified Access System
American School of Dubai (ASD) wants to create a continuous (mobile) learning space in the campus to enable the students access the network resources wirelessly.
D-Link Middle East successfully implement the project which provide secured network infrastructure with seamless wireless coverage area and centralized network management.
List of devices used:• Two D-Link wireless switch, DWS-3026• Two unified AP, DWL-8500AP• 61 unified AP, DWL-3500AP• Layer 3 switch, DES-3828P
197
Concorde Hotel Provides Wireless Hotspot Using Unified Solution
Success Stories
D-Link Unified Access System
Management of Concorde Hotel in Kuala Lumpur wants to provide wireless hotspot area within the hotel to enhance customer satisfaction. They want to manage the entire network through an easy, unified solution.
D-Link Malaysia provides wireless access through minor customizations at a reasonable cost.
List of devices used:• Two units of D-Link wireless switch, DWS-3024• 95 units of unified access points, DWL-3500AP (five units for common area in each
floor)
198