||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
CWTS®, CWS,
and CWT
Complete Study Guide
||||||||||||||||||||
||||||||||||||||||||
Exams PW0-071, CWS-2017, CWT-2017
Robert J. Bartz
||||||||||||||||||||
||||||||||||||||||||
Development Editor: Kelly Talbot
Technical Editors: Bryan Harkins and Ben Wilson
Production Editor: Dassi Zeidel
Copy Editor: John Sleeva
Editorial Manager: Mary Beth Wakefield
Production Manager: Kathleen Wisor
Executive Editor: Jim Minatel
Book Designers: Judy Fung and Bill Gibson
Proofreader: Kim Wimpsett
Indexer: Ted Laux
Project Coordinator, Cover: Brent Savage
Cover Designer: Wiley
Cover Image: © Jeremy Woodhouse/Getty Images, Inc.
Copyright © 2018 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-119-38503-5
ISBN: 978-1-119-41940-2 (ebk.)
ISBN: 978-1-119-41939-6 (ebk.)
Manufactured in the United States of America
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or
by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as
permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior
written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to
the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978)
646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department,
John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or
online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or
warranties with respect to the accuracy or completeness of the contents of this work and specifically
disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No
warranty may be created or extended by sales or promotional materials. The advice and strategies
contained herein may not be suitable for every situation. This work is sold with the understanding that
the publisher is not engaged in rendering legal, accounting, or other professional services. If professional
assistance is required, the services of a competent professional person should be sought. Neither the
publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or
Web site is referred to in this work as a citation and/or a potential source of further information does not
mean that the author or the publisher endorses the information the organization or Web site may
provide or recommendations it may make. Further, readers should be aware that Internet Web sites
listed in this work may have changed or disappeared between when this work was written and when it is
read.
For general information on our other products and services or to obtain technical support, please contact
our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or
fax (317) 572-4002.
||||||||||||||||||||
||||||||||||||||||||
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material
included with standard print versions of this book may not be included in e-books or in print-on-demand.
If this book refers to media such as a CD or DVD that is not included in the version you purchased, you
may download this material at http://booksupport.wiley.com. For more information about Wiley
products, visit www.wiley.com.
Library of Congress Control Number: 2017951652
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of
John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be
used without written permission. CWTS is a registered trademark of CWNP, LLC All other trademarks
are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or
vendor mentioned in this book.
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
About the Author
Robert Bartz is a technical trainer, computer networking
consultant, technical author, and speaker. He is a graduate of California State
University Long Beach, College of Engineering, with a Bachelor of Science
degree in Industrial Technology. Prior to entering the field of computer
networking, Robert was employed as an aerospace test engineer working with
military fighter aircraft radar systems and communication satellite spacecraft.
After leaving the aerospace industry, he attained numerous technical
certifications over the years, starting with Novell NetWare and moving on to
Microsoft networking, CompTIA, Cisco Systems, and the CWNP program.
Robert currently holds the Certified Wireless Network Expert (CWNE) and
Certified Wireless Network Trainer (CWNT) credentials. He has more than 27
years of experience with computer networking technology and has been
involved with the CWNP program since its inception.
Robert attended the first-ever CWNA class in 2001 and has taught vendorneutral IEEE 802.11 wireless LAN technology to thousands of people from
various industries and markets across the United States and around the
world. Robert is the founder of Eight-O-Two Technology Solutions, LLC, a
computer networking technical training and consulting services company that
provides technical education and consulting services to various businesses
and organizations. He spends his spare time learning and working with new
technology, having fun outside, and enjoying the beauty of his surroundings
at his home in Colorado. He can be contacted by email at
robert@eightotwo.com.
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Acknowledgments
I would like to thank my wife and two adult children for their support and
patience during the writing of this book.
I would also like to thank everyone at Sybex who helped with the creation of
this book, including executive editor Jim Minatel, production editor Dassi
Zeidel, and copy editor John Sleeva. I owe all these individuals a lot of thanks
for their patience while working with me on this book and keeping things on
track. Kelly Talbot is the development editor for this book. It was great to
work with Kelly once again. Many thanks go to Kelly for his time and work to
help make this book an educational and enjoyable read. His editorial skills
and attention to detail, in addition to assisting with the flow, organization,
and suggestions, were a huge help to me. Also, thanks to Ben Wilson, the
proofread technical editor.
The technical editor for this book is Bryan Harkins. It is always a pleasure to
work with Bryan. I want to thank Bryan once again for his timely reviews,
comments, and great suggestions that helped make this book a valuable
reference source. His many years of experience as a technical trainer,
engineer, security specialist, and author were a great contribution in creating
a book I am sure you will enjoy reading.
I would like to thank the thousands of students who have taken the time to
attend the computer networking classes I was given the opportunity to teach
over the last couple of decades. Educating, mentoring, and entertaining so
many of these individuals gave me the inspiration and motivation to author
this book and share my knowledge with people who want to learn more about
this wonderful technology.
CWNP has realized the need for vendor-neutral wireless LAN training and
certification and has done a great job of building a brand over the years that is
known worldwide. The CWNP program continues to grow at a strong pace,
adding many new certified individuals every day. I offer a special thank-you to
the CWNP team for providing a much-needed product in the industry.
Finally, a thank-you to all the manufacturers, vendors, organizations, and
individuals that I have worked with in the industry, providing me the
technology and tools needed to help write this book.
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Contents
About the Authors
Acknowledgments
Introduction
About CWNP®
CWNP Learning Resources
How to Become a CWTS
How to Become a CWS
How to Become a CWT
Who Should Get This Book?
How to Use This Book and the Companion Website
CWTS, CWS, and CWT Exam Objectives
CWTS Exam Objectives
CWS Exam Objectives
CWT Exam Objectives
Assessment Test
Answers to Assessment Test
Chapter 1 Computer Networking Fundamentals
Network Types
Network Topologies
The OSI Model
Device Addressing
Summary
Exam Essentials
Review Questions
Chapter 2 Wireless Local Area Networking, Standards, and Certifications
The Wireless Computer Network
Building-to-Building Connectivity Using Wireless LAN Technology
Radio Frequency Regulatory Domain Governing Bodies and Local
Regulatory Authorities
||||||||||||||||||||
||||||||||||||||||||
The IEEE
Interoperability Certifications
Common Wireless Local Area Network Deployment Scenarios
Summary
Exam Essentials
Review Questions
Chapter 3 Infrastructure and Client Devices Used with Wireless
Networking
The Wireless Access Point
Wireless Mesh
Wireless Bridges
Wireless Repeaters/Range Extenders
Wireless LAN Controllers and Cloud-Managed Architectures
Power over Ethernet
Radio Hardware Used with Wireless LAN Technology
USB 1.0, USB 1.1, USB 2.0, and USB 3.0
Peripheral Component Interconnect
Mini-PCI, Mini-PCIe, and Half Mini-PCIe
Wireless Workgroup Bridges
Client Device Drivers
Client Utility Software
Summary
Exam Essentials
Review Questions
Chapter 4 Radio Frequency Fundamentals for Wireless Networking
Understanding Radio Frequency
Wireless LAN Coverage and Capacity
Radio Frequency Range and Speed
Wi-Fi and Non–Wi-Fi Interference
Basic Units of Radio Frequency Measurement
Summary
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Review Questions
Chapter 5 Antenna Technology for Wireless Networking
Basic Radio Frequency Antenna Concepts
Wireless LAN Antenna Types
Radio Frequency Cables and Connectors
Factors in Antenna Installation
Minimizing the Effects of Multipath Using Antenna Diversity
Combating Effects of Wind and Lightning in Wireless LAN
Installations
Installation Safety
Antenna Mounting
Maintaining Clear Communications
Summary
Exam Essentials
Review Questions
Chapter 6 Communication for Wireless Networking
Wireless LAN Operation Methods
Connecting to an IEEE 802.11 Wireless Network
The Distribution System
Data Rates
Throughput
Dynamic Rate Switching
Wireless LAN Transitioning/Roaming
IEEE 802.11 Power Save Operations
IEEE 802.11 Protection Mechanisms
Summary
Exam Essentials
Review Questions
Chapter 7 Modulation Technology for Wireless Networking
Network Access Methods
||||||||||||||||||||
||||||||||||||||||||
Spread-Spectrum Technology
IEEE 802.11g Extended Rate Physical
IEEE 802.11n High Throughput
IEEE 802.11a, 802.11g, 802.11n, and 802.11ac OFDM
Summary
Exam Essentials
Review Questions
Chapter 8 Security Fundamentals for Wireless Networking
Introducing IEEE 802.11 Wireless LAN Security
Wireless LAN Threats and Intrusion
IEEE 802.11 Standard Security
Early Wireless LAN Security Methods
MAC Address Filtering
IEEE 802.11 Authentication and Data Encryption
IEEE 802.11 SOHO and Enterprise Security Technologies
Wi-Fi Protected Access and WPA2 Personal Security
WPA and WPA2 Enterprise Security
IEEE 802.1X/EAP
IEEE 802.11 Encryption Methods
Role-Based Access Control
Virtual Private Networking
The Wireless Intrusion Prevention System
The Captive Portal
Wireless Network Management and Monitoring Systems
Industry Regulatory Compliance
Summary
Exam Essentials
Review Questions
Chapter 9 Design for Wireless Networking
Wireless Site Surveys
||||||||||||||||||||
||||||||||||||||||||
Gathering Business Requirements
Interviewing Stakeholders
Gathering Site-Specific Documentation
Identifying Infrastructure Connectivity and Power Requirements
Understanding Application Requirements
Understanding Radio Frequency Coverage and Capacity Requirements
Client Connectivity Requirements
Antenna Use Considerations
The Physical Radio Frequency Site Survey Process
Radio Frequency Spectrum Analysis
Received Signal Strength
Performing a Manual Radio Frequency Wireless Site Survey
Performing a Predictive Modeling Site Survey
Performing a Post-Deployment Site Survey
Protocol Analysis
RF Coverage Planning
Infrastructure Hardware Selection and Placement
Testing Different Antennas
Wireless Channel Architectures
Wireless Device Installation Limitations
Site Survey Report
Summary
Exam Essentials
Review Questions
Chapter 10 Mobile Device Management and BYOD Fundamentals
Mobile Device Management Solutions
Common Mobile Device Operating System Platforms
The Mobile Application Store
Pushing Content to Mobile Devices
Mobile Device Management Administrative Permissions
||||||||||||||||||||
||||||||||||||||||||
Understanding Mobile Device Management High Availability and
Redundancy
Mobile Device Management Device Groups
Location-Based Services
Mobile Device Telecommunications Expense Management
Captive and Self-Service Portals
General Technology Network and Security Policy
Information Technology and Security Policy Implementation and
Adherence
Backup, Restore, and Recovery Policies
Operating System Modifications and Customization
Technology Profiles
Understanding Group Profiles
Policy and Profile Pilot Testing
Summary
Exam Essentials
Review Questions
Chapter 11 Troubleshooting for Wireless Networking
Identifying Wireless LAN Problems
Wireless LAN Connectivity—Coverage and Capacity Problems
Application Performance Problems
Optimizing Wireless Networks
Summary
Exam Essentials
Review Questions
Appendix Answers to Review Questions
Chapter 1: Computer Networking Fundamentals
Chapter 2: Wireless Local Area Networking, Standards, and
Certifications
Chapter 3: Infrastructure and Client Devices Used with Wireless
Networking
||||||||||||||||||||
||||||||||||||||||||
Chapter 4: Radio Frequency Fundamentals for Wireless Networking
Chapter 5: Antenna Technology for Wireless Networking
Chapter 6: Communication for Wireless Networking
Chapter 7: Modulation Technology for Wireless Networking
Chapter 8: Security Fundamentals for Wireless Networking
Chapter 9: Design for Wireless Networking
Chapter 10: Mobile Device Management and BYOD Fundamentals
Chapter 11: Troubleshooting for Wireless Networking
Advert
EULA
||||||||||||||||||||
||||||||||||||||||||
List of Tables
Chapter 1
TABLE 1.1
Chapter 2
TABLE 2.1
TABLE 2.2
TABLE 2.3
Chapter 3
TABLE 3.1
TABLE 3.2
TABLE 3.3
Chapter 4
TABLE 4.1
TABLE 4.2
TABLE 4.3
TABLE 4.4
TABLE 4.5
TABLE 4.6
Chapter 5
TABLE 5.1
TABLE 5.2
TABLE 5.3
TABLE 5.4
TABLE 5.5
Chapter 6
TABLE 6.1
Chapter 7
||||||||||||||||||||
||||||||||||||||||||
TABLE 7.1
TABLE 7.2
Chapter 8
TABLE 8.1
TABLE 8.2
TABLE 8.3
TABLE 8.4
TABLE 8.5
||||||||||||||||||||
||||||||||||||||||||
List of Illustrations
Chapter 1
FIGURE 1.1 Example of a local area network (LAN)
FIGURE 1.2 Example of a wide area network (WAN) connecting two
LANs
FIGURE 1.3 Example of a metropolitan area network (MAN)
connecting a small town
FIGURE 1.4 Example of a campus area network (CAN) connecting a
school campus
FIGURE 1.5 Example of a wireless Bluetooth network connecting
several personal wireless devices
FIGURE 1.6 Example of the bus topology
FIGURE 1.7 Example of the ring topology
FIGURE 1.8 Example of a common star topology using either wired
or wireless devices
FIGURE 1.9 Mesh networks can include either wired or wireless
devices.
FIGURE 1.10 Wired peer-to-peer and wireless ad hoc networks
FIGURE 1.11 Point-to-point connections using either wired or
wireless connections
FIGURE 1.12 Point-to-multipoint connections using either wired or
wireless connections
FIGURE 1.13 Representation of the OSI Model
FIGURE 1.14 Physical layer sublayers, PLCP and PMD
FIGURE 1.15 Data Link layer sublayers, LLC and MAC
FIGURE 1.16 Data Link layer (Layer 2) to Network layer (Layer 3)
address translation
FIGURE 1.17 Comparison between TCP and UDP protocols
FIGURE 1.18 Peer communication between three of the seven layers
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.19 Information is added at each layer of the OSI model as
data moves between devices.
FIGURE 1.20 The MAC address is analogous to the address of
buildings on a street.
FIGURE 1.21 Example of a Layer 2 MAC address showing the OUI
and unique physical address
FIGURE 1.22 The ipconfig command-line utility displaying a
physical/MAC address in Microsoft Windows
FIGURE 1.23 A network with Layer 3 network device logical
addressing
FIGURE 1.24 Example of a Class C logical IP address
FIGURE 1.25 The Microsoft Windows ipconfig command-line utility
showing logical address information
FIGURE 1.26 Network Address Translation (NAT) and Port Address
Translation (PAT). The IP addresses shown are examples.
Chapter 2
FIGURE 2.1 A wireless point-to-point connection using directional
antennas
FIGURE 2.2 A typical point-to-multipoint connection using
omnidirectional and directional antennas
FIGURE 2.3 ITU-R administrative region map
FIGURE 2.4 WLAN controller showing the IEEE 802.11a data rates
FIGURE 2.5 WLAN controller showing the IEEE 802.11g data rates
FIGURE 2.6 WLAN controller showing the IEEE 802.11n MCS and
data rates for the 5 GHz band
FIGURE 2.7 Wi-Fi Certified logo for devices that are Wi-Fi certified
FIGURE 2.8 Example of a SOHO WLAN configuration
FIGURE 2.9 Floor plan of a typical office area that may use IEEE
802.11 WLAN technology
FIGURE 2.10 Wireless hotspot allows users to connect to the
Internet from remote locations.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.11 Office with conference area and cubicle offices
FIGURE 2.12 Classrooms for WLAN deployment
FIGURE 2.13 Warehouse facility with high ceilings and storage
shelving inside
FIGURE 2.14 Medical offices often use WLAN technology
FIGURE 2.15 Wireless last-mile data delivery
Chapter 3
FIGURE 3.1 Access point connected to an Ethernet network
FIGURE 3.2 Half-duplex communication one direction at a time
FIGURE 3.3 NETGEAR Model R7000 AC1900-Nighthawk Smart WiFi dual-band IEEE 802.11ac Gigabit router
FIGURE 3.4 D-Link DAP-2590 AirPremier N dual-band PoE SOHOgrade access point, front and end views
FIGURE 3.5 D-Link DAP-2590 AirPremier N dual-band PoE SOHOgrade access point configuration screen
FIGURE 3.6 The Aruba Networks 220 series IEEE 802.11ac dual-band
access point
FIGURE 3.7 Extreme Networks AP-7131 enterprise-grade access point
configuration page in a web browser
FIGURE 3.8 Cisco Aironet 3500e CleanAir IEEE 802.11n access point
FIGURE 3.9 ADTRAN/Bluesocket 2030 IEEE 802.11ac (3x3:3) indoor
access point
FIGURE 3.10 Aerohive BR200 wireless branch router
FIGURE 3.11 Mesh access points/routers connected to a common
infrastructure and to the Internet
FIGURE 3.12 Wireless bridges connecting two LANs
FIGURE 3.13 A wireless repeater extends the range of a wireless
network.
FIGURE 3.14 Wireless client device roaming across Layer 2 and Layer
3 boundaries
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.15 Standard Ethernet pin assignment
FIGURE 3.16 PSE single-port injector and PD access port
FIGURE 3.17 USB 2.0 port on notebook computer panel
FIGURE 3.18 NETGEAR WG311T IEEE 802.11g wireless PCI adapter
FIGURE 3.19 IEEE 802.11 Mini-PCI adapter
FIGURE 3.20 Full Mini-PCIe adapter
FIGURE 3.21 Typical application for an enterprise WWB
FIGURE 3.22 EnGenius Technologies ECB3500 802.11g High Power
600mW wireless access point/bridge/repeater/router
FIGURE 3.23 Microsoft Windows 10 Professional Device Manager
utility
FIGURE 3.24 Linksys Dual-Band Wireless-N USB client utility
FIGURE 3.25 Proxim Client Utility for 8494-US 802.11a/b/g/n USB
adapter
FIGURE 3.26 Microsoft Windows 10 Professional client utility
Chapter 4
FIGURE 4.1 Radio frequency is used in many different devices to
provide wireless communications.
FIGURE 4.2 A basic sine wave, one complete cycle varying voltage at
a point in time
FIGURE 4.3 RF transmitter and receiver. In a WLAN, the transmitter
and receiver could be an access point and client device, respectively.
FIGURE 4.4 The wavelength is the distance of one complete cycle,
measured in centimeters or inches.
FIGURE 4.5 Frequency is the number of complete cycles in one
second.
FIGURE 4.6 Two signals at the same frequency with different
amplitudes
FIGURE 4.7 Phase is the difference in degrees between two signals.
FIGURE 4.8 Wide coverage with only a single access point is not
||||||||||||||||||||
||||||||||||||||||||
recommended.
FIGURE 4.9 Users of these access points will experience overlapping
channel interference in a multichannel architecture because they are
all set to the same channel.
FIGURE 4.10 Co-location of access points with proper channel reuse.
Overlapping areas use different channels in a multichannel
architecture to prevent interference.
FIGURE 4.11 The oval area represents the Fresnel zone RF coverage
area between a transmitter and receiver, two wireless bridges in a
point-to-point connection.
FIGURE 4.12 Channel overlap in the 2.4 GHz ISM band
FIGURE 4.13 Five channels of separation and 25 MHz of separation
between nonoverlapping channels
FIGURE 4.14 Radio frequency reflection
FIGURE 4.15 Radio frequency refraction
FIGURE 4.16 Radio frequency diffraction
FIGURE 4.17 Radio frequency scattering
FIGURE 4.18 Radio frequency absorption
FIGURE 4.19 Output doubled in power from 100 mW to 200 mW
from amplifier with a gain or change in power of +3 dB
FIGURE 4.20 Data sheet from an Aruba Networks IEEE 802.11ac AP
330 wave 2 wireless access point showing the mapping of minimum
receiver sensitivity in dBm to data rates in Mbps
FIGURE 4.21 Restaurant analogy example of radio frequency noise
FIGURE 4.22 The MetaGeek Chanalyzer spectrum analyzer utility
shows a noise floor for the tested site of about −98 dBm.
FIGURE 4.23 Graph showing the received signal strength vs. noise
floor and the SNR using the MetaGeek Chanalyzer spectrum analyzer
utility
Chapter 5
FIGURE 5.1 RF lobes’ shape and coverage area are affected by the
||||||||||||||||||||
||||||||||||||||||||
type and design of an antenna.
FIGURE 5.2 Horizontal (azimuth) and vertical (elevation)
beamwidths measured at the half power, or −3 dB point
FIGURE 5.3 A perfect isotropic radiator emits energy equally in all
directions.
FIGURE 5.4 An access point supplying 25 mW of RF power to an
antenna with a gain of 10 dBi for an output at the antenna of
effectively 250 mW of RF power
FIGURE 5.5 Horizontally and vertically polarized antennas
FIGURE 5.6 The omnidirectional radiation pattern has a toroidal
shape.
FIGURE 5.7 2.4–2.5 GHz and 5.1–5.8 GHz dual-band rubber duck
antenna
FIGURE 5.8 Omnidirectional 2.4–2.5 GHz and 5.1–5.8 GHz dualband rubber duck antenna physical specifications
FIGURE 5.9 Vertical (elevation) and horizontal (azimuth) charts for
omnidirectional antenna
FIGURE 5.10 2.4 GHz 11 dBi dual polarization
diversity/MIMO/802.11n flat panel antenna
FIGURE 5.11 Vertical (elevation) and horizontal (azimuth) charts for
2.4 GHz 11 dBi dual polarization diversity/MIMO/802.11n flat patch
antenna
FIGURE 5.12 2.4 GHz and 4.9 to 5.8 GHz dual-feed dual-band 90°
sector panel antenna
FIGURE 5.13 Vertical (elevation) and horizontal (azimuth) charts for
2.4 GHz and 4.9 to 5.8 GHz dual-feed dual-band 90° sector panel
antenna
FIGURE 5.14 2.4 GHz 15 dBi Yagi antenna
FIGURE 5.15 Vertical (elevation) and horizontal (azimuth) charts for
2.4 GHz 14 dBi Yagi antenna
FIGURE 5.16 Front and back views of a 5.8 GHz 29 dBi ISM / U-NII
band parabolic dish antenna
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.17 Vertical (elevation) and horizontal (azimuth) charts for
a 5.8 GHz 29 dBi ISM/U-NII band solid parabolic dish antenna
FIGURE 5.18 L-com spool of low-loss 400-series coaxial bulk cable
FIGURE 5.19 Short pigtail adapter cable
FIGURE 5.20 Several common RF connectors used with WLANs
FIGURE 5.21 Effects of multipath
FIGURE 5.22 Phoenix Contact 2.4–5.9 GHz surge protection device
FIGURE 5.23 Stationary antenna mast mounting kit with U-bolts
FIGURE 5.24 L-com 2.3 GHz to 6 GHz 3 dBi omnidirectional ceiling
mount antenna
FIGURE 5.25 Visualization of the Fresnel zone
Chapter 6
FIGURE 6.1 Example of an independent basic service set (IBSS)
FIGURE 6.2 IBSS, ad hoc, or peer-to-peer network using common
configuration parameters
FIGURE 6.3 Entering the SSID and other parameters in the Microsoft
Windows 7 wireless configuration client utility
FIGURE 6.4 Setting the RF channel for an IBSS, ad hoc wireless
network in a wireless network adapter driver advanced settings page
FIGURE 6.5 Basic service set consisting of a single access point
connected to a distribution system and associated devices
FIGURE 6.6 Graphical user interface for an Aruba Networks access
point configuring the SSID
FIGURE 6.7 Two basic service sets connected by a common
distribution system, making an extended service set
FIGURE 6.8 An example of passive scanning with a WLAN client
listening for access points in the BSA
FIGURE 6.9 Packet capture of beacon frames
FIGURE 6.10 Wireless client device sending a probe request frame to
access points in radio range
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.11 Packet capture of probe request and probe response
frames
FIGURE 6.12 A wireless client authenticating to an access point using
open system authentication
FIGURE 6.13 Packet capture of open system authentication
FIGURE 6.14 Shared-key authentication uses a four-way frame
exchange.
FIGURE 6.15 Packet capture of a four-frame exchange 802.11 sharedkey authentication
FIGURE 6.16 IEEE 802.11 authentication and association
FIGURE 6.17 Packet capture of the IEEE 802.11 association request
and association response process
FIGURE 6.18 Packet capture of disassociation and deauthentication
frames
FIGURE 6.19 Two access points connected to a common distribution
system—in this case, IEEE 802.3, Ethernet
FIGURE 6.20 Two dual-band access points used to create a wireless
mesh distribution system
FIGURE 6.21 Windows 10 wireless configuration utility showing a
data rate of 867 Mbps for an IEEE 802.11ac WLAN adapter
FIGURE 6.22 Actual throughput of an IEEE 802.11a/g/n 300 Mbps
WLAN adapter
FIGURE 6.23 A graphical representation of dynamic rate switching
FIGURE 6.24 The roaming process for a WLAN
FIGURE 6.25 Packet capture of the reassociation process
FIGURE 6.26 The driver settings for a wireless adapter in a laptop
computer and power save mode setting
Chapter 7
FIGURE 7.1 Computers connected to Ethernet cable using CSMA/CD
FIGURE 7.2 Wireless LAN devices using CSMA/CA and DCF
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.3 Half-duplex operation has some effect on overall data
throughput.
FIGURE 7.4 Narrowband frequency—high power, narrow frequency
FIGURE 7.5 Spread-spectrum technology—low power, wide frequency
FIGURE 7.6 DSSS is limited to a 22 MHz–wide channel in the 2.4
GHz ISM band. Each channel for DSSS is 5 MHz on center.
FIGURE 7.7 The 2.4 GHz ISM band allows 14 channels.
FIGURE 7.8 3 nonoverlapping channels possible in the 2.4 GHz ISM
band
FIGURE 7.9 Selecting an operation mode on a dual-band IEEE
802.11a/b/g/n SOHO access point
FIGURE 7.10 OFDM transmit spectral mask for 20 MHz
transmission
FIGURE 7.11 MIMO hardware uses separate radio chains for each
band and one antenna for each radio.
FIGURE 7.12 More lanes, more cars—wider channels, more data
FIGURE 7.13 OFDM transmit spectral mask for 40 MHz transmission
FIGURE 7.14 Co-location of various IEEE 802.11
devices/technologies
FIGURE 7.15 Two access points on overlapping channels as seen in
MetaGeek’s Chanalyzer. The “Data” access point is on channel 1, and
the “Guest” access point is on channel 3 in the 2.4 GHz ISM band.
Chapter 8
FIGURE 8.1 WLANs are subject to many potential security threats.
FIGURE 8.2 A WLAN controller allowing you to disable SSID
broadcast
FIGURE 8.3 The Windows command-line utility ipconfig.exe will
display MAC addresses.
FIGURE 8.4 A MAC address filter table on a SOHO access point
FIGURE 8.5 SOHO wireless access point with PIN-based security
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.6 D-Link wireless router with push-button security
FIGURE 8.7 D-Link wireless access point preshared key passphrase
settings
FIGURE 8.8 WLAN client authenticating to a RADIUS server using
IEEE 802.1X/EAP
FIGURE 8.9 Aerohive HiveManager Online cloud-based IEEE
802.1X/EAP configuration screen
FIGURE 8.10 Remote user authenticating to a remote access server
FIGURE 8.11 Wireless access point configured as a RADIUS client
device
FIGURE 8.12 WLAN controller security configuration screen
FIGURE 8.13 Wireless access point security configuration selection
FIGURE 8.14 OSI model representation of a Layer 3 VPN security
solution
FIGURE 8.15 Representation of a VPN tunnel
FIGURE 8.16 Microsoft Windows 7 Professional built-in VPN client
utility configuration
FIGURE 8.17 WLAN client using a wireless hotspot to connect to a
corporate office using VPN technology
FIGURE 8.18 A WIPS dashboard
FIGURE 8.19 WIPS policy configuration
FIGURE 8.20 The WIPS overlay installation uses separate devices.
FIGURE 8.21 WIPS integrated solution sensor radio built into a
wireless access point
FIGURE 8.22 Aruba Networks Airwave wireless network
management software platform
FIGURE 8.23 Aerohive HiveManager NMS cloud-based WNMS
FIGURE 8.24 The MetaGeek Chanalyzer spectrum analyzer shows an
RF DoS attack using a narrow-band jamming device.
Chapter 9
||||||||||||||||||||
||||||||||||||||||||
FIGURE 9.1 Various personal devices that may be connected to a
wireless network
FIGURE 9.2 A small office wireless network installation using
omnidirectional antennas
FIGURE 9.3 Sample checklist showing some information collected
for a wireless site survey
FIGURE 9.4 A legacy IEEE 802.11a/b/g dual-band access point
mounted on a ceiling 35 feet high with diversity antennas spaced
incorrectly for diversity technology
FIGURE 9.5 Importing a floor plan map using the Ekahau Site Survey
program
FIGURE 9.6 Floor plan with an existing wireless network deployment
FIGURE 9.7 Small office/warehouse floor plan showing RF coverage
using different antenna types
FIGURE 9.8 MetaGeek Chanalyzer shows an RF capture of the 2.4
GHz ISM band.
FIGURE 9.9 MetaGeek DBx spectrum analyzer for IEEE
802.11a/b/g/n/ac networks operating in the 2.4 GHz and 5 GHz
frequency ranges
FIGURE 9.10 AirMagnet Spectrum XT USB Spectrum Analyzer
screen capture
FIGURE 9.11 MetaGeek Chanalyzer shows a microwave oven
operating at maximum power. These typically create a mountain-like
shape, as shown in the waterfall view.
FIGURE 9.12 A wireless client utility showing signal, noise, and data
rate
FIGURE 9.13 Ekahau HeatMapper, a Wi-Fi coverage mapping site
survey software utility, is a free download from Ekahau.
FIGURE 9.14 Approximate access point locations
FIGURE 9.15 The AirMagnet Wi-Fi Analyzer can be used to view
existing IEEE 802.11 wireless networks.
FIGURE 9.16 Access point temporarily mounted using an expandable
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
light pole
FIGURE 9.17 Ekahau Site Survey (ESS) showing a passive survey
FIGURE 9.18 AirMagnet Survey showing an active site survey
FIGURE 9.19 OmniPeek by Savvius identifies nearby wireless
networks.
FIGURE 9.20 Expandable light pole used for temporary mounting
and testing of Yagi and patch antennas
FIGURE 9.21 An example of an MCA deployment
FIGURE 9.22 An example of an SCA deployment
FIGURE 9.23 Ekahau site survey built-in reporting features
Chapter 10
FIGURE 10.1 Geo-fencing example
FIGURE 10.2 Geo-location can identify the physical location of a
device.
FIGURE 10.3 Windows Intune mobile device management dashboard
FIGURE 10.4 Windows Intune password policy configuration screen
FIGURE 10.5 Windows Intune management console used to create a
license agreement
Chapter 11
FIGURE 11.1 Many components, whether wired or wireless, can be
the source of or contribute to WLAN problems.
FIGURE 11.2 A wireless access point (transmitter) and wireless client
device (receiver) with computer data traversing the air using RF
FIGURE 11.3 The lower two layers of the OSI model are responsible
for the operation of wireless networks. The Physical layer provides a
connection between devices.
FIGURE 11.4 Disabled WLAN adapter and Microsoft Windows 10
WLAN AutoConfig service not running
FIGURE 11.5 Microsoft Windows 10 WLAN AutoConfig service not
running and resolution using the built-in troubleshooting diagnosis
||||||||||||||||||||
||||||||||||||||||||
feature
FIGURE 11.6 Devices and components that make up a WLAN
showing potential wireless client-side issues
FIGURE 11.7 Layers 3 and 4 of the OSI model are responsible for the
addressing and routing of information as well as the session
connection between devices.
FIGURE 11.8 DHCP and IP address information from the ISP to the
wireless client device
FIGURE 11.9 Microsoft Windows APIPA address displayed using the
ipconfig command
FIGURE 11.10 Limited or no connectivity as the result of an IP
address not being obtained from a DHCP server in the Microsoft
Windows operating system
FIGURE 11.11 Windows 7 on a notebook computer with no IP address
FIGURE 11.12 The Microsoft Windows 7 and Windows 10 wireless
adapters show errors when an incorrect WPA2 passphrase is entered.
FIGURE 11.13 Wireless client device receiving a fraction of the
amount of power output by the access point
FIGURE 11.14 Representation of received signal strength (signal
quality) and data rate using the Microsoft Windows wireless client
utility
FIGURE 11.15 Microsoft Windows wireless client utility displays
signal strength difference between nearby wireless access points.
FIGURE 11.16 Two FTP sessions showing the difference in
throughput based on distance from an access point
FIGURE 11.17 Increasing the output power of an access point will
provide higher received signal strength for the client, resulting in
better overall throughput.
FIGURE 11.18 Device driver information in Microsoft Windows for a
USB wireless network adapter
FIGURE 11.19 Aruba Networks wireless access point firmware update
screen
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 11.20 NETSCOUT AirMagnet Spectrum XT showing devices
that may cause RF interference
FIGURE 11.21 Load balancing ensures optimal performance for
connected wireless client devices.
FIGURE 11.22 Hidden node caused by an obstruction
FIGURE 11.23 Hidden node as a result of distance and weak signal
strength between wireless client devices
FIGURE 11.24 Hidden node based on technology types such as
HR/DSSS and ERP-OFDM
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Introduction
This book is intended to provide an introduction to the exciting and emerging
world of IEEE 802.11 wireless LAN (WLAN) technology. This technology
continues to expand at a phenomenal pace, with constant improvements in
speed, performance, reliability, and security. This book will teach you the
fundamentals of IEEE 802.11 standards-based wireless technology, giving you
an overview of the terminology, hardware and software components, radio
frequency (RF) communication principles, and support and maintenance
associated with WLAN technology, commonly referred to as Wi-Fi™.
In addition to providing an overview of the technology, this book will help
you prepare for the Certified Wireless Technology Specialist (CWTS)
certification exam, the Certified Wireless Specialist (CWS) certification exam,
and the Certified Wireless Technician (CWT) certification exam, which are all
available from the Certified Wireless Network Professional (CWNP) program.
CWTS is an entry-level enterprise WLAN certification and is recommended as
preparation for the Certified Wireless Network Administrator (CWNA)
certification. This certification is geared specifically toward WLAN support
staff, sales and marketing personnel, or anyone who wants to become more
familiar with the enterprise WLAN industry.
CWS is targeted for those who need to be able to explain basic features and
capabilities of WLAN solutions, including access points, controllers, WLAN
management solutions, and 802.11 networks. It also helps you assist in
selecting the best equipment for a deployment or communicate well with
those who are responsible for such decisions. The CWS is not responsible for
the configuration and management of the WLAN but must have the ability to
gather information to determine requirements and match technologies to
those requirements for a deployment.
CWT is geared toward the individual who can install access points based on a
design document, configure access points for initial operations, and ensure
connectivity. The CWT can troubleshoot basic problems and assist users inperson or through remote communications in problem resolution. The ability
to configure a WLAN client for connectivity is paramount and includes an
understanding of the configuration process for service set identifiers (SSIDs),
security settings, and other client adapter settings. The CWT is not
responsible for WLAN design, analysis, or security design; however, the CWT
should be able to gather information from a design specification document to
||||||||||||||||||||
||||||||||||||||||||
properly configure an access point and troubleshoot individual connection
issues. The CWT may not be aware of the actual WLAN architectural design,
the RF design, or the full feature set in use to implement the WLAN.
In addition to helping you prepare for all three certification exams, this book
will give you the fundamental knowledge, tools, and terminology to more
effectively sell and support enterprise IEEE 802.11 WLAN technologies. The
main goal of this book is for you to learn “what it is,” not “how it works.” The
“how” part comes later, in other Study Guides and instructor-led courses.
After reading this book and completing all the available practice exam tools
included, you will have the knowledge needed to take the CWTS, CWS, or
CWT certification exams.
For more information about these and other vendor-neutral WLAN
certifications from the CWNP program, visit www.cwnp.com.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
About CWNP®
CWNP, the abbreviation for Certified Wireless Network Professional, is the
industry standard for vendor-neutral, enterprise WLAN certifications. The
CWNP program develops courseware and certification exams for IEEE 802.11
WLAN technologies in the computer networking industry.
CWNP offers several levels of enterprise WLAN certifications, from novice to
expert. The goal of CWNP is to provide educational resources and
certifications that are recognized worldwide to information technology (IT)
and sales professionals in the field of IEEE 802.11 wireless networking
technology. By acquiring this knowledge, these professionals will be able to
enter any business and sell, design, install, manage, and support a WLAN
infrastructure, regardless of which manufacturer’s solution is used.
In addition to CWTS, CWT, and CWS, five other wireless certifications are
currently offered from CWNP:
CWNA: Certified Wireless Network Administrator The CWNA (Certified
Wireless Network Administrator) certification is the foundation-level
enterprise WLAN certification for the CWNP program. The CWNA
certification will validate one’s skills to successfully administer enterpriseclass WLANs. Passing the CWNA exam will also earn the base certification
toward the more advanced CWNP certifications. The CWNA exam measures
one’s ability to understand all of the features and functions of IEEE 802.11
WLAN technology. Passing the CWNA-107 certification exam will satisfy the
requirement to become CWNA certified.
CWSP: Certified Wireless Security Professional The CWSP (Certified
Wireless Security Professional) certification is one of the advanced-level
WLAN certifications offered by the CWNP program. Acquiring this
certification will prove one’s ability to successfully apply the most up-to-date
IEEE 802.11 WLAN security solutions to an organization’s IEEE 802.11
wireless network. This certification will ensure that the successful candidate
understands the security weaknesses inherent in IEEE 802.11 WLANs, the
solutions available to address those weaknesses, and the steps necessary to
implement a secure and manageable WLAN in an enterprise environment.
Successfully passing two exams is required to become CWSP certified:
Exam CWNA-107 – Certified Wireless Network Administrator
||||||||||||||||||||
||||||||||||||||||||
Exam CWSP-205 – Certified Wireless Security Professional
CWDP: Certified Wireless Design Professional The CWDP (Certified
Wireless Design Professional) certification is a professional-level career
certification for those in wireless computer networking who have already
obtained the CWNA certification and have a thorough understanding of RF
technologies and applications of 802.11 networks. This certification prepares
WLAN professionals to properly design an IEEE 802.11 WLAN for various
environments and for optimal performance. Successfully passing two exams
is required to become CWDP certified:
Exam CWNA-107 – Certified Wireless Network Administrator
Exam CWDP-302 – Certified Wireless Design Professional
CWAP: Certified Wireless Analysis Professional The CWAP (Certified
Wireless Analysis Professional) certification is a professional-level career
certification for those in wireless computer networking who have already
obtained the CWNA certification and have a thorough understanding of RF
technologies and applications of 802.11 wireless networks. This certification
provides an in-depth look at 802.11 operations and prepares WLAN
professionals to be able to perform, interpret, and understand wireless packet
and spectrum analysis. You must successfully pass two exams to become
CWAP certified:
Exam CWNA-107 – Certified Wireless Network Administrator
Exam CWAP-402 – Certified Wireless Analysis Professional
CWNE: Certified Wireless Network Expert The CWNE (Certified Wireless
Network Expert) credential is the highest certification offered by the CWNP
program. By successfully completing the CWNE requirements, you will have
demonstrated that you have the most advanced skills available in today’s
IEEE 802.11 WLAN market. The CWNE certification ensures that you have
mastered all relevant skills to administer, install, configure, troubleshoot, and
design wireless network systems. Protocol analysis, intrusion detection and
prevention, performance and QoS analysis, spectrum analysis and
management, and advanced design are some of the areas of expertise you will
need to know. Successfully passing four exams is required to become CWNE
certified:
Exam CWNA-107 – Certified Wireless Network Administrator
Exam CWSP-205 – Certified Wireless Security Professional
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Exam CWDP-302 – Certified Wireless Design Professional
Exam CWAP-402 – Certified Wireless Analysis Professional
The following criteria must also be met:
Three years of documented enterprise Wi-Fi implementation experience
Three professional endorsements
Two other current, valid professional networking certifications
Documentation of three enterprise Wi-Fi projects in which you
participated or led in the form of 500-word essays
Re-certification every three years by completing continuing education
(CE) credits. During the three-year CWNE cycle, a CWNE professional
must report a minimum of 60 CE hours.
For additional information on the details required for CWNE
certification, including information regarding what is valid for continuing
education credit hours, visit www.cwnp.com.
CWNT: Certified Wireless Network Trainer Certified Wireless Network
Trainers (CWNT) are qualified instructors certified by the CWNP program to
deliver CWNP training courses to IT professionals. CWNTs are technical and
instructional experts in wireless technologies, products, and solutions. CWNP
Authorized Learning Centers (ALC) are required to use CWNTs when
delivering training using official CWNP courseware.
Keep in mind that the certification exam numbers listed in this
book are as of this writing. When CWNP updates an exam, the exam
reference number will change. For the most current information
regarding all certifications and exams, visit www.cwnp.com.
||||||||||||||||||||
||||||||||||||||||||
CWNP Learning Resources
A variety of resources are available to help you learn vendor-neutral WLAN
technology. Listed are some of these resources:
Self-study materials
Study guides from Sybex
Online practice exams from www.cwnp.com
Instructor-led classroom training
Online live training
Computer-based training (CBT)
CWNP website
CWNP forums
CWNP blog
CWNP learning center, offering 1,000+ white papers
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
How to Become a CWTS
To become a CWTS, you must complete the following two steps:
Agree that you have read and will abide by the terms and conditions of the
CWNP confidentiality agreement.
Pass the CWTS PW0-071 certification exam.
A copy of the CWNP confidentiality agreement can be found
online at the CWNP website.
When you take the CWTS certification exam, you will be required to accept
the confidentiality agreement before you can continue to complete the exam.
After you have agreed, you will be able to continue with the exam. When you
pass the exam with a score of 70 percent or higher, you will have met the
requirements to become CWTS certified.
The information for the CWTS exam is as follows:
Exam name: Certified Wireless Technology Specialist
Exam number: PW0-071
Cost: $150.00 (USD)
Duration: 90 minutes
Questions: 60
Question types: Multiple choice/multiple answer
Passing score: 70 percent
Available languages: English
Renewal: None—lifetime certification. Recommended prior to CWNA.
Availability: Register at Pearson VUE (www.vue.com/cwnp)
When you schedule the exam, you will receive instructions regarding
appointment and cancellation procedures, ID requirements, and information
about the testing center location. In addition, you will receive a registration
||||||||||||||||||||
||||||||||||||||||||
and payment confirmation email. Exams can be scheduled weeks in advance
or, in some cases, even as late as the same day.
After you have successfully passed the CWTS exam, the CWNP program will
award you the lifetime certification. If the email contact information you
provided the testing center is correct, you will receive an email from CWNP
recognizing your accomplishment and providing you with a CWNP
certification number. After you earn any CWNP certification, you can request
a certification kit from CWNP. You will need to log in to the CWNP tracking
system, verify your contact information, and request your certification kit.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
How to Become a CWS
To become a CWS, you must complete the following:
Pass the CWS-2017 certification exam.
The information for the CWS exam is as follows:
Exam name: Certified Wireless Specialist
Exam number: CWS-2017
Cost: $75.00 (USD)
Duration: 90 minutes
Number of questions: 60
Type of questions: Multiple choice/single correct
Passing score: 70 percent
Available languages: English
Renewal: 3 years
Availability: Online
To register for the CWS certification exam, visit the CWNP website at
www.cwnp.com.
||||||||||||||||||||
||||||||||||||||||||
How to Become a CWT
To become a CWT, you must complete the following:
Pass the CWT-2017 certification exam.
The information for the CWT exam is as follows:
Exam name: Certified Wireless Technician
Exam number: CWT-2017
Cost: $75.00 (USD)
Duration: 90 minutes
Number of questions: 60
Type of questions: Multiple choice/single correct
Passing score: 70 percent
Available languages: English
Renewal: 3 years
Availability: Online
To register for the CWT certification exam, visit the CWNP website at
www.cwnp.com.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Who Should Get This Book?
Reading this book will provide you with an overview of IEEE 802.11 WLAN
technology. This book is written with the CWTS, CWS, and CWT exam
objectives in mind and “what it is,” not “how it works.” The exam objectives
were designed based on the skill set the intended audience should need in
order to perform their job functions or roles in an organization. One thing to
keep in mind is that this book will introduce and teach you a technology, a
combination of computer LAN and RF technology.
If you follow the exam objectives, perform the hands-on exercises, and utilize
all the available exam questions and practice exams at the book’s companion
website (www.wiley.com/go/sybextestprep) and at www.cwnp.com, you
should be prepared to pass the certification exams. This book will also serve
as a stepping-stone to more advanced books that teach the technology in
more depth, as well as a reference guide for the technology.
||||||||||||||||||||
||||||||||||||||||||
How to Use This Book and the Companion Website
Several testing features are in this book, and an exam engine that contains
flashcards and additional practice exams is available on the book’s companion
website (www.wiley.com/go/sybextestprep). These are designed to test your
knowledge of the information you have learned from reading the book and
performing the exercises. Although there is no guarantee you will pass the
certification exam if you use this book and the additional online material, you
will have all the tools necessary that effectively prepare you to do so.
Before You Begin At the beginning of the book (right after this introduction)
is an assessment test you can use to check your readiness for the certification
exams. Take this test before you start reading the book; it will help you
determine the areas you may need to brush up on. The answers to the
assessment test appear on a separate page after the last question of the test.
Each answer includes an explanation, shows a chapter reference, and
describes why the other options are incorrect.
Chapter Review Questions To test your knowledge as you progress through
this book, there are review questions at the end of each chapter. As you finish
each chapter, answer the review questions and then check your answers. The
correct answers appear in an appendix at the back of the book. You can go
back and revisit the section that deals with each question you answered
wrong to ensure that you understand the material and answer correctly the
next time you are tested on that topic.
Electronic Flashcards You will find flashcard questions on the book’s
companion website (www.wiley.com/go/sybextestprep). These are short
questions and answers, just like other flashcards you may be familiar with
and have used in the past. You can answer them on your PC or download
them onto a tablet, smartphone, or other client device for quick and
convenient reviewing.
Test Engine The book’s companion website
(www.wiley.com/go/sybextestprep) also contains the Sybex Test Engine.
With this custom test engine, you can identify weak areas up front and then
develop a solid studying strategy that includes each of the robust testing
features described previously. The readme file will walk you through the
quick, easy installation process.
In addition to the assessment test and the chapter review questions, you will
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
find two bonus exams. Use the test engine to take these practice exams just as
if you were taking an actual exam (without any reference material). When
you have finished the first exam, move on to the next one to solidify your
test-taking skills. Getting a high percentage of the answers correct is an
indication you are ready to take the actual certification exams.
Labs and Exercises Several chapters in this book have lab exercises that use
evaluation software that is downloadable from the manufacturer’s website.
These exercises will provide you with a broader learning experience by
providing hands-on experience and step-by-step problem solving.
The Certification Exams Are Based on the Exam Objectives
It is important to note that in order to pass the certification exam, you
should study from the currently posted exam objectives. Use this book as
a learning aid to understand the exam objectives. For the most up-to-date
certification exam objectives, visit the CWNP website at www.cwnp.com.
CWNP Exam Terminology
The CWNP program uses specific terminology when phrasing the questions
on any of the CWNP exams. The terminology used most often mirrors the
language that is used in the IEEE 802.11 standard. While technically correct,
the terminology used in the exam questions often is not the same as the
marketing terminology that is used by the Wi-Fi Alliance or the
manufacturers of WLAN equipment.
As of this writing, the most current IEEE version of the 802.11 standard is the
IEEE 802.11-2016 document, which includes all the amendments that have
been ratified since the IEEE 802.11-2012 standard. Standards bodies such as
the IEEE often create several amendments to a standard before “rolling up”
the ratified amendments (finalized or approved versions) into a new standard.
For example, you might already be familiar with the term 802.11g, which is a
ratified amendment that has now been integrated into the IEEE 802.11-2016
standard. The technology that was originally defined by the 802.11g
amendment is called Extended Rate Physical (ERP). Although the name
802.11g effectively remains the more commonly used marketing terminology,
||||||||||||||||||||
||||||||||||||||||||
exam questions may use the technical term ERP instead of 802.11g. A
document with exam terms is available from the CWNP website. At the time
of this writing, the URL to access this document is
www.cwnp.com/uploads/misc/cwnp_exam_terms.pdf.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
CWTS, CWS, and CWT Exam Objectives
The CWTS, CWS, and CWT certifications, covering the current objectives, will
certify that successful candidates know the fundamentals of RF behavior, can
describe the features and functions of wireless components, and have the
skills needed to understand and/or install and configure wireless network
hardware components. A typical CWTS candidate should have a basic
understanding of data networking concepts.
The skills and knowledge measured by this examination are derived from a
survey of wireless networking experts and professionals. The results of this
survey were used in weighing the subject areas and ensuring that the
weighting is representative of the relative importance of the content.
CWTS, CWS, and CWT Complete Study Guide has been written to cover every
exam objective at a level appropriate to its exam weighting. The following
sections provide a breakdown of this book’s exam coverage, showing you the
weight of each section.
||||||||||||||||||||
||||||||||||||||||||
CWTS Exam Objectives
Subject Area
Percent of Exam
Wi-Fi Technology, Standards, and Certifications 25%
Hardware and Software
20%
Radio Frequency (RF) Fundamentals
20%
Site Surveying and Installation
10%
Applications, Support, and Troubleshooting
15%
Security and Monitoring
10%
Total
100%
Wireless Technologies, Standards, and Certifications - 25%
1.1 Define the roles of the following organizations in providing direction
and accountability within the wireless networking industry
IEEE
Wi-Fi Alliance
Local regulatory authorities
1.2 Define basic characteristics of and concepts relating to Wi-Fi
technology
Range, coverage, and capacity
Frequencies/channels used
Channel reuse and co-location
Infrastructure and ad hoc modes
BSSID, SSID, BSS, ESS, BSA, IBSS
Network discovery via active and passive scanning
802.11 authentication and association
Data rates and throughput
The distribution system and roaming
Protection Mechanisms
Power saving operation
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Dynamic rate switching
1.3 Summarize the basic attributes of the following WLAN standards,
amendments, and product certifications
802.11a
802.11b
802.11g
802.11n
Wi-Fi Multimedia (WMM) certification
WMM Power Save (WMM-PS) certification
Wi-Fi Protected Access (WPA/WPA2) certification
Enterprise
Personal
1.4 Explain the role of Wi-Fi as a network access technology
WPAN, WLAN, WMAN, WWAN
The OSI reference model
Hardware and Software - 20%
2.1 Identify the purpose, features, and functions of the following wireless
network components. Choose the appropriate implementation or
configuration steps in a given scenario.
Access Points
Controller-based
Autonomous
Cooperative
Mesh
Wireless LAN Routers
Wireless Bridges
Wireless Repeaters
WLAN Controller
||||||||||||||||||||
||||||||||||||||||||
Distributed and centralized data forwarding
Power over Ethernet (PoE) Devices
802.3af and 802.3at
Midspan
Endpoint
2.2 Identify the purpose, features, and functions of the following client
device types. Choose the appropriate installation or configuration steps in
a given scenario.
PC Cards (ExpressCard, CardBus, and PCMCIA)
USB2
PCI, Mini-PCI, and Mini-PCIe, and Half Mini PCIe cards
Workgroup Bridges
Client utility software and drivers
2.3 Identify the purpose, features, and proper implementation of the
following types of antennas
Omni-directional/dipole
Semi-directional
Highly-directional
2.4 Describe the proper locations and methods for installing RF antennas
Internal and external (to the AP) antennas
Pole/mast mount
Ceiling mount
Wall mount
Radio Frequency (RF) Fundamentals - 20%
3.1 Define the basic concepts and units of RF measurements, identify
when they are used, and perform basic unit conversion.
Watt (W) and milliwatt (mW)
Decibel (dB)
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
dBm
dBi
RSSI
SNR
3.2 Identify and explain RF signal characteristics
Frequency
Wavelength
Amplitude
Phase
3.3 Identify factors which affect the range and rate of RF transmissions
Line-of-sight requirements
Interference (Wi-Fi and non-Wi-Fi)
Environmental factors, including building materials
Free Space Path Loss
3.4 Define and differentiate between the following physical layer wireless
technologies
802.11b HR/DSSS
802.11g ERP
802.11a OFDM
802.11n HT
3.5 Define concepts which make up the functionality of RF spread
spectrum communication
802.11 channels
Co-location of 802.11a/b/g/n systems
Adjacent-channel and co-channel interference
WLAN/WPAN co-existence
CSMA/CA operation
Half duplex communications
||||||||||||||||||||
||||||||||||||||||||
3.6 Understand and apply basic RF antenna concepts
Passive Gain
Beamwidth
Simple diversity
Polarization
3.7 Identify the use of the following WLAN accessories and explain how to
select and install them for optimal performance and regulatory domain
compliance
RF cables
RF connectors
Lightning Arrestors and grounding rods
Site Surveying and Installation - 10%
4.1 Understand and describe the requirements to gather information prior
to the site survey and do reporting after the site survey
Gathering business requirements
Interviewing stakeholders
Gathering site-specific documentation including existing network
characteristics
Identifying infrastructure connectivity and power requirements
Understanding RF coverage requirements
Understanding application requirements
4.2 Define and differentiate between the following WLAN system
architectures and understand site survey concepts related to each
architecture. Identify and explain best practices for access point placement
and density.
Multiple Channel Architecture (MCA)
Single Channel Architecture (SCA)
4.3 Describe the primary purpose and methodology of manual and
predictive site surveys
4.4 Define the need for and the use of a manual site survey tool and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
differentiate between the following manual site survey types
Active surveys
Passive surveys
4.5 Differentiate between manual and predictive site surveys
Advantages and disadvantages of each site survey methodology
4.6 Define the need for and use of site survey software or a protocol
analyzer in a manual site survey as it relates to identifying, locating, and
assessing nearby WLANs
4.7 Differentiate between site survey methods for indoor and outdoor
wireless service
4.8 Define the need for and use of a spectrum analyzer in a site survey
Identification and location of interference sources
Differentiation of Wi-Fi and non-Wi-Fi interference sources
4.9 Understand industry best practices for optimal use of directional and
omni-directional antennas in site surveys
Applications, Support, and Troubleshooting - 15%
5.1 Identify deployment scenarios for common WLAN network types and
suggest best practices for these scenarios.
Small Office/Home Office (SOHO)
Extension of existing networks into remote locations
Building-to-building connectivity
Public wireless hotspots
Carpeted office, education, industrial, and healthcare
Last-mile data delivery – Wireless ISP
High density environments
5.2 Recognize common problems associated with wireless networks and
their symptoms, and identify steps to isolate and troubleshoot the
problem. Given a problem situation, interpret the symptoms and the most
likely cause.
Throughput problems
||||||||||||||||||||
||||||||||||||||||||
Connectivity problems
RF coverage or capacity problems
Interference from Wi-Fi or non-Wi-Fi sources
Application performance problems
RF performance problems, such as multipath and hidden nodes
5.3 Identify procedures to optimize wireless networks.
Infrastructure hardware selection and placement
Identifying, locating, and removing sources of interference
Client load-balancing and infrastructure redundancy
Analyzing infrastructure capacity and utilization
Security & Monitoring - 10%
6.1 Identify and describe the following legacy WLAN security technologies.
SSID Hiding
WEP
MAC Filtering
6.2 Understand the basic operation of and implementation best practices
for the following WLAN security technologies.
WPA- and WPA2-Personal
WPA- and WPA-2 Enterprise
802.1X/EAP
AAA and RADIUS
Encryption – TKIP/CCMP
6.3 Understand the basic functions and implementation best practices for
the following WLAN security technologies.
Role Based Access Control (RBAC)
Virtual Private Networking (VPN)
Wireless Intrusion Prevention Systems (WIPS)
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Captive Portals
Network management and monitoring systems
Exam domains and objectives are subject to change at any time
without prior notice and at CWNP’s sole discretion. Please visit their
website (www.cwnp.com) for the most current information.
||||||||||||||||||||
||||||||||||||||||||
CWS Exam Objectives
Knowledge Domain
Percentage
Understand Basic RF Hardware and Functions 15%
Identify 802.11 Features and Functions
30%
Identify Wireless LAN Hardware and Software 30%
Understand Organizational Goals
25%
Understand Basic RF Hardware and Functions -15%
1.1 Identify RF characteristics
1.1.1 RF waves
1.1.2 Amplitude
1.1.3 Frequency
1.1.4 Wavelength
1.2 Explain basic RF behaviors
1.2.1 Reflection
1.2.2 Absorption
1.2.3 Signal strength
1.3 Understand antenna types
1.3.1 Omnidirectional
1.3.2 Semi-directional
1.3.3 Highly directional
1.3.4 Internal vs. external
Identify 802.11 Features and Functions - 30%
2.1 Know the frequency bands used
2.1.1 2.4 GHz – 802.11b/g/n
2.1.2 5 GHz – 802.11a/n/ac
2.1.3 Sub-1 GHz – 802.11ah
2.1.4 60 GHz – 802.11ad
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
2.2 Identify Physical Layer (PHY) characteristics
2.2.1 Data rates
2.2.2 Bands used
2.2.3 Supported technologies (laptops, tablets, video devices, Internet
of Things (IoT))
2.3 Select appropriate channels
2.3.1 Channel selection best practices
2.3.2 Common channel selection mistakes
2.4 Identify factors impacting wireless LAN (WLAN) performance
2.4.1 Coverage requirements
2.4.2 Capacity requirements
2.4.3 Required features
2.4.4 Poor configuration and implementation
2.5 Explain the basic differences between WPA and WPA2 security
2.5.1 Authentication and key management
2.5.2 Encryption
2.5.3 Personal vs. Enterprise
2.6 Describe features of enhanced 802.11 functions
2.6.1 Mesh
2.6.2 Quality of Services (QoS)
2.6.3 SISO vs. MIMO
2.6.4 Dynamic Rate Switching (DRS)
2.6.5 Backwards compatibility
Identify Wireless LAN Hardware and Software - 30%
3.1 Identify AP features and capabilities
3.1.1 PHY support
3.1.2 Single-band vs. dual-band
||||||||||||||||||||
||||||||||||||||||||
3.1.3 Output power control
3.1.4 Operational modes
3.1.5 Multiple-SSID support
3.1.6 Guest access
3.1.7 Security features
3.1.8 Management interfaces
3.1.9 Internal and external antennas
3.1.10 PoE support
3.2 Describe AP management systems
3.2.1 Autonomous
3.2.2 Controller
3.2.3 Cloud
3.2.4 Management systems
3.3 Determine capabilities of client devices
3.3.1 PHY support
3.3.2 Single-band vs. multi-band
3.3.3 Support for MIMO
3.3.4 Supported channels in 5 GHz
3.3.5 Supported security options
3.4 Identify when Power over Ethernet (PoE) should be used
3.5 Explain the requirements of fast and secure roaming for non-technical
professionals
3.5.1 Latency requirements for streaming communications
3.5.2 Pre-authentication
3.5.3 Key caching methods
3.6 Understand the basic requirements for voice over WLAN (VoWLAN)
3.6.1 Latency
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
3.6.2 Jitter
3.6.3 Signal strength
3.7 Determine the best solution for BYOD and guest access
3.7.1 User provisioning
3.7.2 Captive portals
3.7.3 Device and software control solutions
Understand Organizational Goals - 25%
4.1 Understand issues in common vertical markets
4.1.1 Standard Enterprise Offices
4.1.2 Healthcare
4.1.3 Hospitality
4.1.4 Conference Centers
4.1.5 Education
4.1.6 Government
4.1.7 Retail
4.1.8 Industrial
4.1.9 Emergency Response
4.1.10 Temporary Deployments
4.1.11 Small Office/Home Office (SOHO)
4.1.12 Public Wi-Fi
4.2 Gather information about existing networks
4.2.1 Network diagrams
4.2.2 Wi-Fi implementations
4.2.3 Neighbor networks
4.2.4 Available network services
4.2.5 PoE availability
4.3 Discover coverage and capacity needs
||||||||||||||||||||
||||||||||||||||||||
4.3.1 Define coverage areas
4.3.2 Define capacity zones
4.4 Discover client devices and applications in use
4.4.1 Laptops, tablets, mobile phones, desktops, and specialty devices
4.4.2 Real-time applications
4.4.3 Standard applications (e-mail, web browsing, database access,
etc.)
4.4.4 Data-intensive applications (file downloads/uploads, cloud
storage, cloud backup, etc.)
4.5 Determine the need for outdoor coverage networks and bridge links
4.5.1 Bridge link distance and required throughput
4.5.2 Outdoor areas requiring coverage
4.5.3 Use cases for outdoor access
4.6 Define security constraints
4.6.1 Regulatory
4.6.2 Industry standards and guidelines
4.6.3 Organizational policies
4.7 Discover use cases and access types
4.7.1 Authorized users
4.7.2 Onboarded guest access
4.7.3 Public Wi-Fi
4.8 Match organizational goals to WLAN features and functions
Exam domains and objectives are subject to change at any time
without prior notice and at CWNP’s sole discretion. Please visit their
website (www.cwnp.com) for the most current information.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
CWT Exam Objectives
Knowledge Domain
Percentage
Basic RF Characteristics
15%
WLAN Client Features and Capabilities
25%
WLAN AP Features and Capabilities
25%
Configuration of 802.11 Security Parameters
20%
Troubleshooting Common WLAN Connection Issues 15%
Basic RF Characteristics - 15%
1.1 Describe RF signal characteristics
1.1.1 Frequency
1.1.2 Amplitude
1.1.3 Phase
1.1.4 Wavelength
1.2 Explain RF behaviors and signal propagation
1.2.1 Gain and loss
1.2.2 Reflection
1.2.3 Refraction
1.2.4 Scattering
1.2.5 Diffraction
1.2.6 Absorption
1.2.7 Free space path loss
1.3 Understand how to detect RF signal factors
1.3.1 Wi-FI scanner tools
1.3.2 Client signal strength reports
1.3.3 RSSI vs. dBm
1.3.4 Output power vs. received signal strength
1.4 Create basic RF channel plans
||||||||||||||||||||
||||||||||||||||||||
1.4.1 Available 2.4 GHz channels
1.4.2 Available 5 GHz channels
1.4.3 Regulatory constraints on channel selection
1.4.4 Best practices for channel selection
1.4.5 Co-Channel Interference (CCI)
1.5 Describe the basic differences among antenna types
1.5.1 Omnidirectional
1.5.2 Semi-directional
1.5.3 Highly directional
1.5.4 Antenna mounting kits
1.6 Select the appropriate external antenna when required
1.6.1 Antenna pattern charts
1.6.2 Antenna cables and connectors
1.6.3 Passive antenna gain
WLAN Client Features and Capabilities - 25%
2.1 Describe client types and varying capabilities
2.1.1 Laptops
2.1.2 Tablets
2.1.3 Mobile phones
2.1.4 Desktops
2.1.5 Specialty devices (video cameras, Wi-Fi peripheral connections,
printers, IoT, etc.)
2.2 Explain the basic WLAN location processes
2.2.1 Passive scanning
2.2.2 Active scanning
2.3 Describe the basic steps required in the WLAN connection process
2.3.1 Authentication
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
2.3.2 Association
2.3.3 802.1X/EAP authentication
2.3.4 4-way handshake
2.4 Determine the channels and streams supported by client devices
2.4.1 2.4 GHz channels
2.4.2 5 GHz channels
2.4.3 Channel widths
2.4.4 Number of spatial streams (1x1, 2x2, 3x3, etc.)
2.5 Configure client devices
2.5.1 Configure client drivers for optimum performance (band
preference, roaming threshold, regulatory domain, etc.)
2.5.2 Configure various client operating systems for wireless
connectivity, including security parameters
2.5.2.1 Windows
2.5.2.2 Mac OS
2.5.2.3 Chrome OS
2.5.2.4 Linux
2.5.2.5 Tablets and mobile phones (iOS and Android)
WLAN AP Features and Capabilities - 25%
3.1 Identify AP features and capabilities and understand configuration
options related to them
3.1.1 PHY support
3.1.2 Single-band vs. dual-band
3.1.3 Output power control
3.1.4 Operational modes
3.1.5 Multiple-SSID support
3.1.6 Guest access
3.1.7 Security features
||||||||||||||||||||
||||||||||||||||||||
3.1.8 Management interfaces (web-based, CLI, remote CLI)
3.1.9 Internal and external antennas
3.1.10 PoE support
3.2 Select appropriate mounting kits for a specified installation location
3.2.1 Wall mount
3.2.2 Pole/mast mount
3.2.3 Ceiling mount
3.3 Ensure proper PoE provisioning when required
3.3.1 Power levels required
3.3.2 PoE switches
3.3.3 PoE injectors
3.3.4 Testing power availability
3.4 Configure APs as standalone devices
3.4.1 Admin account credentials
3.4.2 Administration interfaces
3.4.3 Wireless network profiles
3.4.4 Security parameters, including authentication, authorization and
encryption
3.5 Validate AP wired interface connectivity
3.5.1 IP configuration
3.5.2 Internet access
3.5.3 Infrastructure service access
3.5.4 Appropriate Ethernet switch port settings
3.6 Validate proper AP WLAN configuration
3.6.1 Client connectivity
3.6.2 Accurate security settings
3.6.3 Client throughput performance
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Configuration of 802.11 Security Parameters - 20%
4.1 Understand the basics of 802.11 standard security solutions
4.1.1 WPA vs. WPA2
4.1.2 Personal vs. Enterprise
4.1.3 Pre-Shared Key
4.1.4 802.1X/EAP
4.1.5 Common EAP methods
4.2 Identify legacy security technologies that should not be used
4.2.1 WEP
4.2.2 Shared Key Authentication
4.2.3 Hidden SSIDs
4.2.4 MAC filtering
4.3 Configure security parameters in an AP
4.3.1 Pre-Shared Key
4.3.2 RADIUS server
4.3.3 802.1X/EAP
4.3.4 WPA-WPA2
4.4 Configure security parameters in a client device
4.4.1 Pre-Shared Key
4.4.2 802.1X/EAP
4.4.3 WPA/WPA2
Troubleshooting Common WLAN Connection Issues - 15%
5.1 Troubleshoot connectivity problems
5.1.1 Configuration errors
5.1.2 Interference
5.1.3 Poor signal strength
5.1.4 Driver issues
||||||||||||||||||||
||||||||||||||||||||
5.1.5 Supplicant issues
5.1.6 Feature incompatibility
5.2 Troubleshoot performance problems
5.2.1 Configuration errors
5.2.2 Interference
5.2.3 Low data rates
5.2.4 Co-channel interference (CCI)
5.3 Troubleshoot security problems
5.3.1 Configuration errors
5.3.2 Incorrect passphrases
5.3.3 Incompatible EAP methods
5.4 Troubleshoot mobility problems
5.4.1 Configuration errors
5.4.2 Improper network settings
5.4.3 Unsupported fast roaming methods
5.4.4 Non-implemented roaming feature
Exam domains and objectives are subject to change at any time
without prior notice and at CWNP’s sole discretion. Please visit their
website (www.cwnp.com) for the most current information.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Assessment Test
1. What two software items must be installed on a notebook computer prior
to connecting to a wireless network? (Choose two.)
A. Site survey software
B. Device driver software
C. Signal strength software
D. Client utility software
E. AutoConfig software
2. IEEE 802.11 WLAN technology operates at which two layers of the OSI
model?
(Choose two.)
A. Physical
B. Data Link
C. Network
D. Transport
E. Application
3. The amount of output power and usable frequency ranges for WLAN
devices is determined by which organization?
A. Wireless Ethernet Compatibility Alliance
B. Wi-Fi Alliance
C. Institute of Electrical and Electronics Engineers
D. Local regulatory authorities
4. Which statement is accurate regarding controller-managed access points
compared to autonomous access points?
A. Controller-managed access points are considered legacy technology,
and the priority should be to select an appropriate upgrade path.
B. Controller-managed access points connect together with at least two
paths for every access point, whereas autonomous access points do
not.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
C. Controller-managed access points can be centrally configured, whereas
autonomous access points must be individually managed.
D. Controller-managed access points require a separate radio for
management functions and therefore can be more expensive to
implement than autonomous access points.
5. Wireless repeaters are devices in wireless networking that are
____________.
A. Used to extend the radio frequency cell of an access point
B. Used to repeat and strengthen the RF signal for better performance
C. Used as a backup solution in the event of an access point failure
D. Used to increase the bandwidth of the WLAN
6. Some common wireless personal area network (WPAN) devices, such as
Bluetooth, use a communication technology that has the potential to
interfere with IEEE 802.11g/n WLANs. What is the name for this
technology?
A. FHSS
B. DSSS
C. HR/DSSS
D. HR/FHSS
E. ERP-OFDM
7. The manual site survey process allows the site surveyor to perform the
survey in one of two modes. What are these two modes? (Choose two.)
A. Passive
B. Visual
C. Predictive
D. Active
E. Placement
8. A third-party client utility such as Microsoft Windows AutoConfig can be
used with ____________.
A. SOHO implementations
||||||||||||||||||||
B. Enterprise implementations
C. Both A and B
D. Neither A nor B
9. Which of the following options are required components of the gathering
of technical information for an IEEE 802.11n/ac WLAN site survey in a
new installation? (Choose three.)
A. Number of devices
B. Applications in use
C. Other IEEE 802.11 wireless networks
D. Cost of equipment
10. Manufacturers’ client software utilities for WLAN adapters
____________.
A. Allow for ease of additional configurations
B. Are required in order for the adapter to operate
C. Are usually available at an additional fee
D. Are generic regardless of the manufacturer
11. An independent basic service set (IBSS) requires a minimum of how many
access points?
A. 0
B. 1
C. 2
D. 3
12. What is the horizontal angle of measurement in degrees of an
omnidirectional antenna with a gain of 2.2 dBi?
||||||||||||||||||||
A. 0
B. 90
C. 180
D. 270
E. 360
Technet24.ir
||||||||||||||||||||
13. Which IEEE 802.11 amendment specified the use of four radio chains per
band and multiple input/multiple output (MIMO) technology to transmit
data?
A. 802.11
B. 802.11a
C. 802.11g
D. 802.11h
E. 802.11n/ac
14. Which amendment to the standard operates in the 2.4 GHz ISM band and
supports maximum data rates of up to 54 Mbps?
A. 802.11a
B. 802.11b
C. 802.11g
D. 802.11n/ac
15. An HR/DSSS channel used to transmit data in an IEEE 802.11b/g/n
WLAN is ____________ wide.
A. 2.412 GHz
B. 5.160 GHz
C. 11 MHz
D. 22 MHz
E. 40 MHz
16. IEEE 802.11g/n wireless networks can operate in which unlicensed RF
band?
A. 902 – 928 MHz ISM
B. 2.400 – 2.500 GHz ISM
C. 5.725 – 5.825 GHZ UNII
D. 5.250 – 5.350 GHz UNII
E. 5.725 – 5.875 GHz ISM
17. What network type is usually contained in the same physical area and
||||||||||||||||||||
||||||||||||||||||||
typically bounded by the perimeter of a building?
A. Local area network (LAN)
B. Campus area network (CAN)
C. Wide area network (WAN)
D. Metropolitan area network (MAN)
18. Which Data Link layer (Layer 2) security methods are weak and should
not be used to secure an IEEE 802.11 WLAN? (Choose three.)
A. SSID hiding
B. WPA
C. VPN
D. WEP
E. WPA 2.0
F. RBAC
G. MAC filtering
19. Which RF channels are considered nonoverlapping for an IEEE 802.11g/n
network that is using HR/DSSS modulation technology? (Choose two.)
A. 1 and 4
B. 6 and 9
C. 1 and 6
D. 3 and 7
E. 11 and 13
F. 2 and 7
20. What can have a negative effect on the capacity of an IEEE
802.11a/b/g/n/ac WLAN access point?
||||||||||||||||||||
A. Reflections caused by furnishings
B. Frequency range in use
C. Number of associated users
D. Output power of access point
Technet24.ir
||||||||||||||||||||
21. What could cause low throughput in an 802.11a/b/g/n/ac wireless
network?
A. Access point output power is too high.
B. Too many client devices are associated.
C. Load-balancing features are moving clients.
D. The clients are too close to the access points and are overpowered.
22. What can contribute to voltage standing wave ratio (VSWR) in an IEEE
802.11a/b/g/n/ac WLAN circuit?
A. Output power of the access point
B. Impedance mismatch
C. Gain of an antenna
D. Attenuation value of cable
23. IEEE 802.11 open system authentication is ____________ in an IEEE
802.11-2016 wireless network.
A. Flawed
B. Optional
C. Secure
D. Required
24. The service set identifier (SSID) in an IEEE 802.11 WLAN is also known
as what?
A. The name of the wireless network
B. The Media Access Control address of the radio
C. The name of the access point
D. The wireless medium identifier
25. What does the term authenticator identify in an IEEE 802.1x secure
WLAN?
||||||||||||||||||||
A. The RADIUS server
B. The access point
C. The client device
||||||||||||||||||||
D. The RAS server
26. A virtual private network (VPN) most commonly operates at which layer
of the OSI model?
A. Physical, Layer 1
B. Data Link, Layer 2
C. Network, Layer 3
D. Transport, Layer 4
E. Application, Layer 7
27. You are a WLAN engineer hired to perform a predictive modeling site
survey for a 150,000-square-foot office building. This space includes
walled offices as well as cubicles. What is an advantage of a predictive
modeling site survey over a manual survey in this specific application?
A. Predictive modeling site surveys are the most accurate survey type
available, including determining RF coverage and interference.
B. Predictive modeling site surveys require much less time than a
complete manual site survey, which requires a walkthrough of the
entire facility.
C. Predictive modeling site survey software has an extensive attenuation
database and will be able to determine the interference values of any
obstructions.
D. Predictive modeling site surveys allow you to experiment with
different access point criteria and therefore never require a site visit.
28. What are some of the main factors in determining the number of access
points that will be required for an IEEE 802.11n/ac WLAN deployment?
(Choose two.)
A. Type of client devices in use
B. Number of associated client devices
C. Manufacturer of client devices
D. Applications to be used on the WLAN
29. What purpose will an 802.11 protocol analyzer provide during the manual
site survey
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
process?
A. Perform an RF analysis of the proposed area
B. Help locate sources of RF interference
C. Identify existing IEEE 802.11 wireless networks
D. Describe security requirements of the WLAN
30. What could be the cause of intermittent connectivity for a wireless client
device in an IEEE 802.11a/b/g/n/ac wireless network?
A. A weak received signal strength on the wireless client.
B. A signal-to-noise ratio of 35 dB and RSSI of –60 dBm.
C. The access point power is set too high and overpowering the client
device.
D. The WLAN radio in the client device is disabled.
31. Which layers of the OSI model do not specifically address WLAN
technology? (Choose three.)
A. Session
B. Network
C. Physical
D. Application
E. Data Link
32. The signal-to-noise ratio (SNR) is the difference between the
____________ and the ____________.
A. Noise floor
B. RF channel
C. Fresnel zone
D. RF line of sight
E. Received signal
33. If an autonomous access point is set to what is commonly referred to as
root mode, it will be able to perform which function?
||||||||||||||||||||
A. Connect to a distribution system and allow client devices to send
||||||||||||||||||||
information to other devices
B. Connect to a distribution system as a root bridge and allow two or
more LANs to connect wirelessly
C. Connect to a distribution system but be seldom used, as this mode
requires extensive configuration
D. Connect to a distribution system as a repeater, which allows the RF cell
to be extended
34. Wi-Fi Protected Access 2 (WPA 2.0) requires ____________ for the
encryption mechanism and ____________ for the cipher.
A. TKIP, RC4
B. TKIP, RC5
C. WEP, RC4
D. CCMP, RC4
E. CCMP, AES
35. The access method that an IEEE 802.11n/ac wireless network would use
to get control of the wireless medium in order to transmit data is called
what?
A. CSMA/CD
B. FHSS/CCK
C. HR/DSSS
D. CSMA/CA
E. CSMA/DSSS
36. An antenna will propagate RF energy in specific radiation patterns, both
horizontally and vertically. How do antenna manufacturers identify the
horizontal radiation patterns?
A. Elevation
B. Azimuth
C. Dipole
D. Longitude
37. A beacon is an example of what type of frame used in an IEEE 802.11
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
WLAN?
A. Control
B. Management
C. Data
D. Null function
38. What is the difference between a consumer-grade Wi-Fi router and a WiFi access point?
A. Consumer-grade Wi-Fi routers offer peer-to-peer communications, but
Wi-Fi access points do not.
B. Consumer-grade Wi-Fi routers are a combination of a router and a WiFi access point.
C. Consumer-grade Wi-Fi routers offer better security options than Wi-Fi
access points.
D. Consumer-grade Wi-Fi routers can be used with wireless controllers,
but Wi-Fi access points cannot.
39. Where would be the best location to install an omnidirectional antenna
that is connected to a wireless access point?
A. At the perimeter of the RF coverage cell
B. At one end of the RF coverage cell
C. At the center of the RF coverage cell
D. At all hallway locations
40. Which tool can be used to locate areas of RF coverage and interference
from non–Wi-Fi devices?
||||||||||||||||||||
A. Protocol analyzer
B. Predictive modeling software
C. VSWR meter
D. Spectrum analyzer
E. Network discovery software
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Answers to Assessment Test
1. B, D. A device driver allows the computer operating system to control the
wireless network adapter and must be installed in order for the adapter to
function. Client utility software allows a user to configure the adapter with
network specific settings, such as the SSID and security settings. Client
utility software may be part of the computer operating system or thirdparty software provided by the manufacturer of the adapter. Site survey
software and signal strength software may be part of the client utility
software. AutoConfig is a service that runs on a Microsoft Windows
computer. For more information, see Chapter 3.
2. A, B. IEEE 802.11 WLAN technology operates at the Layer 1 (Physical) and
Layer 2 (Data Link) layers of the OSI model. The Network layer is
responsible for addressing and routing of frames and is where IP
addresses are used. The Transport layer is responsible for connectionoriented or connectionless protocols, and the Application layer is the
“interface to the user.” For more information, see Chapter 1.
3. D. Local regulatory authorities manage the RF spectrum used in both
unlicensed and licensed applications. The IEEE creates standards, and the
Wi-Fi Alliance certifies devices for interoperability. Wireless Ethernet
Compatibility Alliance is the former name of the Wi-Fi Alliance. For more
information, see Chapter 2.
4. C. Controller-managed access points can be centrally managed by a
hardware controller. Autonomous access points are considered standalone devices and require individual management. Mesh access points
require at least two paths for every access point. Controller-managed
access points are not legacy technology, are implemented in very large
networks, and do not require a separate radio for management functions.
For more information, see Chapter 3.
5. A. A wireless repeater—which in most cases is a function of an access
point—will extend the RF cell to allow users at a greater distance to
connect. This will have an impact on throughput for users connected to
the repeater, and this solution is recommended only when necessary. For
more information, see Chapter 3.
6. A. Some wireless personal networks (WPANs), such as Bluetooth, use
FHSS for communications. This will potentially interfere with IEEE
Technet24.ir
||||||||||||||||||||
802.11 wireless networks. DSSS, HR/DSSS, and ERP-OFDM are all used in
WLANs. HR/FHSS does not exist. For more information, see Chapter 7.
7. A, D. Passive and active are the two modes in which a manual site survey
can be performed. Passive mode monitors all RF, and active mode requires
a client association. For more information, see Chapter 9.
8. C. Third-party client utilities such as Microsoft’s AutoConfig can be used
in either SOHO or enterprise implementations. Because this utility is built
into the Microsoft Windows operating system, it is very common in both
types of installations. See Chapter 3 for more information.
9. A, B, C. The number of devices, applications both hardware and software,
and other IEEE 802.11 wireless networks are technical areas that must be
known for a new IEEE 802.11 WLAN installation. The cost of the
equipment does not fall under the technical category. For more
information, see Chapter 9.
10. A. Most manufacturers that offer utilities for WLAN adapters allow for
additional configuration above and beyond the settings that are included
with an operating system. Manufacturer utilities are not required for the
adapter to operate, because some settings can be made in the device driver
or a third-party client utility. Unless it is specialty client software, the
utility is usually included with the adapter and is not subject to additional
fee. Manufacturers’ client software utilities are unique to only those
adapters and will not work across manufacturers. See Chapter 3 for more
information.
11. A. An independent basic service set (IBSS) is an ad hoc network that is
used for peer-to-peer communications. No access points are used in an
IBSS implementation. For more information, see Chapter 6.
12. E. An omnidirectional antenna has a horizontal radiation pattern of 360
degrees. The vertical radiation pattern will vary based on the gain of the
antenna. This measurement is known as the beamwidth and is used for
both horizontal and vertical radiation patterns. Beamwidth is measured at
the –3dB or half-power point. For more information, see Chapter 5.
13. E. 802.11n/ac with MIMO can use up to four radios in the 2.4 GHz ISM
band (802.11n) and up to eight radios the 5 GHz UNII band (802.11ac).
802.11a/g uses one radio per band but can use two antennas for diversity.
802.11h is for spectrum management. For more information, see Chapter
||||||||||||||||||||
||||||||||||||||||||
7.
14. C. The IEEE 802.11g amendment and the 802.11a amendment both
support up to 54 Mbps maximum data rates. Of the two amendments,
however, only 802.11g operates in the 2.4 GHz ISM band. 802.11b also
operates in the 2.4 GHz ISM band but only supports a maximum data rate
of 11 Mbps. The IEEE 802.11n/ac amendment allows support of up to 600
Mbps for devices operating in the 2.4 GHz ISM band. IEEE 802.11ac is 5
GHz only. For more information, see Chapter 2.
15. D. Both DSSS and HR/DSSS channels are 22 MHz wide. 2.412 GHz and
5.160 GHz is the center frequency of some channels used. For more
information, see Chapter 7.
16. B. IEEE 802.11g/n networks operate in the 2.4 GHz ISM band. 802.11a
networks operate in the 5 GHz UNII band. IEEE 802.11ah networks, also
known as sub-1G wireless networks, will allow for use in the 900 MHz
ISM band. For more information, see Chapter 4.
17. A. A local area network (LAN) is usually contained in the same physical
area and typically bounded by the perimeter of a building. A campus area
network (CAN) includes a set of interconnected LANs within an office or
school campus and is usually within a limited geographical area. A wide
area network (WAN) mostly consists of point-to-point or point-tomultipoint connections between two or more LANs. A metropolitan area
network (MAN) consists of networks that may span from several blocks of
buildings to entire cities. For more information, see Chapter 1.
18. A, D, G. SSID hiding, WEP, and MAC filtering are legacy security
mechanisms for IEEE 802.11 wireless networks and should not be used.
WPA and WPA 2.0 are Wi-Fi certifications and are more advanced. Virtual
private network (VPN) is a Layer 3 security solution typically used for
remote access. RBAC is role-based access control. For more information,
see Chapter 8.
19. C, F. In the 2.4 GHz ISM band, 25 MHz or 5 channels of separation is
considered nonoverlapping. Based on the IEEE 802.11-2016 Standard
Clause 17, HR/DSSS channels must be separated by 25 MHz or greater in
order to be considered nonoverlapping. For more information, see Chapter
4.
20. C. The number of associated users will affect the capacity of an access
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
point. The frequency range will affect the propagation as well as the
output power. Reflections will cause multipath in IEEE 802.11a/g
networks, but 802.11n/ac networks can benefit from multipath. For more
information, see Chapter 4.
21. B. Low throughput may occur when too many client devices are associated
to an access point and cause overloading. Load balancing would help to
solve this problem. Because of DRS, the closer the client device is to an
access point, the better the throughput. For more information, see
Chapter 11.
22. B. An impedance mismatch between connections in a WLAN system will
cause VSWR. The gain of an antenna is a relative value that has to do with
the size or shape of the RF pattern emitted. Attenuation of cable adds to
the overall loss of the system. For more information, see Chapter 5.
23. D. Open system authentication is addressed in the original IEEE 802.11
standard and allows a wireless client device to perform an IEEE 802.11
authentication to an access point in order to allow an IEEE 802.11
association. Shared-key authentication is legacy and flawed, and either
cannot or should not be used. Open system authentication is a “null”
authentication, is automatic and not secure but is required for a client
device to connect to an access point. For more information, see Chapter 6.
24. A. The SSID is the name that identifies a wireless network. The MAC
address of the access point radio is the BSSID. For more information, see
Chapter 6.
25. B. 802.1X is for port-based access control, and the terminology for the
access point is authenticator. The RADIUS server is the authentication
server, and the client device is a supplicant. The RAS server is the
predecessor to RADIUS. For more information, see Chapter 8.
26. C. A virtual private network (VPN) solution is a Layer 3 (Network) security
solution and is commonly used for remote access connectivity from
unsecured networks, such as hotspots. For more information, see Chapter
8.
27. B. A predictive modeling site survey will minimize the time required onsite for testing and analysis. This site survey will be accurate if the
information about the location input is accurate. A manual site survey
requires a walkthrough of the area and can be time consuming. For more
||||||||||||||||||||
||||||||||||||||||||
information, see Chapter 9.
28. B, D. The number of associated devices is an important determining factor
in the number of access points required for a WLAN deployment as well as
the software and hardware applications that may be used. The type and
manufacturer of devices are not concerns. For more information, see
Chapter 9.
29. C. A protocol analyzer will help identify existing IEEE 802.11 WLANs in an
area and provide other information about these networks that can be used
in the RF site survey/design process. An RF analysis is performed by a
spectrum analyzer, which will also help locate sources of RF interference.
A protocol analyzer can help identify security-related issues from existing
wireless networks but will not describe security requirements of a new
WLAN. For more information, see Chapter 9.
30. A. The received signal strength represents how much of a transmitted
signal is being received. If this signal is weak, the difference between the
signal and noise may not be high enough to recover the data. If the power
on an access point is high, it would provide more received signal. A signalto-noise ratio of 35 dB and RSSI of –60 dBm is more than adequate. If the
radio on the client were disabled, it would not be able to connect at all. For
more information, see Chapter 11.
31. A, B, D. WLAN technology operates and is specified at Layer 1 (Physical)
and Layer 2 (Data Link) of the OSI model. The Session layer opens, closes,
and manages sessions between end-user application processes. The
Network layer is responsible for addressing and routing functions of data.
The Application layer is the interface to the user. For more information,
see Chapter 1.
32. A, E. The SNR is the difference between the received signal and the noise
floor. The common noise floor value is –95 dBm, and an acceptable
receive signal is –65 dBm. Therefore, the SNR is 30 dB. The RF channel is
a specified frequency a WLAN operates in. The Fresnel zone consists of a
number of concentric ellipsoidal volumes that surround the direct, RF line
of sight between two points, such as an RF transmitter and receiver. For
more information, see Chapter 4.
33. A. Most enterprise-level autonomous access points have the capability to
operate in root, repeater, or bridge modes. Root mode is the most
common. Root mode allows devices to authenticate, associate, and access
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
network resources and services. For more information, see Chapter 3.
34. E. Wi-Fi Protected Access 2 (WPA 2.0) requires CCMP/AES. TKIP/RC4 is
optional. WEP/RC4 is legacy and should not be used; it cannot be used
with a robust secure network. RC5 is a stream cipher and not used with
IEEE 802.11 WLANs. CCMP uses AES, not RC4. For more information, see
Chapter 2.
35. D. CSMA/CA stands for Carrier Sense Multiple Access/Collision
Avoidance and is used as an access method for WLANs to share the
communication medium, which is the air. CSMA/CD is Carrier Sense
Multiple Access/Collision Detection and is used with Ethernet networks.
FHSS/CCK and HR/DSSS are spread-spectrum technologies used with
some standards or amendments. CSMA/DSSS does not exist. For more
information, see Chapter 7.
36. B. The technical term for the horizontal radiation pattern is azimuth. The
elevation is the vertical radiation pattern. For more information, see
Chapter 5.
37. B. A beacon frame is a management frame and is used to advertise
information about the WLAN. For more information, see Chapter 6.
38. B. A consumer-grade Wi-Fi router is a combination of a router and a Wi-Fi
access point, two different functions contained in the same physical
device. Both consumer-grade Wi-Fi routers and access points will allow
for peer-to-peer communications between the devices that are connected
to the same access point. Consumer-grade Wi-Fi routers do not offer
better security options than access points; however, enterprise-grade
access points will offer more extensive security options, and consumergrade Wi-Fi routers are usually not able to operate with WLAN
controllers. For more information, see Chapter 3.
39. C. The best location to install an omnidirectional antenna is in the center
of the RF coverage area. Access points installed at the perimeter of an RF
coverage area would be used for location services. A patch/panel antenna
would be best installed at one end of the RF coverage area. It is best to
avoid hallway installations unless they are justified by the WLAN design.
For more information, see Chapter 5.
40. D. A spectrum analyzer is used to view RF coverage and interference from
non–Wi-Fi devices. A protocol analyzer is a tool that can be used to
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
troubleshoot 802.11 WLAN problems. Predictive modeling software is
used to aid in the design of a WLAN. A voltage standing wave ratio
(VSWR) meter is used to measure the impedance mismatch of a system.
Network discovery software is used to find information about 802.11
devices in an area. For more information, see Chapter 9.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Chapter 1
Computer Networking Fundamentals
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.4 Explain the role of Wi-Fi as a network access technology
It is important to have an understanding of basic computer
networking concepts before you begin exploring the world of over-the-air
(wireless) networking technology, wireless terminology, and mobility. This
chapter looks at various topics surrounding foundational computer
networking, including computer network types, computer topologies, the OSI
model, and network device addressing. It is intended to provide an overview
of basic computer networking concepts as an introduction for those who need
to gain a basic understanding or for those already familiar with this
technology and want a review of these concepts.
You will learn about the various types of wireless networks—including
wireless personal area networks (WPANs), wireless local area networks
(WLANs), wireless metropolitan area networks (WMANs), and wireless wide
area networks (WWANs)—in Chapter 2, “Wireless Local Area Networking,
Standards, and Certifications.”
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Network Types
Computer networking technology has evolved at a tremendous pace over the
past couple of decades, and many people across the world now have some
type of exposure to the technology. Initially, personal computers were
connected, or networked, to share files and printers and to provide central
access to the users’ data. This type of network was usually confined to a few
rooms or within a single building and required some type of cabled physical
infrastructure. As the need for this technology continued to grow, so did the
types of networks. Computer networking started with the local area network
(LAN) and grew on to bigger and better types, including wide area networks
(WANs), metropolitan area networks (MANs), and others. The following are
some of the common networking types in use today:
Local area networks (LANs)
Wide area networks (WANs)
Metropolitan area networks (MANs)
Campus area networks (CANs)
Personal area networks (PANs)
You may also come across the term storage area network (SAN).
The SAN is basically a separate subnet for offloading large amounts of
data used within an enterprise network. High-speed connections are used,
so the data is easily accessible because it appears to be part of the
network. The connections are commonly Fibre Channel or iSCSI utilizing
the TCP/IP protocol.
Most computer networks today contain some type of wireless connectivity or
may consist of mostly wireless connectivity. The need for wireless networking
and mobility continues to be in great demand and is growing at a rapid pace.
The Local Area Network
A local area network (LAN) can be defined as a group of devices connected in
a specific arrangement called a topology. The topology used depends on
||||||||||||||||||||
||||||||||||||||||||
where the network is installed. Some common legacy topologies (such as the
bus and ring) and more modern topologies (such as the star and mesh) are
discussed later in this chapter. LANs are contained in the same physical area
and usually are bounded by the perimeter of a room or building. In some
cases, however, a LAN may span a group of buildings in close proximity that
share a common physical connection.
Early LANs were used primarily for file and print services. File services
enabled users to store data securely and provided a centralized location of
data for accessibility even when the user was physically away from the LAN.
This central storage of data also gave a network administrator the ability to
back up and archive all the saved data for disaster recovery purposes. As for
print services, it was not cost effective to have a physical printer at every desk
or for every user, so LANs allowed the use of shared printers for any user
connected to the LAN. Figure 1.1 illustrates a LAN that includes both wired
and wireless networking devices.
FIGURE 1.1 Example of a local area network (LAN)
The Wide Area Network
As computer networking continued to evolve, many businesses and
organizations that used this type of technology needed to expand the LAN
beyond the physical limits of a single room or building. These networks
covered a larger geographical area and became known as wide area networks
(WANs). As illustrated in Figure 1.2, WAN connectivity mostly consists of
point-to-point or point-to-multipoint connections between two or more LANs.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The LANs may span a relatively large geographical area. (Point-to-point and
point-to-multipoint connections are discussed later in this chapter.) The
WAN has allowed users and organizations to share data files and other
resources with a much larger audience than a single LAN would.
FIGURE 1.2 Example of a wide area network (WAN) connecting two LANs
WANs can use leased lines from telecommunication providers (commonly
known as telcos), fiber connections, and even wireless connections. The use
of wireless for bridging LANs is growing at a fast pace because it can often be
a cost-effective solution for connecting LANs.
The Metropolitan Area Network
The metropolitan area network (MAN) interconnects devices for access to
computer resources in a region or area larger than that covered by LANs but
yet smaller than the areas covered by WANs. A MAN consists of networks
that are geographically separated and can span from several blocks of
buildings to entire cities (see Figure 1.3). MANs include fast connectivity
||||||||||||||||||||
||||||||||||||||||||
between local networks and may include fiber optics or other wired
connectivity that is capable of longer distances and higher capacity than those
in a LAN.
FIGURE 1.3 Example of a metropolitan area network (MAN) connecting a
small town
MANs allow for connections to outside larger networks such as the Internet.
They may include cable television, streaming video, and telephone services.
Devices and connectivity used with MANs may be owned by a town, county,
or other locality, and may also include the property of individual companies.
Wireless MANs are also becoming a common way to connect the same type of
areas but without the physical cabling limitations.
The Campus Area Network
A campus area network (CAN) includes a set of interconnected LANs that
basically form a smaller version of a WAN within a limited geographical area,
usually an office or school campus. Each building within the campus
generally has a separate LAN. The LANs are often connected using fiber-optic
cable, which provides a greater distance than copper wiring using IEEE 802.3
Ethernet technology. However, using wireless connections between the
buildings in a CAN is an increasingly common way to connect the individual
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
LANs. These wireless connections or wireless bridges provide a quick, costeffective way to connect buildings in a university campus, as shown in Figure
1.4.
FIGURE 1.4 Example of a campus area network (CAN) connecting a school
campus
In a university campus environment, a CAN may link many buildings,
including all the various colleges—such as the College of Business, College of
Law, College of Engineering, and so on—as well as the university library,
administration buildings, and even residence halls. Wireless LAN
deployments are now commonplace in university residence halls. With the
rapidly increasing number of wireless mobile devices on university campuses,
the number of wireless access points and the capacity of each need to be
considered.
As in the university campus environment, a corporate office CAN may
connect all the various building LANs that are part of the organization. This
type of network will have the characteristics of a WAN but be confined to the
internal resources of the corporation or organization. Many organizations are
deploying wireless networks within the corporate CAN as a way to connect
||||||||||||||||||||
||||||||||||||||||||
various parts of the business. As with the university CAN, in the corporate
world a wireless CAN is a quick, cost-effective way to provide connectivity
between buildings and departments.
All the physical connection mediums and devices are the property of the
office or school campus, and responsibility for the maintenance of the
equipment lies with the office or campus as well.
The Personal Area Network
Personal area networks (PANs) are networks that connect devices within the
immediate area of individual people. PANs may consist of wired connections,
wireless connections, or both. On the wired side, this includes universal serial
bus (USB) devices such as printers, keyboards, and computer mice that may
be connected with a USB hub. With wireless technology, PANs are shortrange computer networks and in many cases use Bluetooth wireless
technology. Wireless Bluetooth technology is specified by the IEEE 802.15
standard and is not IEEE 802.11 wireless LAN technology. Bluetooth will be
discussed in more detail in Chapter 2. Like wired PANs, wireless PANs are
commonly used in connecting an individual’s wireless personal
communication accessories, such as phones, headsets, computer mice,
keyboards, tablets, and printers, and are centered on the individual personal
workspace without the need for physical cabling. Figure 1.5 illustrates a
typical wireless PAN configuration.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.5 Example of a wireless Bluetooth network connecting several
personal wireless devices
||||||||||||||||||||
||||||||||||||||||||
Network Topologies
A computer’s physical network topology is the actual layout or physical design
and interconnection of a computer network. A topology includes the cabling
and devices that are part of the network. In the following sections you will
learn about several different types of network topologies:
Bus
Ring
Star
Mesh
Ad hoc
Point-to-point
Point-to-multipoint
The bus, ring, star, mesh, and ad hoc topologies are typically what make up
the LAN you learned about previously. Point-to-point and point-to-multipoint
topologies can be commonly used for connecting LANs but are mostly used
for WAN connections. The size of your network will determine which
topologies will apply. If your network is a single building and not part of a
larger corporate network, the LAN topologies may be the extent of the
technologies used. Once that LAN connects to a different LAN, however, you
are moving up and scaling to a WAN.
The Bus Topology
A bus topology consists of multiple devices connected along a single shared
medium with two defined endpoints. It is sometimes referred to as a highspeed linear bus and is a single collision domain in which all devices on the
bus network receive all messages. Both endpoints of a bus topology have a
50-ohm termination device, usually a Bayonet Neill-Concelman (BNC)
connector with a 50-ohm termination resistor. The bus topology was
commonly used with early LANs but is now considered a legacy design.
One disadvantage to the bus topology is that if any point along the cable is
disconnected, damaged, or broken, the entire LAN will cease to function. This
is because the two endpoints communicate only across the single shared
medium; there is no alternative route for them to use in the event of a
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
problem.
Troubleshooting a bus network is performed by a technique known as the
half-split method. A network engineer “breaks” or separates the link at about
the halfway point and measures the resistance of the link on both ends. If the
segment measures 50 ohms of resistance, there is a good chance that side of
the LAN segment is functioning correctly. If the resistance measurement is
not 50 ohms, it signals a problem with that part of the LAN segment. The
engineer continues with this method until the exact location of the problem is
identified. Depending on the length of the segment and the type of
installation, this can be a time-consuming and tedious process.
Figure 1.6 illustrates an example of the bus topology.
FIGURE 1.6 Example of the bus topology
||||||||||||||||||||
||||||||||||||||||||
Troubleshooting the Bus Topology
Many years ago I was called to troubleshoot a problem on a small LAN
using a bus topology. The network consisted of a network file server,
about 20 client stations, and a few network printers. The users
complained of intermittent connection problems with the network. After
spending some time looking over the network, I decided to test the bus
using the half-split method and checked to verify that the cable was
reporting the correct resistance using a volt-ohm-milliammeter (VOM)
meter. Sure enough, one side of the network cable reported the correct
resistance reading, but the other side was giving intermittent results.
After spending some time repeating the troubleshooting method, I was
able to determine the problem. Someone had run the coax (bus) cable
underneath a heavy plastic office chair mat, and one of the little pegs used
to protect the flooring was causing the intermittent connection as it
struck the cable when the user moved their chair around the mat. I
quickly replaced and rerouted the section of cable in question. It is a good
thing I was there during the normal business operating hours when the
person was moving around in the chair, or I might have never found the
problem. Ah, the joys of troubleshooting a bus topology.
The Ring Topology
In the ring topology, each device connects to two other devices, forming a
logical ring pattern. The ring topology is rarely used with LANs today, but it is
still widely used by Internet service providers (ISPs) for high-speed, resilient
backhaul connections over fiber-optic links.
Ring topologies in LANs may use a token-passing access method in which
data travels around the ring in one direction. Only one device at a time will
have the opportunity to transmit data. Because this access method travels in
one direction, it does not need to use collision detection and often
outperforms the bus topology, achieving higher data transfer rates than are
possible using a collision detection access method. Each computer on the ring
topology can act as a repeater, a capacity that allows for a much stronger
signal.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The IEEE standard for LANs is IEEE 802.5, specifying Token Ring
technology. IEEE 802.5 Token Ring technology used in LANs was a very
efficient method used to connect devices, but it was usually more expensive
than the bus or star topologies. Because of the token-passing method used,
early 4 Mbps Token Ring networks could sometimes outperform a 10 Mbps
IEEE 802.3 collision-based Ethernet network. Token Ring technology speeds
increased to 16 Mbps but decreased in popularity as Ethernet speeds
increased. Even though this is a ring topology, devices are connected through
a central device and appear to be similar to devices on an Ethernet hub or
switch. Figure 1.7 shows an example of the ring topology.
FIGURE 1.7 Example of the ring topology
The Star Topology
The star topology, as shown in Figure 1.8, is the most commonly used
method of connecting devices on a LAN today. It consists of multiple devices
connected by a central connection device. Hubs, switches, and wireless access
points are all common central connection devices, although hubs are rarely
used today. The hub provides a single collision domain similar to a bus
topology. However, the Ethernet switch and wireless access point both have
||||||||||||||||||||
||||||||||||||||||||
more intelligence—the capability to decide which port specific network traffic
can be sent to. Note that in Figure 1.8, the wireless star topology includes an
Ethernet switch, which could also have extended devices connected to it with
wires. In that sense, it is possible to have a wired/wireless hybrid topology.
FIGURE 1.8 Example of a common star topology using either wired or
wireless devices
A big advantage to the star over the bus and some ring topologies is that if a
connection is broken or damaged, the entire network does not cease to
function; only a single device in the star topology is affected. The central
connection device, such as a switch or wireless access point, can be
considered a potential central point of failure.
The Mesh Topology
A device in a mesh network will process its own data as well as serving as a
communication point for other mesh devices. Each device in a mesh topology
(see Figure 1.9) has one or more connections to other devices that are part of
the mesh network. This approach provides both network resilience in case of
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
link or device failure and a cost savings compared to full redundancy. Mesh
technology can operate with both wired and wireless infrastructure network
devices. Wireless mesh networks continue to grow in popularity because of
the potential uses in various deployment models and the cost savings they
provide.
FIGURE 1.9 Mesh networks can include either wired or wireless devices.
From an IEEE 802.11 wireless perspective, wireless mesh technology has now
been standardized, although most manufacturers continue to use their
proprietary methods. The amendment to the IEEE 802.11 standard for mesh
networking is 802.11s. This amendment was ratified in 2011 and is now part
of the latest wireless LAN standard, IEEE 802.11-2016. In addition to IEEE
802.11 networks, mesh is also standardized in IEEE 802.15 personal area
networks for use with Zigbee and IEEE 802.16 wireless MAN networks.
Wireless standards will be discussed in more detail in Chapter 2.
As mentioned earlier, IEEE 802.11 wireless device manufacturers commonly
use proprietary Layer 2 routing protocols, forming a self-healing wireless
infrastructure (mesh) in which edge devices can communicate.
Manufacturers of enterprise wireless networking infrastructure devices
provide support for mesh access points (APs) such that the mesh APs connect
back to APs that are directly wired into the network backbone infrastructure.
The APs, wireless LAN controllers or software-based cloud solutions in this
case, are used to configure both the wired and mesh APs.
||||||||||||||||||||
||||||||||||||||||||
Ad Hoc Connections
In the terms of computer networking, the ad hoc network is a collection of
devices connected without a design or a plan for the purpose of sharing
information or resources. Another term for an ad hoc network is peer-to-peer
network.
In a wired peer-to-peer network, all computing devices are of equal status. In
other words, no server manages the access to network resources. All peers can
either share their own resources or access the resources of their devices on
the network.
An ad hoc wireless network is one that does not contain a distribution system,
which means no wireless access point is contained in the system to provide
centralized communications.
Figure 1.10 shows an example of a wired peer-to-peer network and a wireless
ad hoc network.
FIGURE 1.10 Wired peer-to-peer and wireless ad hoc networks
Point-to-Point Connections
When at least two LANs are connected, it is known as a point-to-point
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
connection or link (see Figure 1.11). The connection can be made using either
wired or wireless network infrastructure devices and can include bridges,
wireless access points, and routers. Wireless point-to-point links can
sometimes extend very long distances depending on terrain and other local
conditions. Point-to-point links provide a connection between LANs, allowing
users from one LAN to access resources on the other connected LAN.
FIGURE 1.11 Point-to-point connections using either wired or wireless
connections
Wired point-to-point links consist of fiber-optic connections or leased lines
from local telecommunication providers. Wireless point-to-point links
usually call for semi-directional or highly directional antennas. Wireless
point-to-point links include directional antennas and encryption to protect
the wireless data as it propagates through the air from one network to the
other. With some regulatory domains such as the Federal Communications
Commission (FCC), when an omnidirectional antenna is used in this
configuration it is considered a special case, called a point-to-multipoint link.
Point-to-Multipoint Connections
A network infrastructure connecting more than two LANs is known as a
point-to-multipoint connection or link (see Figure 1.12). When used with
||||||||||||||||||||
||||||||||||||||||||
wireless, this configuration usually consists of one omnidirectional antenna
and multiple semi-directional or highly directional antennas. Point-tomultipoint links are often used in campus-style deployments, where
connections to multiple buildings or locations may be required. Like point-topoint connections, wired point-to-multipoint connections can use either
direct wired connections such as fiber-optic cables or leased line connectivity
available from telecommunication providers.
FIGURE 1.12 Point-to-multipoint connections using either wired or wireless
connections
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The OSI Model
Before we continue with other mobility topics, you should have some
background on computer networking theory. The basics of a computer
networking discussion start with the Open Systems Interconnection (OSI)
model, a conceptual seven-layer model. The OSI model has been around for
decades. It came about in the late 1970s and early 1980s, being published in
1984, and was developed by the International Organization for
Standardization (ISO). The ISO is a worldwide organization that creates
standards on an international scale. The OSI model describes the basic
concept of communications in the computer network environment. Be careful
not to confuse the two.
There are seven layers to the OSI model. Each layer is made up of many
protocols and serves a specific function. You will take a quick look at all seven
layers of the OSI model. Figure 1.13 illustrates the seven layers of the
conceptual OSI model.
FIGURE 1.13 Representation of the OSI Model
The following sections describe how each layer is used.
||||||||||||||||||||
||||||||||||||||||||
Layer 1 – The Physical Layer
The Physical layer (sometimes referred as the PHY) is the lowest layer in the
OSI model. The PHY consists of bit-level data streams and computer network
hardware connecting the devices together. The hardware that connects
devices includes network interface cards, cables, Ethernet switches, wireless
access points, and bridges. Keep in mind that some of these hardware devices,
such as Ethernet switches and bridges, actually have Data Link layer (Layer 2)
functionally and operate at that layer but also make up the actual physical
connections. In the case of wireless networking, radio frequency (RF) uses air
as the medium for wireless communications. With respect to wireless
networking, the Physical layer consists of two sublayers:
Physical Layer Convergence Protocol (PLCP)
Physical Medium Dependent (PMD)
The PLCP, the higher of the two layers, is the interface between the PMD and
Media Access Control (MAC) sublayer of the Data Link layer. This is where
the Physical layer header is added to the data. The PMD is the lower sublayer
at the bottom of the protocol stack and is responsible for transmitting the
data onto the wireless medium. Figure 1.14 shows the two sublayers that
make up the Physical layer.
FIGURE 1.14 Physical layer sublayers, PLCP and PMD
Layer 2 – The Data Link Layer
The Data Link layer is responsible for organizing the bit-level data for
communication between devices on a network and detecting and correcting
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Physical layer errors. This layer consists of two sublayers:
Logical Link Control (LLC)
Media Access Control (MAC)
The bit-level communication is accomplished through Media Access Control
(MAC) addressing. A MAC address is a unique identifier of each device on the
computer network and is known as the physical address or sometimes
referred to as the hardware address. (MAC addresses are discussed later in
this chapter.) Figure 1.15 illustrates the two sublayers of the Data Link layer,
Layer 2.
FIGURE 1.15 Data Link layer sublayers, LLC and MAC
Layer 3 – The Network Layer
The Network layer is responsible for addressing and routing data by
determining the best route to take based on what it has learned or been
assigned. The Internet Protocol (IP) resides at the Network layer. An IP
address is defined as a numerical identifier or logical address assigned to a
network device. The IP address can be static, manually assigned by a user, or
dynamically assigned from a server using Dynamic Host Configuration
Protocol (DHCP). (IP addresses are discussed later in this chapter.) Figure
1.16 illustrates the Layer 2 MAC address translation to a Layer 3 IP address.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.16 Data Link layer (Layer 2) to Network layer (Layer 3) address
translation
Layer 4 – The Transport Layer
The Transport layer consists of both connection-oriented and connectionless
protocols providing communications between devices on a computer network.
Although several protocols operate at this layer, you should be familiar with
two commonly used Layer 4 protocols:
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
TCP is a connection-oriented protocol and is used for communications that
require reliability, analogous to a circuit-switched telephone call.
UDP is a connectionless protocol and is used for simple communications
requiring efficiency, analogous to sending a postcard through a mail service.
You would not know if the postcard was received or not. UDP and TCP port
numbers are assigned to applications for flow control and error recovery.
Figure 1.17 represents the relationship between the Transport layer protocols
TCP and UDP.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.17 Comparison between TCP and UDP protocols
Layer 5 – The Session Layer
The Session layer opens, closes, and manages communications sessions
between end-user application processes located on different network devices.
The following protocols are examples of Session layer protocols:
Network File System (NFS)
Apple Filing Protocol (AFP)
Remote Procedure Call Protocol (RPC)
Layer 6 – The Presentation Layer
The Presentation layer provides delivery and formatting of information for
processing and display. This allows for information that is sent from one
device on a network (the source) to be understood by another device (the
destination) on the network.
Layer 7 – The Application Layer
The Application layer can be considered the interface to the user. Application
is another term for a program that runs on a computer or other networking
device, and that is not what we are looking at here. Protocols at this layer are
for network operations such as transferring files, browsing web pages, and
||||||||||||||||||||
||||||||||||||||||||
sending email. The following list includes some of the more common
examples of Application layer protocols we use daily:
File Transfer Protocol (FTP) for transferring data
Hypertext Transfer Protocol (HTTP) for web browsing
Post Office Protocol v3 (POP3) for email
How the Layers Work Together
In order for computers and other network devices to communicate with one
another using the OSI model, a communication infrastructure of some type is
necessary. In a wired network, such an infrastructure consists of cables,
repeaters, bridges, and Layer 2 switches. In a wireless network, the
infrastructure consists of access points, bridges, repeaters, radio frequency,
and the open air. Some of these devices will be discussed in more detail in
Chapter 3, “Infrastructure and Client Devices Used with Wireless
Networking.”
Wireless network technology operates at the two lowest layers of the OSI
model, Layer 1 (Physical) and Layer 2 (Data Link). However, to some degree
Layer 3 (Network) plays a role as well, generally for the TCP/IP protocol
capabilities. It is also important to note that wireless networking technology
does use all seven layers for certain functionality.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
OSI Model Memorization Tip
One common method you can use to remember the seven layers of the
OSI model from top to bottom is to memorize the following sentence: All
people seem to need data processing. Take the first letter from each word
and that will give you an easy way to remember the first letter that
pertains to each layer of the OSI model.
All (Application)
People (Presentation)
Seem (Session)
To (Transport)
Need (Network)
Data (Data Link)
Processing (Physical)
Here’s another one, this time from the bottom layer to the top layer:
Please (Physical)
Do (Data Link)
Not (Network)
Throw (Transport)
Sausage (Session)
Pizza (Presentation)
Away (Application)
Peer-Layer Communication
Peer layers communicate with other layers in the OSI model, and the layers
underneath are their support systems. Peer-layer communication is the
“horizontal” link between devices on the network. Figure 1.18 shows three
examples of peer-layer communication. Keep in mind, however, that this
principle applies to all seven layers of the OSI model. This allows for the
layers to communicate with the layer to which a device is sending or receiving
||||||||||||||||||||
||||||||||||||||||||
information.
FIGURE 1.18 Peer communication between three of the seven layers
Data Encapsulation
The purpose of encapsulation is to allow Application layer data
communication between two stations on a network using the lower layers as
a support system. As data moves down the OSI model from the source to the
destination, it is encapsulated. As data moves back up the OSI model from the
source to the destination, it is de-encapsulated. Some layers will add a header
and/or trailer when information is being transmitted and remove it when
information is being received. Encapsulation is the method in which lower
layers support upper layers. Figure 1.19 illustrates this process.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.19 Information is added at each layer of the OSI model as data
moves between devices.
||||||||||||||||||||
||||||||||||||||||||
Device Addressing
Every device on a network requires unique identification. This can be
accomplished in a couple of ways:
Physical addresses
Logical addresses
The physical address of a network adapter is also known as the Media Access
Control (MAC) address. As shown in Figure 1.20, every device on a network
(like every street address in a city) must have a unique address. The physical
address is required in order for a device to send or receive information (data).
An analogy to this is sending a package to be delivered via a courier service.
Before handing over the package to the courier, you would write the name
and physical street address of the recipient on the package. This ensures that
the package is delivered correctly to the recipient.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.20 The MAC address is analogous to the address of buildings on a
street.
The logical address is also known as the Internet Protocol (IP) address. Each
device on a Layer 3 network or subnet must have a unique IP address (like
every city’s zip code). The IP address can be mapped to the physical address
by using the Address Resolution Protocol (ARP).
The streets shown in Figure 1.20—1st, Main, and 2nd—represent LAN
subnets. The street addresses—10, 20, and so on—represent the unique
address of each structure on a street as a MAC address would a device on a
LAN.
Physical Addressing
The physical address of a network device is called a MAC address because the
MAC sublayer of the Data Link layer handles media access control. The MAC
||||||||||||||||||||
||||||||||||||||||||
address is a 6-byte (12-character) hexadecimal address in the format
AB:CD:EF:12:34:56. The first 3 bytes (or octets) of a MAC address are called
the organizationally unique identifier (OUI). Some manufacturers produce
many network devices and therefore require several OUIs. A table of all OUIs
is freely available from the IEEE Standards Association website at
http://standards.ieee.org/develop/regauth/oui/oui.txt
MAC addresses are globally unique; an example is shown in Figure 1.21. The
first 3 bytes or octets (6 characters) are issued to manufacturers by the IEEE.
The last 3 bytes or octets (6 characters) are incrementally assigned to devices
by the manufacturer.
FIGURE 1.21 Example of a Layer 2 MAC address showing the OUI and
unique physical address
The MAC address of a device is usually stamped or printed somewhere on the
device. This allows the device to be physically identified by the MAC address.
By typing the simple command ipconfig /all in the command-line interface
of some operating systems, you can view the physical address of the network
adapter. Figure 1.22 shows an example of the information displayed by using
this command-line utility in the Microsoft Windows operating system.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.22 The ipconfig command-line utility displaying a physical/MAC
address in Microsoft Windows
Logical Addressing
Network devices can also be identified by a logical address, known as the
Internet Protocol (IP) address. The Layer 3 IP protocol works with a Layer 4
transport protocol, either User Datagram Protocol (UDP) or Transport layer
Protocol (TCP). You learned earlier in this chapter that UDP is a
connectionless protocol and using it is analogous to sending a postcard
through the mail. The sender has no way of knowing if the card was received
by the intended recipient. TCP is a connection-oriented protocol, used for
communications analogous to a telephone call, and provides guaranteed
delivery of data through acknowledgements. During a telephone
conversation, communication between two people will be confirmed to be
intact, with the users acknowledging the conversation. Routable logical
addresses such as TCP/IP addresses became more popular with the evolution
of the Internet and the Hypertext Transfer Protocol (HTTP) that is used with
the World Wide Web (WWW) service. IP moves data through an
internetwork such as the Internet one router (or hop) at a time. Each router
decides where to send the data based on the logical IP address. Figure 1.23
shows a basic network utilizing Layer 3 data traffic.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.23 A network with Layer 3 network device logical addressing
Logical addresses (IP addresses) are 32-bit dotted-decimal addresses usually
written in the form www.xxx.yyy.zzz. Figure 1.24 illustrates an example of a
logical Class C, 32-bit IP address. Each of the four parts is a byte, or 8 digital
bits. There are two main IP address types: private addresses and public
addresses. Private addresses are unique to an internal network, and public
addresses are unique to the Internet. These addresses consist of two main
parts: the network (subnet) and the host (device). Logical addresses also
require a subnet mask and may have a gateway address depending on
whether the network is routed. IPv4 addresses fall under three classes: Class
A addresses, Class B addresses, and Class C addresses.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.24 Example of a Class C logical IP address
The logical IP addresses you just learned about are known as
IPv4 addresses. Newer addresses, called IPv6 addresses, also exist and
are discussed in the following section, “Network Address Translation.”
Unlike a MAC address, an IP address is logical and can be either specified as a
static address assigned to the device manually by the user or dynamically
assigned by a server. However, the same command-line utility used to
identify the physical address of a device can be used to identify the logical
address of a device. Typing ipconfig at a command prompt displays the
logical address, including the IP address, subnet mask, and default gateway
(router) of the device. The ipconfig /all command, illustrated earlier in the
chapter, yields additional information, including the physical or MAC address
of the device’s network adapter. This command is for a computer using the
Microsoft Windows operating system. For some Apple and Linux devices, the
ifconfig command will yield similar information. Figure 1.25 shows the
ipconfig utility displaying the logical address information, including the IP
address and subnet mask.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 1.25 The Microsoft Windows ipconfig command-line utility
showing logical address information
In Exercise 1.1, you will use the ipconfig utility from a command prompt on a
computer using the Microsoft Windows operating system. This will allow you
to see the address information for any available network adapters within the
device.
Exercise 1.1 was written using a computer with the Microsoft
Windows 10 operating system. If you’re using a different version of the
operating system, the steps may vary slightly. Keep in mind that there are
many different shortcuts and ways to get to a command prompt in the
Microsoft operating systems. The steps in this exercise use one common
method.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
EXERCISE 1.1
Viewing Device Address Information on a Computer
1. Click the Start menu.
2. Click the All Apps icon near the bottom of the menu.
3. Navigate to and click the Windows System folder.
4. Click the Command Prompt. The command window will appear.
5. In the command window, type ipconfig /all.
6. View the results in the command window. Notice the physical address
of the network adapter as well as other information. The results
should look similar to that shown here for Microsoft Windows 10 but
may vary slightly based on the OS version in use.
Network Address Translation
In the mid-1990s, the use of the Internet along with the TCP/IP protocols was
fueled by the release of the Hypertext Transfer Protocol (HTTP) and the
World Wide Web. The heavily used Internet Protocol version 4 (IPv4) of
assigning IP addresses was in jeopardy because of the increased use of
TCP/IP networks. Because the IPv4 mechanism has a finite number of
addresses, there was a possibility of running out of IP addresses. Table 1.1
||||||||||||||||||||
||||||||||||||||||||
shows the number of IPV4 addresses available based on the IP address class.
TABLE 1.1 IPv4 IP addresses
Class Type 1st Octet – Decimal Max Number of Hosts
A
1–126
16,777,214
B
128–191
65,534
C
192–223
254
Newer technology, Internet Protocol version 6 (IPv6), was the answer to the
IPv4 address limitation issue. As you learned earlier in this chapter, IPv4 uses
32-bit binary addresses; there is a limit to the number of possible public
addresses, as shown in Table 1.1. Keep in mind that all the Class A addresses
were reserved by organizations and companies early on and therefore not
available to the general public. The IPv6 method of addressing new IP
technology is what was going to solve the problem of IP address exhaustion.
IPv6 uses 128 bits (2128), which equates to a potential 3.4 × 1038 IP addresses.
That’s a lot of IP addresses. The switch to IPv6 would not be an easy task.
Computer operating systems, servers, and network infrastructure hardware
lacked support for IPv6, causing delays in the implementation.
So why all this discussion about IP addresses or potential lack thereof? Well,
this is where Network Address Translation (NAT) technology comes into
action. NAT allows the use of a private IP address network for internal use
and mapping it to a single public IP address connected to the Internet. This is
accomplished by modifying the header in the IPv4 packet, which is where the
term address translation comes in. NAT allows for a home network, a very
small organization, or even a very large organization to be represented by a
single public IP address on the Internet. It is addressed in RFC 2663 and
allowed for the continued use of IPv4 addresses. NAT consists of different
implementations. The following are two common implementations:
One-to-one NAT
One-to-many NAT
One-to-one NAT will map an IP address on the outside to an IP address on
the inside. This can be accomplished through either a static assignment or a
dynamic assignment. The static NAT entry is a permanent entry and needs to
change manually. The dynamic process is useful when there are a limited
number of addresses and the one-to-one assignment occurs when needed.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
One-to-many NAT allows for the translation of one single public IP address
on the outside of a network to service many devices with private IP addresses
on the inside network. This is accomplished by modifying the information in
the IP packet. Figure 1.26 shows how NAT on a DSL router or cable modem
will provide IP address translation. Notice that the private IP addresses on the
private side of the router in this example are in the 192.168.0.X range. These
private IP addresses will be translated to the single public IP address
172.10.5.20 on the public-facing side.
FIGURE 1.26 Network Address Translation (NAT) and Port Address
Translation (PAT). The IP addresses shown are examples.
||||||||||||||||||||
||||||||||||||||||||
Summary
This chapter provided a simple review of computer networking topics. It
began with an outline of the common network technology types:
Local area networks (LANs)
Wide area networks (WANs)
Metropolitan area networks (MANs)
Campus area networks (CANs)
Personal area networks (PANs)
The next fundamental networking concept discussed was computer network
topologies. You learned about network topologies ranging from the legacy
high-speed linear bus and ring to the current star topology, the most common
topology used today with both wired and wireless networks. You looked at the
following various topologies:
Bus
Ring
Star
Mesh
Ad hoc
Point-to-point
Point-to-multipoint
You then reviewed the basics and different layers of the OSI model, including
a brief overview of each layer illustrating the different protocols and
sublayers where applicable. Then the chapter discussed the basics of peer
communications and data encapsulation.
The chapter’s final topic was device addressing. You explored the concepts of
physical (MAC sublayer) and logical (Network layer) addressing, including
the IP address and subnet mask. A simple exercise using a computer with the
Microsoft Windows operating system showed how to view device addressing
information.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Understand the components of a local area network (LAN). A LAN is
a group of computers connected by a physical medium in a specific
arrangement called a topology.
Know the different types of networks. The basic networks types are
LAN, WAN, CAN, MAN, and PAN.
Become familiar with various networking topologies. Bus, star, ring,
mesh, and ad hoc are some of the topologies used in computer networking.
Bus is considered a legacy topology, whereas star is one of the most common
topologies in use today.
Understand point-to-point and point-to-multipoint connections.
These connect two or more LANs and can consist of both wired and wireless
connections.
Understand the basics of the OSI model. Know that each of the seven
layers of the OSI model serves a specific function.
Remember the details of the lower two layers of the OSI model. The
Physical layer and Data Link layer are the two lowest layers of the OSI model.
Wireless networking technology operates at these layers. The Data Link layer
consists of two sublayers: the Logical Link Control (LLC) sublayer and the
Media Access Control (MAC) sublayer. The Physical Layer consists of two
sublayers: the Physical Layer Convergence Protocol (PLCP) sublayer and the
Physical Medium Dependent (PMD) sublayer.
Understand device addressing. Devices are assigned a unique physical
address by the manufacturer. This address is known as the MAC address.
MAC addresses consist of two parts, the organizationally unique identifier
(OUI) and the unique physical address. A logical address may also be assigned
at the Network layer to identify devices on different internetworks using the
Internet Protocol (IP).
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. At which two layers of the OSI model does wireless LAN technology
operate? (Choose two.)
A. Session
B. Network
C. Physical
D. Application
E. Data Link
2. A high-speed linear topology is defined as a ____________.
A. Ring
B. Mesh
C. Bus
D. Star
3. The lower three layers of the OSI model are the ____________,
____________ and the ____________.
A. Data Link, Physical, Transport
B. Physical, Data Link, Network
C. Session, Physical, Application
D. Application, Presentation, Session
4. The IP address of a network adapter is also known as which address?
A. MAC address
B. Logical address
C. Layer 4 address
D. Mesh address
5. Which layer of the OSI model is responsible for organizing bit-level data
for communication between devices on a network and detecting and
correcting Physical layer errors?
A. Application
||||||||||||||||||||
||||||||||||||||||||
B. Transport
C. Network
D. Data Link
E. Physical
6. Which layer of the OSI model is responsible for addressing and routing?
A. Physical
B. Network
C. Transport
D. Application
7. ____________ allows for Application layer data communication
between two stations using lower layers as a support system.
A. Logical addressing
B. Physical addressing
C. Data encapsulation
D. Peer communication
E. Point-to-point
8. Which topology may use a token-passing access method?
A. Ring
B. Mesh
C. Bus
D. Star
9. Which layer of the OSI model provides an interface to the user?
A. Physical
B. Network
C. Transport
D. Application
E. Data Link
Technet24.ir
||||||||||||||||||||
F. Presentation
10. The physical address of a network adapter is the ____________.
A. MAC address
B. Logical address
C. Layer 3 address
D. Mesh address
11. The term encapsulation means to ____________.
A. Add an IP address to a network adapter
B. Add a MAC address to a network adapter
C. Add topology information to a frame
D. Add layer header and trailer information to a frame
12. Which of the following is an accurate description of peer communication?
A. The horizontal link between devices on the network
B. The vertical link between devices on the network
C. The logical link between devices on the network
D. The physical link between devices on the network
13. Physical addresses on a network device are responsible for which of the
following?
A. To identify the logical location on the network
B. To identify which device should receive the information
C. To identify the routing information on the network
D. To identify the protocol in use on the network
14. At which layer of the OSI model are bits compiled into frames?
||||||||||||||||||||
A. Physical
B. Data Link
C. Network
D. Transport
||||||||||||||||||||
E. Application
15. Which protocol is used to guarantee delivery of data?
A. UDP
B. IP
C. ARP
D. TCP
E. HTTP
16. Which protocol is responsible for addressing and routing?
A. IP
B. TCP
C. UDP
D. ARP
17. Which layer of the OSI model allows physical addresses to be converted to
logical addresses?
A. Application
B. Session
C. Transport
D. Network
E. Data Link
18. The Data Link layer of the OSI model is divided into which two sublayers?
A. PLCP, PMD
B. LLC, MAC
C. TCP, UDP
D. HTTP, FTP
19. Which layer of the OSI model uses physical addresses to deliver data to
the destination?
||||||||||||||||||||
A. Physical
B. Data Link
Technet24.ir
||||||||||||||||||||
C. Network
D. Transport
20. Which is a valid logical IPv4 address?
||||||||||||||||||||
A. 255.255.0.0
B. 192.168.200.1
C. AB.CD.EF12.34.56
D. 12.34.56.AB.CD.EF
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 2
Wireless Local Area Networking, Standards, and
Certifications
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.1 Define the roles of the following organizations in providing
direction and accountability within the wireless networking
industry:
1.3 Summarize the basic attributes of the following WLAN
standards, amendments, and product certifications:
1.4 Explain the role of Wi-Fi as a wireless network access
technology
5.1 Identify deployment scenarios for the following common
WLAN network types and suggest best practices for these
scenarios:
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.1 Know the frequency bands used
2.2 Identify Physical Layer (PHY) characteristics
4.1 Understand issues in common vertical markets
4.8 Match organizational goals to WLAN features and
functions
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.4 Determine the channels and streams supported by client
devices
4.1 Understand the basics of 802.11 standard security solutions
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 wireless computer networking continues to
take computer communication to a new level. This communication
technology is the combination of computer local area networking (LAN) and
radio frequency (RF) technology. By combining these two technologies,
computer users have the opportunity to access and share information in ways
that would seem unattainable not too many years ago.
This chapter will examine various ways in which wireless local networks are
used and deployed. We will also cover organizations that determine the use of
RF and those responsible for creating and managing WLAN standards. We’ll
look in detail at the IEEE 802.11 standard and its amendments, illustrating
the communications and functional aspects. Finally, we will discuss
interoperability certifications for IEEE 802.11 wireless networks for
communications, quality of service (QoS), and security that are available from
the Wi-Fi Alliance.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The Wireless Computer Network
The main objective of this book is to provide an introduction to IEEE 802.11based wireless computer networking, following the “what it is not how it
works” philosophy. However, it is important to understand the various ways
in which wireless fits with computer networking in general and the various
physical applications. In this section, we will take a look at how wireless
technology allows users to connect to and use resources in a wireless
networking environment. Wireless networks come in a variety of types and
sizes and include the following wireless topologies:
Wireless personal area network (WPAN)
Wireless local area network (WLAN)
Wireless metropolitan area network (WMAN)
Wireless wide area network (WWAN)
In Chapter 1, “Computer Networking Fundamentals,” you learned about the
different types of computer networks. You will now look at some of these
network types from a wireless perspective.
The Wireless Personal Area Network
The personal area network (PAN) is a network that connects devices within
the immediate area of individual people, as you saw in Chapter 1. With the
use of wireless technology, PANs have evolved into the wireless personal area
network (WPAN). This type of network allows users to connect various
devices wirelessly to their own personal area network, including but not
limited to computer keyboards, mice, and headsets.
Bluetooth technology is the most popular type of WPAN and uses frequencyhopping spread spectrum (FHSS) for communications. Bluetooth falls under
the IEEE 802.15 standard, which specifies the WPAN standards. Bluetooth
devices operate in the unlicensed 2.4 GHz Industrial, Scientific and Medical
(ISM) band, as do WLANs. The effects of FHSS and Bluetooth on a WLAN
will be discussed further in Chapter 7, “Modulation Technology for Wireless
Networking.”
WPANs may also use infrared technology, which uses near-visible light in the
850 nanometers to 950 nanometers range for communications. Infrared
technology was specified in the original 802.11 standard, was considered
||||||||||||||||||||
||||||||||||||||||||
obsolete in the 2012 version of the standard, and has since been removed
from the latest version of the standard, IEEE 802.11-2016.
The Wireless Local Area Network
As you learned in Chapter 1, local area networks (LANs) can be defined as a
group of computers connected by a physical medium in a specific
arrangement called a topology. LANs are contained in the same physical area
and usually are bounded by the perimeter of a building or a group of
buildings. Wireless local area networks (WLANs) fall under the same
description as a LAN but do not require a physical wire to connect devices
together. WLANs have been in existence for many years, even prior to IEEE
802.11 standards-based technology, and mostly included proprietary
technology or government deployments.
Since the IEEE released the original 802.11 standard in 1997, WLAN
technology has continued to excel and is becoming a major component of
every computer network. WLANs can operate in either the licensed or
unlicensed RF spectrum. The most commonly used frequency spectra for
WLANs are the unlicensed 2.4 GHz ISM band and the unlicensed 5 GHz
Unlicensed National Information Infrastructure (UNII) band. The frequency
bands used with IEEE 802.11 wireless networking are discussed in this
chapter in the “RF Regulatory Domain Governing Bodies and Local
Regulatory Authorities” section.
The Wireless Metropolitan Area Network
Metropolitan area networks (MANs) consist of networks that may span from
several blocks of buildings to entire cities, and interconnect devices for access
to computer resources in a region or area larger than that covered by LANs
but smaller than the areas covered by WANs. You learned about this network
type in Chapter 1. You can expand on this technology and add much flexibility
to MANs by incorporating wireless technology and creating a wireless
metropolitan area network (WMAN). The IEEE 802.16 standard was
developed to address this type of wireless network. This technology may fall
under the Worldwide Interoperability for Microwave Access (WiMAX)
category and addresses different technologies. The WMAN may include a
combination of public and private entities that encompass town services such
as police, fire, and public utility access.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
WiMAX has had its share of ups and downs. One major provider,
Clearwire Inc., was a major player in the US market and was working on
large-scale deployments throughout the United States. Although they
previously had part ownership, Sprint acquired 100 percent of Clearwire
in June 2013. Since that time, Sprint has been shifting from the WiMAX
side in favor of building its own LTE network or fail-back to 3G. In
November 2015 Sprint ceased operations of the Sprint 4G (WiMAX)
network. The use of WiMAX networks worldwide have been decreasing
since that time.
The Wireless Wide Area Network
You know from Chapter 1 that a WAN consists of point-to-point or point-tomultipoint connections between two or more LANs. WANs can extend very
long distances through the use of fiber-optic connections or leased lines from
telecommunications providers. When it comes to the wireless wide area
network (WWAN), this extends beyond the point of connecting LANs
together. The WWAN will encompass very large geographical areas and may
include different wireless technologies, including cellular.
The WWAN also provides wireless broadband communications for Internet
access through the use of special external adapters or even adapters built into
notebook computers or other mobile devices, including smart phone
technology. Because of the technology used, performance such as data rates
will be lower than that expected and realized with IEEE 802.11 wireless
networking.
||||||||||||||||||||
||||||||||||||||||||
Building-to-Building Connectivity Using Wireless
LAN Technology
Connecting two or more wired LANs together over some distance is often
necessary in computer networking. Depending on the topology, this can be an
expensive and time-consuming task. WLAN technology is often used as an
alternative to copper cable, fiber optics, or leased line connectivity between
buildings. Whether connecting two or multiple locations together, point-topoint or point-to-multipoint links can be a quick and cost-effective solution
for building-to-building connectivity.
Antenna selection plays an important role in this type of connectivity and will
be discussed further in Chapter 5, “Antenna Technology for Wireless
Networking.” Other factors to consider in either point-to-point or point-tomultipoint connections are the RF band used and the distance, both of which
will determine whether a link is feasible for a wireless connection.
Wireless Point-to-Point Connections
As discussed in Chapter 1, connecting at least two wired LANs together is
known as a point-to-point connection. Wireless point-to-point connections
can provide long-range coverage depending on terrain and other local
conditions. These links can serve both wired and wireless users on the
connected LANs. Wireless point-to-point connections typically call for semidirectional or highly directional antennas. With some regulatory agencies,
when an omnidirectional antenna is used in this configuration, it is
considered a special case, called a point-to-multipoint connection. Correct
antenna selection is important and will be discussed in more detail in Chapter
5. Figure 2.1 shows a wireless point-to-point connection.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.1 A wireless point-to-point connection using directional antennas
Wireless Point-to-Multipoint Connections
As you learned in Chapter 1, a network connecting more than two LANs
together is known as a point-to-multipoint connection. With wireless
networking, this configuration usually consists of one omnidirectional
antenna and multiple semi- or highly directional antennas (see Figure 2.2).
Point-to-multipoint connections are often used in campus-style deployments
where connections to multiple buildings or locations may be required.
FIGURE 2.2 A typical point-to-multipoint connection using omnidirectional
and directional antennas
Wireless point-to-point and point-to-multipoint connections are becoming
more common with many IEEE 802.11 WLAN deployments, thanks to the low
cost of the equipment and the ease of installation. The installation time for a
wireless point-to-point connection can be as little as a few hours.
||||||||||||||||||||
||||||||||||||||||||
Radio Frequency Regulatory Domain Governing
Bodies and Local Regulatory Authorities
Wireless networks use radio frequency (RF) to communicate. The RF
spectrum needs to be regulated in order to ensure correct use of the allocated
frequency bands. At the global level, the International Telecommunication
Union-Radiocommunication Sector (ITU-R) is responsible for global
management of RF spectrum, in addition to satellite orbits. This organization
currently has more than 700 private sector members and 70 academia
members from more than 190 member states. It manages three different
administrative regions around the globe.
Figure 2.3 shows the three administration regions and the geographic area
they encompass.
FIGURE 2.3 ITU-R administrative region map
For additional information, visit www.itu.int/ITU-R.
Table 2.1 shows the three administrative regions and the geographic areas
they cover.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 2.1 ITU-R regions and geographic locations
Region Location
Region Europe; Africa; the Middle East west of the Persian Gulf, including
1
Iraq; the former Soviet Union and Mongolia
Region Americas, Greenland, and some of the eastern Pacific Islands
2
Region Most of non-former-Soviet-Union Asia, east of and including Iran,
3
and most of Oceania
United States: Federal Communications Commission
The local regulatory authority that manages RF spectrum for the United
States is the Federal Communications Commission (FCC). The FCC, founded
in 1934, is (along with other local regulatory authorities) responsible for
regulating the licensed and unlicensed RF spectrum. IEEE 802.11 wireless
networks may use licensed or unlicensed frequencies for communication
between devices. A benefit of using unlicensed RF spectrum is no cost to the
end user. The IEEE commonly uses two of three unlicensed RF bands allowed
by the FCC:
2.4 GHz industrial, scientific, and medical (ISM) band
5 GHz Unlicensed National Information Infrastructure (UNII) band
I will further discuss this and other technical details of standards-based
wireless communications in Chapter 6, “Communication for Wireless
Networking.”
The FCC also allows the use of the unlicensed 900 MHz ISM
band, but it is currently not used with IEEE 802.11 wireless networking.
The 902-928 MHz ISM unlicensed band is not available worldwide and is
only available in Region 2 (the Americas), with a few exceptions.
Therefore, it was not specified for use with IEEE 802.11 wireless
networking. However, this will soon change with the recent ratification of
the IEEE 802.11ah amendment, which will allow WLAN use in what is
also known as the Sub 1 GHz band.
||||||||||||||||||||
||||||||||||||||||||
Licensed RF Bands Used with IEEE 802.11
The following two licensed bands can be used with IEEE 802.11 networking:
3.650-3.700 GHz band
4.940-4.990 GHz public safety band
In 2008 the IEEE ratified the IEEE 802.11y amendment to the standard. This
amendment allows for the use of high-powered WLAN equipment to operate
in the 3.650-3.700 GHz band. Within the United States this is a licensed band
that requires the user to pay some type of licensing fees.
The IEEE 802.11-2016 standard also specifies the use of the 4.940-4.990 GHz
public safety band for use within the United States, consisting of 5 MHz-, 10
MHz-, and 20 MHz-wide channels with both high and low power limits. This
is a carry-over from the previous version of the standard.
For additional information regarding RF use in the United States,
visit www.fcc.gov.
Europe: European Telecommunications Standards Institute
The European Telecommunications Standards Institute (ETSI) is responsible
for producing standards for information and communications technologies,
including fixed, mobile, radio, converged, broadcast, and Internet
technologies in Europe. ETSI was created by the European Conference of
Postal and Telecommunications Administrations (CEPT) in 1988.
In Europe, RF use is managed by CEPT, which develops guidelines and
provides national administrations with tools for coordinated European RF
spectrum management.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The IEEE
The IEEE (originally known as the Institute of Electrical and Electronics
Engineers), pronounced “eye triple E,” is a nonprofit organization responsible
for generating a variety of technology standards, including those related to
information technology. According to the mission statement on the IEEE’s
website, its core purpose is to foster technological innovation and excellence
for the benefit of humanity. The IEEE is the world’s largest technical
professional society.
Since 1997 the IEEE has released a series of standards related to wireless
local area networking. These standards are all named IEEE 802 followed by
combinations of numbers and letters to define specific standards and
amendments.
The IEEE consists of working groups that are made up of individual members
and experts in the field. With respect to wireless technology, the IEEE
working groups are as follows:
IEEE 802.11 – Wireless local area networking
IEEE 802.15 – Wireless personal area networking
IEEE 802.16 – Broadband wireless metropolitan area networks
IEEE 802.20 – Mobile broadband wireless access
IEEE 802.22 – Wireless regional area networks
The main focus of this book is related to IEEE 802.11 wireless local area
networking.
For additional information about the IEEE, visit www.ieee.org.
The following section describes the IEEE wireless networking standard and
the amendments in the order in which they were ratified and released. The
IEEE wireless networking standard and its amendments that identify
advancements in the technology define the power, range, and speed of RF and
WLAN technology. The IEEE 802.11 standard specifies the maximum amount
of RF transmit power, the allowed RF spectrum (which is related to the
range), and the allowed data rates or speed. All ratified IEEE 802.11
||||||||||||||||||||
||||||||||||||||||||
amendments have been incorporated into the IEEE 802.11-2016 standard,
including the most recent amendments IEEE 802.11ac, IEEE 802.11ad, and a
few others. Even though some are now legacy amendments, it is important to
understand the foundation and advancements in standards-based wireless
technology that have developed into the current system.
The IEEE 802.11 Standard
The IEEE 802.11 standard, released in 1997, is what initially defined the
WLAN communication standards. The data rates used in this original
standard (1 and 2 Mbps) are considered slow compared to today’s technology.
As of this writing, the IEEE 802.11-2016 standard is the most
current ratified IEEE 802.11 standard. This latest version combines into
one document the more recent versions, including the IEEE 802.11-2012
and IEEE 802.11-2007 standards, and outstanding amendments at the
time of ratification, such as IEEE 802.11k/n/p/r/s/u/v/w/y/z, and now
also IEEE 802.11aa/ac/ad/ae/af/ah. Many in the industry, however, still
refer to the original names of the amendments: 802.11b, 802.11a, 802.11g,
802.11n, and so on. The IEEE considers all the previously published
amendments and revisions retired as a result of the release of the IEEE
802.11-2016 standard. Device and application requirements for IEEE
802.11 are discussed in Chapter 4, “Radio Frequency Fundamentals for
Wireless Networking.”
Here are the frequency range, spread spectrum/Physical layer (PHY)
technologies, and data rates for the IEEE 802.11-1997 standard:
2.4 GHz ISM band
Frequency-hopping spread spectrum (FHSS)
Direct-sequence spread spectrum (DSSS)
Infrared (IR)
1 and 2 Mbps
FHSS is considered obsolete technology with regard to IEEE 802.11 wireless
networking; however, it is still used in other wireless technologies, such as
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.15 Bluetooth devices, other wireless devices, and wireless cordless
public switched telephone network (PSTN) telephones. References to FHSS
were removed from the IEEE 802.11-2016 version of the standard. You will
learn more about these Physical layer technologies in Chapter 7.
To see the most up-to-date status of the IEEE 802.11 standard
and amendments, visit the Official IEEE 802.11 Working Group Project
Timelines web page at
www.ieee802.org/11/Reports/802.11_Timelines.htm.
The abbreviations described in this section—such as FHSS, DSSS,
HR/DSSS, OFDM, ERP, HT, and VHT—are defined to help explain the
details of each amendment to the standard. You will learn more about
each of these Physical layer technologies in Chapter 7.
The IEEE 802.11a Amendment
This amendment to the IEEE 802.11 standard defined operation in the 5 GHz
UNII band. (UNII stands for Unlicensed National Information
Infrastructure.) Released in 1999, this amendment originally defined three
frequency ranges in three bands: UNII-1, UNII-2, and UNII-3. The UNII-1
band is intended for indoor use only; the UNII-2 band is for indoor or outdoor
use; and the UNII-3 band may be used indoors or outdoors but was most
commonly used outdoors. The data rates for IEEE 802.11a are up to 54 Mbps
using orthogonal frequency division multiplexing (OFDM). OFDM and other
Physical layer technologies will be discussed in Chapter 7. Although this
amendment was released in 1999, devices were not widely available until
2001.
Following are the frequency ranges, PHY technology, and data rates as
specified in the original IEEE 802.11a amendment. (Keep in mind that due to
relaxed local regulatory requirements, different data rates are often used and
accepted.)
||||||||||||||||||||
||||||||||||||||||||
5GHz UNII band
5.150-5.250 GHz UNII-1
5.250-5.350 GHz UNII-2
5.725-5.825 GHz UNII-3
Orthogonal frequency division multiplexing (OFDM)
6, 12, 24 Mbps OFDM required data rates
9, 18, 36, 48, and 54 Mbps OFDM data rates supported but not required
Figure 2.4 shows the data rates available on a WLAN controller for IEEE
802.11a.
FIGURE 2.4 WLAN controller showing the IEEE 802.11a data rates
A benefit to using the 5 GHz UNII band is that more bandwidth is available
compared to the 2.4 GHz ISM band and there is less interference because not
all wireless devices support operation in this band. The 5 GHz UNII band
supports up to 25 non-overlapping 20 MHz-wide channels compared to only
three non-overlapping channels in the 2.4 GHz ISM band, thus providing
more available and usable 5 GHz frequency. Currently, fewer devices use the
5 GHz UNII license-free band than use the 2.4 GHz ISM license-free band,
including non-802.11 devices. However, the number of wireless devices that
operate in the 5 GHz band is always increasing. Fewer devices using the band
means less interference, which allows for increased performance and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
reliability. With the introduction of the IEEE 802.11ac amendment, the
number of devices using the 5 GHz band will continue to grow, because this is
the only band supported for that technology. IEEE 802.11ac is discussed later
in this chapter.
Since the IEEE 802.11a amendment was ratified, some changes
have been implemented and are now addressed in the IEEE 802.11-2016
standard and previously the 802.11-2012 standard. They include a new
frequency range (5.470-5.725 GHz) that is allowed by some local
regulatory agencies and is known as the UNII-2e band. This extra
frequency space allows for 11 additional 20 MHz-wide non-overlapping
channels. The new IEEE 802.11ac amendment added one more channel
(channel number 144) to the 5 GHz UNII band, which now provides a
total of 25 non-overlapping channels, including channel number 165
(Americas only), which was previously identified as an ISM channel.
The IEEE 802.11b Amendment
The IEEE 802.11b amendment to the 802.11 standard works in the 2.4-2.5
GHz ISM band. This amendment, released in 1999, specifies high rate DSSS
(HR/DSSS) for 5.5 and 11 Mbps.
The IEEE 802.11b amendment was released before the IEEE
802.11a amendment, although both were released in 1999.
Here are the frequency range, Physical layer (PHY) technology, spread
spectrum technology, and data rates for the IEEE 802.11b amendment:
2.4 GHz ISM band
2.4 GHz-2.4835 GHz in North America, China, and Europe (excluding
Spain and France)
Direct-sequence spread spectrum (DSSS)
High rate-direct sequence spread spectrum (HR/DSSS)
||||||||||||||||||||
||||||||||||||||||||
5.5 and 11 Mbps
Backward compatible to 802.11 DSSS for 1 and 2 Mbps
With the release of the IEEE 802.11b amendment, WLAN technology became
more affordable and mainstream. This amendment introduced two higherrate data speeds, 5.5 and 11 Mbps, making the technology more desirable.
Today, wireless infrastructure device manufacturers still support IEEE
802.11b wireless technology; however, it is highly unlikely you would be able
to purchase any new devices that support only IEEE 802.11b technology. As
wireless technologies continue to evolve, it is doubtful that there are any
IEEE 802.11b-only networks, and many organizations are no longer
supporting this legacy technology at all and are disabling the capability within
their systems. Devices sold today that operate in the 2.4 GHz ISM band will
support IEEE 802.11b/g/n and may be marketed as such or as IEEE
802.11g/n, which implies support for IEEE 802.11b.
The IEEE 802.11g Amendment
This amendment to the IEEE 802.11 standard was released in 2003. Like
802.11 and 802.11b, it operates in the 2.4 GHz ISM band. This amendment
addresses extended data rates with OFDM technology and is backwardcompatible to 802.11 and 802.11b.
Here are the frequency range, PHY technology, spread spectrum technology,
and data rates for the IEEE 802.11g amendment:
2.4 GHz ISM band
2.4 GHz-2.4835 GHz in North America, China, and Europe (excluding
Spain and France)
Direct-sequence spread spectrum (DSSS)
High rate-direct sequence spread spectrum (HR/DSSS)
Extended rate physical-orthogonal frequency division multiplexing (ERPOFDM)
Packet binary convolutional code (PBCC; optional)
1 and 2 Mbps (compatible with DSSS)
5.5 and 11 Mbps complementary code keying (CCK; compatible with
HR/DSSS)
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
6, 12, 24 Mbps OFDM required data rates
9, 18, 36, 48, and 54 Mbps OFDM data rates supported but not required
Figure 2.5 shows the data rates for IEEE 802.11g available on a WLAN
controller.
FIGURE 2.5 WLAN controller showing the IEEE 802.11g data rates
IEEE 802.11g is backward-compatible to 802.11 and 802.11b because it
operates in the same 2.4 GHz ISM license-free band and supports the same
access methods or technology as 802.11b. One benefit of IEEE 802.11g
compatibility was that many established network infrastructures and devices
have used 802.11 and 802.11b for years. This allowed them to continue to
operate as normal with upgrades or replacement as appropriate or necessary.
||||||||||||||||||||
||||||||||||||||||||
To allow the slower DSSS and HR/DSSS data rates of 1, 2, 5.5,
and 11 Mbps to operate in an IEEE 802.11g/n network, the amendment
addresses the use of “protection mechanisms.” These protection
mechanisms will decrease the throughput of IEEE 802.11g/n clients to
some degree when IEEE 802.11b radios are present in the basic service
area (BSA). This is because when 802.11b and 802.11g/n devices are
connected to the same access point, RTS and CTS or CTS-to-self-control
frames are used to lessen the chances of data collisions by reserving the
medium for a specific period of time.
Many organizations have dropped support for IEEE 802.11b devices
completely. This is accomplished by disabling the 802.11b data rates on the
infrastructure devices—access points, controllers, cloud managed solutions,
and so on. They do this to minimize performance issues such as throughput
when IEEE 802.11b devices are present in the IEEE 802.11g/n BSA. In some
deployment scenarios, such as public wireless hotspots or areas with wireless
guest networks, it would be difficult to disallow the use of IEEE 802.11b
devices. However, this is becoming more common and strictly a decision to be
made by the organization and information technology staff.
Maximizing Throughput in an IEEE 802.11g/n Network
In certain cases, the only way to maximize the throughput of an
802.11g/n network is to set the data rates of the access points to support
802.11g/n data rates only. The trade-off is that 802.11b devices will not be
able to connect to the network, because the access point will not
recognize the 802.11b data rates. With the newer technology available
today, turning off support for 802.11b is becoming less of a concern. This
would work well where backward compatibility to 802.11b is not required
and all equipment in use supports 802.11g/n. An analogy would be a
group of individuals all speaking one language. They all understand the
same language, so they have no need to accommodate a second language.
Because of protection mechanisms defined in the 802.11g amendment,
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
throughput will degrade in an 802.11b/g/n mixed mode environment
when 802.11b devices are present. The 802.11b devices have a maximum
data rate of 11 Mbps (HR/DSSS), and they share the medium with the
802.11g/n devices that have a maximum data rate of 54 Mbps (ERPOFDM) or higher. Think of the language analogy. If a group of individuals
is speaking two different languages, a translator may be required for
complete communication. A discussion among the group would take
longer, because the translator would need to translate the languages.
Likewise, protection mechanisms will have an impact on the throughput
for the 802.11g/n devices, since the 2.4 GHz medium is shared. If there
are no 802.11b devices in the radio range of an access point in an
802.11b/g/n mixed mode environment, protection mechanisms should
not affect throughput since the access point will not have to share the
medium with the two different technologies, ERP-OFDM and HR/DSSS.
If you do not have any 802.11b devices on your network, you can set your
access point to 802.11g/n mode by disabling the 802.11b data rates. In this
configuration, your 802.11g/n devices will perform better, because
protection mechanisms will not be enabled. However, if there are any
802.11b devices that don’t belong to your network in the “listening” range
of the access point, data collisions will increase at the access point. This is
because 802.11b and 802.11g/n operate in the same RF range, and the
802.11g/n (ERP-OFDM) access point would stop listening to the 802.11b
(HR/DSSS) transmissions. (It would simply see them as RF noise.) In
this configuration, overall throughput will still exceed that of an access
point set to 802.11b/g/n mixed mode in the presence of 802.11b devices.
The access point will hear the 802.11b transmissions, but they will not be
serviced since they are only seen as RF noise; thus, they will have less
impact on throughput. Also, when an 802.11g/n access point “hears”
beacon management frames from a neighboring access point that is either
an 802.11b access point or 802.11g/n access point in protection mode, it
will cause the access point to also enter a protection mode state. This is
because a “non-member” protection mode caused by neighboring access
points on the same RF channel containing the protection mode
requirements in their beacon frames will force the access point to also be
in a protection mode state.
The IEEE 802.11n Amendment
||||||||||||||||||||
||||||||||||||||||||
After several years of drafts, the IEEE 802.11n amendment was finally
approved in September 2009. The release of this document opened the doors
for manufacturers of IEEE 802.11 WLAN equipment, giving them the
opportunity to move forward with new technology that allows for better
performance, higher throughput, and several other benefits. Wi-Fi certified
devices under 802.11n draft 2.0 were available for several years prior to the
ratification of IEEE 802.11n. Most if not all enterprise manufacturers had at
least one wireless infrastructure device certified under draft 2.0 by the Wi-Fi
Alliance prior to the release of the new amendment.
Here are the frequency ranges, PHY technologies, data rates, and other details
for the IEEE 802.11n amendment:
2.4 GHz ISM band
5 GHz UNII band
Multiple-input multiple-output technology (MIMO)
High-throughput orthogonal frequency division multiplexing (HT-OFDM)
Physical layer (PHY) layer enhancements
Data Link layer (MAC) layer enhancements
Data rates up to 600 Mbps
Figure 2.6 shows the modulation and coding scheme (MCS) and data rates
available on a WLAN controller for IEEE 802.11n operating on the 5 GHz
band.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.6 WLAN controller showing the IEEE 802.11n MCS and data
rates for the 5 GHz band
IEEE 802.11n devices are capable of operating in both unlicensed frequency
bands, the 2.4 GHz ISM band and the 5 GHz UNII band. This means that they
must be backward-compatible with previous technologies, such as IEEE
802.11b/g devices that operate in the 2.4 GHz ISM band and IEEE 802.11a
devices that operate in the 5 GHz UNII band.
Multiple-input multiple-output (MIMO) is a big part of what makes IEEE
802.11n such an amazing technology. Prior to 802.11n, IEEE 802.11a/b/g
devices used a single radio to transmit and receive radio signals. This is
known as single-input single-output (SISO) technology. MIMO uses multiple
radios or “radio chains” to transmit and receive radio signals. SISO systems
are subject to a phenomenon called multipath, in which several wavefronts of
a signal would be received out of phase because of reflections. This is a
problem for IEEE 802.11a/b/g systems, whereas MIMO actually uses the
reflections from either a transmitter or a receiver to help enhance the
performance and throughput using several radio chains in 802.11n. Multipath
is discussed in more detail in Chapter 5. MIMO consists of several types of
new technologies that include the following among others:
||||||||||||||||||||
||||||||||||||||||||
Transmit beamforming (TxBF)
Maximal ratio combining (MRC)
Spatial multiplexing (SM)
Space-time block coding (STBC)
It is best to check with the specific manufacturers of the wireless equipment
to determine how they implement MIMO technology. The details of the types
of MIMO technologies listed here are beyond the scope of the objectives of
this book but can be found in other CWNP study guides and training
materials.
IEEE 802.11n provides many enhancements to the Physical Layer 1, including
the following:
40 MHz channels through the use of channel bonding
More subcarriers for higher data rates
Optional short guard intervals to provide more potential throughput in
less reflective environments
Varying modulation types for data rates of up to 600 Mbps
The Media Access Control (MAC) sublayer of the Data Link layer also
provides enhancements to improve performance and throughput with IEEE
802.11n. These include but are not limited to the following:
Frame aggregation for less 802.11 overhead
Block acknowledgments (block ACKs)
Reduced interframe spacing (RIFS)
Spatial multiplexing power save (SMPS) to help conserve the battery life
of the receiver
Power save multi-poll (PSMP) for devices enabled for QoS devices
The IEEE 802.11ac Amendment
The IEEE 802.11ac amendment is an exciting step forward with standardsbased WLAN technology. This new gigabit wireless networking technology is
used with wireless local area networking for both home and enterprise
applications. As technology continues to advance, the users of the connected
devices want more data, they want it faster, and they want it available
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
everywhere. Like the IEEE 802.11a amendment to the standard, 802.11ac
technology operates in the 5 GHz band only and is a Physical layer extension
of IEEE 802.11n, providing backward compatibility with that technology in
the 5 GHz frequency band. IEEE 802.11ac brings the following
enhancements:
Data Rates up to 6.93 Gbps IEEE 802.11ac, Very High Throughput (VHT),
provides the capability of up to 6.93 Gbps of aggregate throughput. The actual
amount of throughput will vary and can be affected by several factors,
including the number of radio chains/spatial streams and antennas.
256-QAM (Quadrature Amplitude Modulation) The modulation and
coding scheme (MCS) concept was introduced with the IEEE 802.11n
amendment. Basically, MCS is a way to represent the data transfer rates with
the newer, more sophisticated technology. The MCS index will vary based on
the technology in place, such as the number of spatial streams, the channel
width, and the short guard interval. IEEE 802.11ac allows for 256-QAM up
from 64-QAM in 802.11n.
Wider Channels Bandwidth with respect to RF can be considered to be a
range of frequencies used for a specific application. IEEE 802.11n increased
the RF channel width from 20 MHz to 40 MHz. This newest amendment to
the standard allows for 80 MHz- and even 160 MHz-wide channels. Wider
channels mean more bandwidth per channel and therefore higher
throughput.
More Spatial Streams The IEEE 802.11n amendment allowed for a
possible maximum of four spatial streams; however, most manufacturers
utilized only three. IEEE 802.11ac will allow for up to eight spatial streams.
More spatial streams means a higher data rate, and this will parlay into
higher throughput.
Multi-user MIMO (MU-MIMO) Until now, IEEE 802.11 technology was
based on unicast communication between two stations, such as a client device
and an access point, or broadcast/multicast communication, such as an access
point to many or all connected stations. IEEE 802.11ac provides multi-user
MIMO (MU-MIMO) for communication. MU-MIMO will allow different
stations (client devices) to send or receive independent data streams
simultaneously using multiple antennas/radio chains.
IEEE 802.11ac is backward-compatible with devices operating in the 5 GHz
band only and will be beneficial for certain types of applications, such as
||||||||||||||||||||
||||||||||||||||||||
streaming video and/or areas that may need additional capacity, and for
minimizing issues in high-density deployments. One thing that is often
overlooked is the actual physical wired infrastructure in which the wireless
access points are connected. It is important to be certain that the wired
infrastructure capacity is available to handle these faster speeds.
The IEEE 802.11ad amendment (Very High Throughput 60 GHz)
was ratified in December 2012. This technology operates in the
unlicensed 60 GHz frequency band and is not backward-compatible with
IEEE 802.11a/b/g/n/ac technology. Because 802.11ad operates at such a
high frequency, it has many limitations and does not propagate well, and
communications may be limited to a very small physical space, such as a
single room. There are a limited number of IEEE 802.11ad chipsets
available that will provide this technology. However, they currently are
not big within the WLAN market or widely available. Some manufacturers
produce network adapters that will work within the 2.4 GHz, 5 GHz, and
60 GHz frequency ranges, but it is important to understand that even
though these adapters will work in all three frequency ranges, the
802.11ad technology is not backward-compatible with 802.11a/b/g/n/ac.
The use of 802.11ad wireless technology includes peer-to-peer or ad hoc
communications for streaming video and other multimedia type uses
within a smaller physical area.
The IEEE 802.11ah amendment allows for wireless LAN
operation in frequency bands below 1 GHz (also called the Sub 1 GHz
band), allowing for long-range, low-power connections using unlicensed
frequency, including the 900 MHz frequency band. The driving force
behind this amendment is the Internet of Things (IoT) devices.
Summary of IEEE 802.11 Communications Standards and
Amendments
It is beneficial to understand all the frequencies, PHY technology, spread
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
spectrum technologies, and data rates for all the IEEE 802.11 standards and
amendments mentioned in this chapter. This will help for certification exam
purposes as well as for basic knowledge of the technology. Table 2.2 provides
a summary and comparison of the currently released IEEE 802.11
communication standards and amendments.
TABLE 2.2 Summary of 802.11 communication standards and amendments
Details
2.4 GHz ISM band
802.11 802.11a 802.11b 802.11g 802.11n 802.11ac
✓
✓
✓
✓
5 GHz UNII
bands
FHSS
✓
DSSS
✓
HR/DSSS
✓
✓
✓
✓
✓
✓
✓
✓
OFDM
✓
✓
✓
ERP-OFDM
✓
✓
HT-OFDM
✓
5.5 and 11 Mbps
6, 9, 12, 18, 24, 36,
48, and 54 Mbps
✓
✓
VHT-OFDM
1 and 2 Mbps
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
Up to 600 Mbps
Up to 6.93 Gbps
✓
Additional IEEE 802.11 Amendments
In addition to communications, the IEEE creates amendments defining
specific functionality, including QoS and security. We will look at those
functions next.
The IEEE 802.11e Amendment
The original IEEE 802.11 standard lacked QoS functionality features. In the
original IEEE 802.11 standard, point coordination function (PCF) mode
||||||||||||||||||||
||||||||||||||||||||
provided some level of QoS. PCF mode is a function of the access point and
allows for polling of connected client devices. This creates a contention-free
period for data transmissions and provides QoS-like functionality. However,
few if any 802.11 wireless manufacturers implemented this mode of
operation.
The IEEE 802.11e amendment defined enhancements for QoS in WLANs.
802.11e introduced a new coordination function, the hybrid coordination
function (HCF). HCF defines traffic classes and assigns a priority to the
information to be transmitted. For example, voice traffic is given a higher
priority than data traffic, such as information being sent to a printer. The
IEEE 802.11e amendment was incorporated into the IEEE 802.11-2007
standard and is now part of the IEEE 802.11-2016 standard. The Wi-Fi
Alliance created a proactive interoperability certification for 802.11e called
Wi-Fi Multimedia (WMM). The Wi-Fi Alliance and interoperability
certifications are discussed later in this chapter.
The IEEE 802.11i Amendment
The IEEE 802.11i amendment addresses advanced security solutions for
WLANs, since the original IEEE 802.11 standard was known for security
weaknesses. Manufacturers of IEEE 802.11 WLAN equipment addressed the
following:
Wired Equivalent Privacy (WEP)
Service set identifier (SSID) hiding
Media access control (MAC) address filtering
Wired Equivalent Privacy (WEP) was defined by the IEEE 802.11 (1999)
standard intended to prevent casual eavesdropping. WEP was compromised
early on, making WLANs vulnerable to intrusion and providing little if any
security. This issue was addressed by stronger security mechanisms (mainly
CCMP/AES, which stands for Counter Mode with Cipher-Block Chaining
Message Authentication Code Protocol /Advanced Encryption Standard) that
became available with the introduction of the IEEE 802.11i amendment to the
standard.
Service set identifier (SSID) hiding and media access control (MAC) address
filtering are both manufacturer-implemented features that may be used by
some for “pseudo” security. It is important to understand that neither of
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
these provides any kind of security for an IEEE 802.11 wireless network. MAC
address filtering provided a user the ability to allow or disallow device access
to a wireless network based on the assigned Layer 2 address of the device.
WEP, SSID hiding, and MAC filtering all have known security vulnerabilities,
allowing for security weaknesses in IEEE 802.11 WLANs. The IEEE 802.11i
amendment addressed security weaknesses with WLANS by including several
enhancements, all of which will be discussed in Chapter 8, “Security
Fundamentals for Wireless Networking.” The IEEE 802.11i amendment was
incorporated into the IEEE 802.11-2007 standard and is now part of the IEEE
802.11-2016 standard.
The IEEE 802.11r Amendment
The IEEE 802.11r amendment was approved in May 2008. The 802.11r
amendment specifies fast secure roaming or fast transition (FT) technology.
The IEEE 802.11 standard did not address standards-based transition
(roaming) mechanisms, so manufacturers used proprietary methods. The
IEEE attempted to standardize transition techniques for WLAN technology
with the ratification of a recommended practice, IEEE 802.11F. This
recommended practice was never implemented by many (if any)
manufacturers and was eventually withdrawn by the IEEE.
The main goal of IEEE 802.11r was to provide fast transition for voice over IP
(VoIP) with WLAN technology. Although this amendment has been ratified
for some time and most enterprise equipment manufacturers support it, they
still rely on the use of proprietary methods for fast transition. This is partly
because there was no interoperability certification from the Wi-Fi Alliance
until recently. Additionally, there are other technical requirements such as
support on both infrastructure and the client device sides for this technology
to operate correctly. The IEEE 802.11r amendment was incorporated into the
IEEE 802.11-2012 standard and is now part of the IEEE 802.11-2016 standard.
The IEEE 802.11k Amendment
IEEE 802.11k is the amendment to the IEEE 802.11 standard that addresses
radio resource management. This amendment was approved in May 2008, the
same day as the IEEE 802.11r amendment. 802.11k and 802.11r work together
to form fast, secure basic service set (BSS) transition for mobile devices. IEEE
802.11k aids the wireless device in locating the best access point to transition
to, by defining the technology to be used to manage the RF. The IEEE 802.11k
||||||||||||||||||||
||||||||||||||||||||
amendment was incorporated into the IEEE 802.11-2012 standard and is now
part of the IEEE 80211-2016 standard.
The IEEE 802.11v amendment, now part of IEEE 802.11-2016 standard,
addresses management of devices that are connected to a wireless network
and are part of a basic service set. Along with IEEE 802.11r and IEEE 802.11k,
IEEE 802.11v is required by the Wi-Fi Alliance to qualify for Wi-Fi certified
voice certifications. It is also important to note both the access point and
client device need to be Wi-Fi certified for voice in order to benefit from the
technology.
The IEEE 802.11w Amendment
WLAN management frames—such as the 802.11 authentication frames and
802.11 association frames used in IEEE 802.11 WLANs—are susceptible to
intrusion and can cause security issues. This is because the IEEE 802.11
standard did not provide any protection for management frame information
that traverses the air. With some basic knowledge of the technology and the
correct software tools, an intruder can perform a denial-of-service (DoS) or
hijacking attack. When implemented, technology specified in the IEEE
802.11w amendment helps to mitigate these types of attacks or security
issues. This technology is still not yet implemented by most organizations
mostly due to the requirements and other technical issues such as the effect
on wireless intrusion prevention systems (WIPS) mitigation features. The
IEEE 802.11w amendment was incorporated into the IEEE 802.11-2012
standard and is now part of the IEEE 802.11-2016 standard.
The IEEE 802.11s Amendment
The IEEE 802.11s amendment specifies wireless mesh networking. Mesh
networking with wired networking has been available for many years.
Wireless mesh networking started with military deployments but has evolved
into the public sector. Mesh networking allows infrastructure devices such as
wireless access points or mesh routers to create a self-forming, self-healing
and intelligent network infrastructure. A wireless mesh network is sometimes
referred to as a wireless distribution system (WDS). Most manufacturers of
enterprise wireless equipment have been using mesh technology for years
with proprietary protocols. Although the IEEE has ratified the standard for
this technology, most manufacturers still use proprietary methods. Mesh
technology will be discussed further in Chapter 3, “Infrastructure and Client
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Devices for Wireless Networking.” The IEEE 802.11s amendment was
incorporated into the IEEE 802.11-2012 standard and is now part of the IEEE
802.11-2016 standard.
||||||||||||||||||||
||||||||||||||||||||
Interoperability Certifications
By creating standards, the IEEE is encouraging technological progress.
Manufacturers often implement wireless devices and networks in a
proprietary manner, within or outside the standard. The proprietary approach
often leads to a lack of interoperability among devices. In the wireless
community, such practices are not widely accepted. Users want all their
devices to function well together. The combination of proprietary
implementations and user dissatisfaction fostered the creation of
interoperability testing and certifications.
This section discusses manufacturer interoperability certifications related to
IEEE 802.11 standards-based WLAN equipment. These certifications address
communications, QoS, and security.
The Wi-Fi Alliance
The IEEE is responsible for creating the standards for wireless networking.
Equipment manufacturers, however, are not required to provide proof that
their equipment is compliant with the standards. Starting with the release of
the IEEE 802.11b amendment, several early WLAN equipment manufacturers
—including Symbol Systems, Aironet, and Lucent—formed an organization
known as Wireless Ethernet Compatibility Alliance (WECA) to promote the
technology and to provide interoperability testing of WLAN equipment
manufactured by these and other companies. In 2000, WECA was renamed
the Wi-Fi Alliance. The term Wi-Fi represents a certification and is often
misused by people in the industry. Wi-Fi is a registered trademark, originally
registered in 1999 by WECA and now registered to the Wi-Fi Alliance. People
often use the term Wi-Fi synonymously with WLAN technology; in fact it
means wireless technology certified to be interoperable.
For additional information about the Wi-Fi Alliance, visit
www.wi-fi.org or www.wi-fi.com.
Figure 2.7 shows an example of a Wi-Fi certified logo, showing the device has
met the interoperability testing criteria.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.7 Wi-Fi Certified logo for devices that are Wi-Fi certified
The Wi-Fi Protected Access Certification
The Wi-Fi Protected Access (WPA) certification was developed by the Wi-Fi
Alliance because security in the original IEEE 802.11 standard was weak and
had vulnerabilities. This certification was designed as an interim solution
until an amendment to the IEEE 802.11 standard addressing security
improvements was released. The IEEE 802.11i amendment addressed security
for the IEEE 802.11 family of standards. The bottom line is that WPA is a pre802.11i certification, introducing more advanced security solutions such as
Temporal Key Integrity Protocol (TKIP), passphrase, and 802.1X/EAP.
This pre-802.11i certification addressed two options for WLAN security:
personal mode and enterprise mode. Personal mode is intended for small
office/home office (SOHO) and home users. Enterprise mode is intended for
larger deployments. Personal mode allows for a user to enter an 8- to 63character passphrase (password) on either the access point or another
infrastructure device, such as a WLAN controller and all the devices that are
connected to the infrastructure device. Enterprise mode, on the other hand,
provides user-based authentication utilizing 802.1X/EAP. Both personal and
enterprise modes are discussed in more detail in Chapter 8.
The Wi-Fi Protected Access 2 Certification
The WPA certification by the Wi-Fi Alliance worked out so well that the
alliance decided to certify WLAN hardware after the IEEE 802.11i amendment
was released. This new certification, known as Wi-Fi Protected Access 2 (WPA
2.0), is a post-802.11i certification. Like WPA, WPA 2.0 addresses two options
for WLAN security: personal mode and enterprise mode. This certification
addresses more advanced security solutions and is backward-compatible with
WPA. The following is a preview of its key points; we will look at both WPA
||||||||||||||||||||
||||||||||||||||||||
and WPA 2.0 in more detail in Chapter 8.
The personal mode security mechanism uses a passphrase for
authentication, which is intended for SOHO and personal use. The use of a
passphrase to generate a 256-bit pre-shared key provides strong security.
Personal mode may also be identified as pre-shared key (PSK).
The enterprise mode security mechanism uses 802.1X/EAP for user-based
authentication, which is port-based authentication and is designed for
enterprise implementations. 802.1X/EAP provides strong security using
external authentication and Extensible Authentication Protocol (EAP).
802.1X/EAP uses an authentication server for the user authentication.
Remote Authentication Dial-In User Service (RADIUS) is a common
authentication server. This works well as a replacement for legacy IEEE
802.11 security solutions.
Table 2.3 provides a high-level description of the WPA and WPA 2.0
certifications.
TABLE 2.3 Details of the WPA and WPA 2.0 certifications
Wi-Fi Alliance Security
Mechanism
Authentication
Mechanism
Encryption
Mechanism/Cipher
WPA - Personal
Passphrase
TKIP/RC4
WPA - Enterprise
802.1X/EAP
TKIP/RC4
WPA 2.0 - Personal
Passphrase
CCMP/AES or
TKIP/RC4
WPA 2.0 - Enterprise
802.1X/EAP
CCMP/AES or
TKIP/RC4
Temporal Key Integrity Protocol (TKIP)
Rivest Cipher 4 (RC4) named after Ron Rivest of RSA Security
Counter Mode with Cipher-Block Chaining Message Authentication Code Protocol (CCMP)
Advanced Encryption Standard (AES)
Encryption mechanisms and ciphers will be discussed further in
Chapter 8.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The Wi-Fi Multimedia Certification
The Wi-Fi Multimedia (WMM) certification was designed as a proactive
certification for the IEEE 802.11e amendment to the 802.11 standard. The
802.11e amendment addresses QoS in WLANs. The WMM certification
verifies the validity of features of the 802.11e amendment and allows for a
manufacturer-neutral approach to QoS.
QoS is needed to ensure delivery of information for time-sensitive, timebounded applications, such as voice and real-time streaming video. If a
wireless network user were to send a file to a printer or save a file to a server,
it is unlikely they would notice any minor delay, or latency. However, in an
application that is tuned to the human senses such as hearing or eyesight,
latency would more likely be noticeable.
Wi-Fi Multimedia Power Save Certification
Wi-Fi Multimedia Power Save (WMM-PS) is designed for mobile batterypowered devices and specific uses of WLAN technology that require advanced
power-save mechanisms for extended battery life. Here are some of these
devices and technology that benefit from WMM-PS:
Voice over IP (VoIP) phones
Notebook computers
Tablet devices
Power-save mechanisms allow devices to conserve battery power by “dozing”
for short periods of time. Depending on the application, performance could
suffer to some degree with power-save features enabled. WMM-PS consumes
less power by allowing devices to spend more time in a “dozing” state—an
improvement over legacy power save mode that at the same time improves
performance by minimizing transmission latency. Unlike the early standardbased power save mode, which uses a scheduled timing process to doze, a
device that is WMM PS-enabled will doze based on whether it needs to send
or receive data frames. This is known as a trigger and delivery method where
the client device will be in an “awake” state as needed to either send or
receive data frames to and from an access point.
Wi-Fi Protected Setup Certification Overview
Wi-Fi Protected Setup (WPS) was defined because SOHO users wanted a
||||||||||||||||||||
||||||||||||||||||||
simple way to provide the best security possible for their installations without
the need for extensive technical knowledge of wireless networking. WPS
provides strong out-of-the-box setup adequate for many SOHO
implementations.
The WPS certification requires support for two types of authentication that
enable users to automatically configure network names and strong WPA2
data encryption and authentication:
Push-button configuration (PBC)
PIN-based configuration, based on a personal identification number
Support for both PIN and PBC configurations is required for access points;
client devices at a minimum must support PIN. A third, optional method,
near field communication (NFC) tokens, is also supported.
Security Hole with WPS
In December 2011 a security flaw was reported with WPS. This allegedly
allowed an intruder to recover the personal identification number (PIN)
used to create the 256-bit pre-shared key. Acquiring the PIN would allow
access to the wireless network. Wherever possible, it is recommended
that users disable certain features in the wireless router or access point
that allow this to happen. A firmware update may also be available to
provide adequate protection. Keep in mind that this solution to the issue
may only be possible with newer-model wireless routers. You should
check with the manufacturer to determine if a solution (either a software
setting or firmware upgrade) is available for a specific device. Otherwise,
consider a different method such as WPA2.0 to secure the wireless router.
Upgrading to a newer wireless router is another possible solution.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Common Wireless Local Area Network Deployment
Scenarios
The availability and technology enhancements of IEEE 802.11 wireless
networking have increased while the cost continues to decrease, making
WLANs a viable solution for many business models, including personal use,
home offices, small offices, and enterprise organizations. This section looks at
various scenarios in which this type of wireless networking is used. We’ll
explore some of the following more common deployment scenarios that
utilize WLANs:
Small office/home office (SOHO)
Enterprise deployments: corporate data access and end-user mobility
Extension of existing networks into remote locations
Public wireless hotspots (public Wi-Fi) and hospitality
Office (carpeted) deployments
Educational institution deployments
Industrial deployments
Healthcare deployments
Last-mile data delivery: wireless ISP
High-density deployments including conference centers
Other deployments, including municipal, law enforcement, and
transportation networks
Small Office/Home Office
Many small office/home office (SOHO) businesses have the same needs as
those of larger businesses with regard to technology, computer networking,
and communication. These common needs, regardless of the network size,
include access to a common infrastructure for resources such as computer
data (files), printers, databases, other networks, and the Internet. Computer
networking technology is common regardless of the size of the business.
Whether there are 1 or 100 employees, many are categorized as small
businesses. WLANs now play a major role in small businesses. Many of these
locations have a high-speed Internet connection such as DSL (digital
||||||||||||||||||||
||||||||||||||||||||
subscriber line) or cable modem for access outside the LAN.
With the number of work-at-home professionals continuing to grow at a very
high rate, the need for wireless networking in this environment is also
continuing to grow. The same goes for the small office environment.
Deployments such as these typically involve a smaller number of users.
Therefore, the equipment used may be consumer models sold in consumer
electronics department stores and online retailers.
In addition, many companies or organizations now allow for employees to
work remotely part or full time. In these cases the company network is now
extended to the remote location, which, whether it is a home office or other
location, may be considered a branch office of the company’s corporate
network. When WLAN technology is used at a remote location, new concerns
arise, such as data security and network availability. Depending on the size of
the small office/home office and the number of potential users and devices, a
WLAN RF site survey may be required. A site survey will help determine
areas of RF coverage and interference as well as the number and placement of
access points. Even if the small office/home office will only require a single
access point, it is still beneficial to know what other wireless networks or
devices are in the same coverage area that may cause RF interference.
Figure 2.8 shows a SOHO configuration with a WLAN router connected to an
Internet service provider allowing access to the necessary network/Internet
resources.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.8 Example of a SOHO WLAN configuration
Enterprise Deployments: Corporate Data Access and End-User
Mobility
Enterprise organizations have used wired LAN technology for decades. With
the increased need for mobility, WLANs within enterprise organizations have
also increased in popularity. In earlier years, due to lack of interoperability
and security features, many enterprise organizations limited WLAN
deployments to extensions of networks where wired connectivity was either
not feasible or too costly. Because of advancements in WLAN technology over
the recent years, IEEE 802.11 deployments in enterprise organizations are
continuing to grow at a rapid pace.
WLANs in the enterprise are used with—but not limited to—client
workstation connectivity (desktop, notebook, and tablet devices), printers,
barcode scanners, voice handsets, and location services. The cost of this
technology has decreased, whereas capabilities, performance, speed, and
security have increased, making wireless an attractive solution for many
enterprise organizations. The cost savings over hardwired solutions such as
Ethernet are enormous, adding to the attractiveness. Finally, wireless
connectivity is the only option in some cases, such as mobile Voice over Wi-Fi
handsets for voice communications.
Figure 2.9 shows a floor plan drawing of an office area that may include a
||||||||||||||||||||
||||||||||||||||||||
wireless deployment. Each individual or shared office would contain one or
two networked desktop computers and phones, and many would also have
laptops. Printers might be located in centrally located common areas
accessible to the individuals who have permissions to use them. The
conference room might contain a videoconferencing system and an access
point depending on the number of available seats, and the reception area
might have wireless guest access for vendors or other visitors not belonging
to the company or organization. Connecting all these networked devices to
each other and the outside world are the wireless access point and other
WLAN infrastructure discussed in Chapter 3; these will be located throughout
the facility based on the wireless network design to provide coverage and
capacity for all wireless devices.
FIGURE 2.9 Floor plan of a typical office area that may use IEEE 802.11
WLAN technology
Extension of Existing Networks into Remote Locations
In its early days, wireless networking technology was typically deployed as an
extension of an existing wired network infrastructure. For example, some
users who required access to the computer network were farther than the
physical limit of 100 meters that the IEEE 802.3 Ethernet standard allows for
a copper-wired connection, so other solutions were needed to provide this
connectivity. Other wired technology, such as fiber optics and leased lines,
was sometimes cost-prohibitive or not logistically feasible. WLANs were an
excellent alternative.
Now IEEE 802.11 WLANs are a major part of every network, including home,
corporate, and branch/remote locations. Remote network locations may
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
include the SOHO, branch office locations, public wireless hotspots, and
wireless Internet service providers (WISPs). When a user connects to a
corporate office network from any of these scenarios, the network is basically
being extended to a remote location. This extension should be treated as such
with regard to network, security, availability, and performance. This chapter
discusses each of these deployment scenarios in more detail.
Public Wireless Hotspots (Public Wi-Fi) and Hospitality
Portability and mobility are major benefits of wireless networking. Portability
allows users to access information from a variety of locations, either public or
private. Mobility allows the continuous connection to a wireless network
while a device is on the move. One example of portability is the wireless
hotspot. In today’s world, it is rare to visit any public location, whether a
restaurant, hotel, coffee shop, or airport, and not be able to find a public
wireless hotspot.
A wireless hotspot is defined as a location that offers wireless network
connectivity for free or for-profit public or patron services. It allows a variety
of mobile devices (computers, tablets, smart phones, and so on) to connect to
and access public Internet and private network resources. Many users work
from remote locations and require Internet access as part of their job. This
can include access from a wireless hotspot.
A typical wireless hotspot will be configured with at least one WLAN router
connected to an ISP. In some cases, this setup could be as simple as a location
offering free Wi-Fi Internet access for its customers. More sophisticated
hotspots will have several wireless access points or a complete wireless
infrastructure and will be connected to a remote billing server that is
responsible for collecting revenue from the user.
In many cases, when a user connects to the hotspot router, they will be
prompted with a web page for authentication. At this point they might be
asked to enter information such as an account number, username and
password, or a credit card number to allow usage for a limited period of time.
In the case of a free hotspot, typically this web page lists terms and conditions
the user agrees to prior to accessing the Internet. This type of web page
configuration is known as a captive portal. Captive portals are discussed in
more detail in Chapter 8.
Wireless hotspots can raise security concerns for the user. Without a secure
||||||||||||||||||||
||||||||||||||||||||
connection in place, information is passed in cleartext through the air via RF,
potentially allowing an intruder to capture usernames, passwords, credit card
numbers, or other information that could lead to identity theft. Most hotspots
do not have the capability to provide a secure wireless connection from the
user’s computer or wireless device to the wireless router or network. The
secure connection then becomes the responsibility of the user. Since many
corporations allow employees to work remotely from wireless hotspot
connections, extra security measures need to be explored and implemented.
In this case, usually a virtual private network (VPN) is used to ensure
security. A VPN creates a secure tunnel between the user and the corporate
network, allowing for a secure encrypted connection for the user from the
wireless hotspot to their corporate network over the Internet or public
network.
For users who connect to wireless hotspots, it is very important for their
wireless devices to be secured with the appropriate antivirus software,
firewall software, and up-to-date operating system patches or service packs.
Following these guidelines can help protect the user from attacks when they
are connected to and using a wireless hotspot.
Figure 2.10 shows a simple wireless hotspot implementation.
FIGURE 2.10 Wireless hotspot allows users to connect to the Internet from
remote locations.
Office (Carpeted) Deployments
Computer networking in traditional office space (or “carpeted offices”) now
relies on wireless technology to a large extent. This is for several reasons:
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Cost
Portability
Mobility
Convenience
Many offices have an existing wired network infrastructure, and I do not
expect that to go away any time soon. In most cases copper wire for Ethernet
connectivity is already in place and is adequate for the intended use.
However, the cost to upgrade the copper wiring or install new wired network
drops can be expensive. Therefore, WLAN technology is an attractive
alternative to wired networks in many office deployment scenarios. What we
are now seeing in the enterprise is a new era of wireless networks by default
and wired networks only as required. Depending on the use of the network—
that is, the types of software applications and the number of devices requiring
connectivity—wireless may be the best solution simply because of the cost.
Without trying to set firm limits, it is common to connect as many as 20–25
users/devices to a single wireless access point. However, the maximum size
depends on the software or other applications and the number of devices
connected. A major benefit of IEEE 802.11 WLAN technology is that an access
point will require only a single Ethernet drop to support all the devices or
users. Of course, don’t forget that an access point is part of a shared medium
for everything that connects, and performance and throughput can be an
issue if proper design practices are not used.
Again, remember the difference between portability and mobility. Portability
allows users to access information from a variety of set locations, and
mobility allows a continuous connection to a wireless network while the
device is moving. Carpeted offices may have a need to provide support for
both portability and mobility. For the user who moves from an office cubicle
to a conference room to attend a meeting, portability will be sufficient. In this
situation they will probably shut down their mobile device, such as a laptop
computer, and carry it to a conference room for the meeting. Restarting the
computer will then require the device to reconnect to the wireless network—
hence, portability.
Devices such as mobile phones using VoIP or tablet devices usually require
continuous connectivity to the wireless network while the user/device is in
motion. This mobility feature allows uninterrupted communications and a
||||||||||||||||||||
||||||||||||||||||||
pleasant experience for the user. Both portability and mobility provide the
convenience network that people desire. Figure 2.11 shows a common office
scenario.
FIGURE 2.11 Office with conference area and cubicle offices
Educational Institution Deployments
Educational institutions can benefit from wireless networking in many ways.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
WLAN deployments are common in elementary and high schools both public
and private. Universities deploy campus-wide WLANs amounting to
thousands of access points servicing tens of thousands of users on a single
campus.
WLAN technology allows for increased mobility in the educational
environment, providing huge cost savings when technology needs to be
refreshed. Mobile carts with notebook computers are one example. A high
school can deploy wireless infrastructure devices such as access points in
classrooms and purchase several mobile carts with notebook or tablet
computers to be used when and where needed. This is beneficial since it will
save on supplying many classrooms with computers when continuous need
for the computers or devices may be low. Some school buildings may be older
or historic buildings and installing cabling is impossible or cost-prohibitive.
Wireless provides the solution. The architecture of many school buildings
may also pose concerns that need to be addressed with many wireless
network deployments. These include building materials, such as the
following:
Brick and concrete walls
Lath and plaster walls
Inconsistent materials due to building additions
These materials may cause issues because the RF may not propagate well
depending on the density and composition of the building materials. This
means potentially additional wireless access points and extra design
considerations.
In addition, there may be modular or temporary classrooms; the issue with
these is the density of devices and users, which will affect the wireless
network capacity and may result in performance issues. Also, the location and
distance from the main building should be taken into consideration because
this equates to a point-to-multipoint connection, and line of sight needs be
taken into account.
Some educational institutions are implementing a “one-to-one” initiative—in
other words, the goal is to have one Internet-accessible device for every one
student. This type of initiative will introduce density concerns because of the
potentially high number of students in a single classroom. Educational
institutions, whether an elementary school, a high school, or a college
||||||||||||||||||||
||||||||||||||||||||
campus, should always consider starting with an RF wireless site survey and
follow best practices from the equipment manufacturer to ensure a successful
deployment. Figure 2.12 shows a typical small school environment.
FIGURE 2.12 Classrooms for WLAN deployment
Industrial Deployments
Some industrial organizations have been using WLAN technology for many
years, even prior to the development of IEEE 802.11 wireless standards-based
solutions. Examples of these deployments include barcode and scanning
solutions for manufacturing, warehousing, inventory, and retail. Although
this type of deployment may not be very dense, coverage is very important.
Many businesses of this type include the following building characteristics:
High ceilings
Tall storage racks
Large inventory of product
Forklifts
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
These building characteristics can cause issues with wireless networks
because of the way RF propagates. With high ceilings, various antennas will
need to be tested and coverage verified throughout the facility. Tall storage
racks may have varying levels of inventory or product, resulting in poor
propagation. Depending on what the products are made of, this will have a
direct impact on the RF behavior. For example, a high density of water
products and paper products will absorb RF. In many cases, forklifts will be
outfitted with wireless barcode scanners or other mobile devices that require
the ability for fast secure transition capabilities.
In this type of environment, it is important to understand that RF will behave
in ways that could impact the performance of the wireless network. Chapter 4
will explain the behaviors of RF in more detail. These behaviors can lead to
coverage issues for the devices in use. Careful evaluation of this type of
environment is essential, and an RF site survey is highly recommended to
ensure proper RF coverage.
The physical characteristics of this type of environment are fairly static,
although additional racks or shelving may occasionally be added. However,
product inventory is dynamic and may change constantly. Moreover, forklifts
and other product-moving equipment are constantly moving and in different
locations. These are some of the factors that must be taken into consideration
when deploying wireless networking in an industrial environment. Figure
2.13 shows a typical warehouse facility with 35-foot-high ceilings.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.13 Warehouse facility with high ceilings and storage shelving
inside
Healthcare Deployments
The growth of WLAN deployments in the healthcare industry is quite
impressive. Today, healthcare is one of the fastest-growing sectors of the U.S.
economy. Healthcare environments pose many challenges for the design,
deployment, and support of wireless networking.
Hospitals in most cases run 24 × 7 × 365 days a year. WLANs have numerous
applications in hospitals, including these:
Patient registration
Patient charting
Prescription automation
Treatment verification
Inventory tracking
Electronic medical records
Location services
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Electronic imaging
Voice (VoWLAN)
Patient monitoring devices
One of the obstacles to take into consideration for wireless networking is
interference. Hospitals use many devices that operate in the unlicensed ISM
RF band. This can create challenges for design and reliability of the wireless
network. Licensed and unlicensed RF bands are discussed in the “Licensed RF
Bands Used with IEEE 802.11” section in this chapter. Other potential issues
for healthcare deployments to be aware of include the following:
Building materials that can hinder RF propagation, such as lead-lined
walls used in radiology areas to protect people from X-rays
Identical floor layouts above and below, which leads to stacking access
point issues
Limited accessibility to areas such as surgery and patient care rooms
Aesthetics of the installed equipment
Compliance with legislation such as the Health Insurance Portability and
Accountability Act of 1996 (HIPAA) also needs to be taken into consideration
when designing wireless installations for healthcare. Security concerns and
different legislations will be discussed in Chapter 8. Figure 2.14 illustrates a
common medical office that uses WLAN technology.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 2.14 Medical offices often use WLAN technology
Last-Mile Data Delivery: Wireless ISP
Last-mile data delivery is a term commonly used in telecommunications to
describe the connection from a provider to an endpoint such as a home or
business. (Last-mile is not necessarily a mile in distance.) This can be a costly
solution in many applications, since each endpoint needs a separate physical
connection. Wireless technology provides a more cost-effective solution for
last-mile data delivery.
Some communication technologies, such as DSL, have physical limitations
that prohibit connections in some cases. It may not be cost-effective for
telecommunication service providers to supply connections in rural or semirural areas. WLANs can service areas that may not be part of a last-mile run.
Providing Internet access from a wireless ISP is one application. Things to
consider for feasibility are line of sight, obstacles, and RF interference. Figure
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
2.15 shows an example of wireless last-mile data delivery.
FIGURE 2.15 Wireless last-mile data delivery
In December 2009, the 802.11 task group TGaf was formed to define the
802.11af amendment (not to be confused with IEEE 802.3af for Power over
Ethernet). This amendment to the 802.11 standard addresses the use of “TV
White Space” frequency bands for use with wireless networking technology.
These lower frequencies propagate well over longer distances and may be
ideal to provide Internet connectivity for rural or semi-rural areas as well as
other types of wireless technology innovation.
High-Density Deployments Including Conference Centers
What does the term “high-density Wi-Fi deployment” really mean? People
have differing opinions on this, as it can be subjective. Some industry experts
claim that in the next few years the number of installed wireless devices will
exceed the number of installed wired devices. When you think about it, this
projection may be realistic. Take a moment and count the number of wireless
devices that you have in your possession, at your home, the classroom, and
the office. This includes notebook computers, smart phones, tablets, and
broadband Internet devices. The average person may have between one and
five separate wireless devices, many of which include IEEE 802.11 wireless
technology. This gives an idea of how the density of WLAN devices in all
environments—home, office, education, and industrial—will continue to
increase in the coming years.
||||||||||||||||||||
||||||||||||||||||||
Some high-density deployments have been discussed in this chapter and
include educational institutions and medical facilities such as hospital
environments. Issues to consider in this type of environment are the
frequency band to use, co-channel interference, cell sizing, and access point
capacity.
A future amendment to the standard (IEEE 802.11ax) is intended for high
density deployments and will allow for better performance and higher
signaling rates to provide faster data transfers and higher throughput using
1024-QAM technology.
Municipal, Law Enforcement, and Transportation Networks
WLANs are valuable technology in the industrial, municipal, and law
enforcement fields, and in transportation networks.
Federal and local law enforcement agencies frequently maintain state-of-theart technology utilizing computer forensics and WLAN technology.
Technologies that use 19.2 Kbps connectivity are obsolete because of their
slower data transfer rates. Municipal deployments, which include police, fire,
utilities, and city or town services, are often all connected to a common
WLAN.
Transportation networks are no exception. WLAN installations are becoming
more common in places like commuter buses, trains, airplanes, and
automobiles. Users can connect for free or by paying a nominal fee. This type
of connectivity now allows a user to better employ idle time. This is especially
helpful to the mobile user or “road warrior” who needs to make the best use
of available time.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Summary
This chapter discussed wireless networks, including the wireless personal
area network (WPAN), the wireless local area network (WLAN), the wireless
metropolitan area network (WMAN), and the wireless wide area network
(WWAN), showing the many ways wireless networks can be implemented.
The IEEE is an organization that creates standards and amendments used for
IEEE 802.11 WLAN technology. This chapter described the released
communication standards, including:
IEEE 802.11a
IEEE 802.11b
IEEE 802.11g
IEEE 802.11n
IEEE 802.11ac
IEEE 802.11ad
IEEE 802.11ah
Amendments that addressed QoS, security, fast transition, radio resource
management, and management frame protection were also discussed. The
IEEE creates standards based on RF regulations. We also looked at RF
regulatory domain governing bodies and their role in regulation of the RF
spectrum used for IEEE 802.11 wireless networking.
The Wi-Fi Alliance is an organization addressing interoperability testing for
equipment manufactured to the IEEE standards. This testing results in a
variety of certifications for
Communication
QoS
Security
This chapter also discussed many applications in which WLANs are currently
used, from SOHO to corporate deployments and last-mile connectivity.
Standards-based wireless deployments continue to grow at a fast pace, adding
new installations or replacing proprietary and legacy-based implementations.
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Understand the function and roles of organizations that are
responsible for the regulation and development of WLAN
technology. The IEEE, FCC, ETSI, ITU-R, and Wi-Fi Alliance play important
roles with wireless technology. Know the function and role of each
organization.
Know the frequency ranges, data rates, spread spectrum, and PHY
technologies for IEEE 802.11 communication standards. Understand
the details of the 802.11, 802.11b, 802.11a, 802.11g, 802.11n, and 802.11ac
standards and amendments. It is important to know the supported data rates
and operating RF of each.
Know the purpose of IEEE specific-function amendments. Be
familiar with the details of 802.11e and 802.11i function amendments. Know
that 802.11e is for QoS and 802.11i addresses security.
Understand the differences among interoperability certifications by
the Wi-Fi Alliance. Know the purpose of the WPA, WPA 2.0, WMM,
WMM-PS, and Wi-Fi Alliance certifications. Understand which address
security, QoS, and power-save features.
Understand details of common WLAN applications. These common
WLAN applications can include SOHO, corporate data access, end-user
mobility, and building-to-building connectivity.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. Point-to-point links typically use which antenna types? (Choose two.)
A. Semidirectional
B. Omnidirectional
C. Highly directional
D. Long-range omnidirectional
2. Point-to-multipoint links consist of ____________ or more
connections.
A. Two
B. Three
C. Four
D. Five
3. IEEE 802.11ac devices use an enhanced radio technology known as
multiple-input multiple-output (MIMO). Which statement correctly
describes a benefit of MIMO?
A. MIMO uses reflections to allow for increased throughput.
B. MIMO rejects reflections to allow for increased throughput.
C. MIMO uses a single radio with diversity technology for increased
throughput.
D. MIMO rejects data rates less than 54 Mbps for increased throughput.
4. What organization is responsible for unlicensed frequency band
regulation in the United States?
A. ETSI
B. Wi-Fi Alliance
C. IEEE
D. FCC
E. WPA
5. IEEE 802.11g WLANs operate in what frequency range?
||||||||||||||||||||
||||||||||||||||||||
A. 900 MHz
B. 5.15-5.25 GHz
C. 5.25-5.35 GHz
D. 2.4-2.5 GHz
6. Which of the following organizations is responsible for validating WLAN
standards interoperability testing?
A. FCC
B. ETSI
C. IEEE
D. WPA2
E. Wi-Fi Alliance
7. IEEE 802.11a uses which PHY technology?
A. ERP-OFDM
B. HR/DSSS
C. OFDM
D. FHSS
8. 802.11b is capable of which of the following data rates? (Choose three.)
A. 1 Mbps
B. 6 Mbps
C. 5.5 Mbps
D. 11 Mbps
E. 12 Mbps
9. 802.11g is backward-compatible with which of the following IEEE WLAN
standards? (Choose two.)
A. 802.11 DSSS
B. 802.11a OFDM
C. 802.11a ERP-OFDM
D. 802.11b HR/DSSS
Technet24.ir
||||||||||||||||||||
E. 802.3af
10. In the 802.11a amendment, the UNII-3 band is intended to be used for
which of the following WLAN applications?
A. Indoor and outdoor.
B. Outdoor only.
C. Indoor only.
D. The UNII-3 band cannot be used for WLANs.
11. The 802.11i amendment to the standard addresses which of the following
technologies?
A. QoS
B. DSSS
C. Security
D. MIMO
12. Which of the following best describes the Wi-Fi Alliance?
A. U.S.-based standards organization
B. Interoperability testing organization
C. Works with the FCC to verify compliance
D. Local regulatory body for Europe
13. Which of the following is addressed by the Wi-Fi Multimedia (WMM)
certification?
A. Security/encryption
B. Fast transition
C. Management frame protection
D. QoS
14. Wi-Fi Protected Setup was designed for which of the following wireless
applications?
||||||||||||||||||||
A. SOHO organizations
B. Enterprise organizations
||||||||||||||||||||
C. FCC interoperability
D. Security organizations
15. The 802.11g amendment to the standard uses which two Physical layer
technologies? (Choose two.)
A. FHSS
B. OFDM
C. ERP-OFDM
D. DSSS
E. MIMO
16. WPA was developed as an interim solution for which amendment to the
802.11 standard?
A. 802.11a
B. 802.11n
C. 802.11e
D. 802.11i
E. 802.11g
17. Which of the following is correct regarding 802.11e?
A. Operates only in the 5 GHz frequency range
B. Operates only at 1, 2, 5.5, and 11Mbps
C. Addresses wireless security
D. Addresses wireless QoS
18. According to the 802.11a amendment, which of the following data rates
are mandatory?
||||||||||||||||||||
A. 1, 2, 5.5, and 11 Mbps
B. 6, 24, and 54 Mbps
C. 6, 9, 12, 18, 24, 36, 48, and 54 Mbps
D. 6, 12, and 24 Mbps
E. 1, 6, 12, and 24 Mbps
Technet24.ir
||||||||||||||||||||
19. You support a wireless network for an office of five employees. The
installation consists of one access point, three notebook computers, and
two desktop computers. The access point and computers in the office have
wireless adapters that are Wi-Fi WPA 2.0 certified. You want to use the
highest level of security possible without additional cost or
administration. Which of the following solutions would be best for this
deployment? (Choose two.)
A. WEP
B. WPA 2.0 personal
C. WPS
D. WMM
E. WPA 2.0 enterprise
20. Which two of the following options are available for Wi-Fi Protected
Access 2 (WPA 2.0)?
||||||||||||||||||||
A. Personal mode
B. Protection mode
C. Professional mode
D. Enterprise mode
E. WPA 2 mode
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 3
Infrastructure and Client Devices Used with
Wireless Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.1 Identify the purpose, features, and functions of wireless
network components. Choose the appropriate installation or
configuration steps in a given scenario.
2.2 Choose the appropriate installation or configuration steps
in a given scenario.
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
3.1 Identify AP features and capabilities
3.2 Describe AP management systems
3.3 Determine capabilities of client devices
3.4 Identify when Power over Ethernet (PoE) should be used
4.4 Discover client devices and applications in use
4.5 Determine the need for outdoor coverage networks and
bridge links
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.1 Describe client types and varying capabilities
2.5 Configure client devices
3.1 Identify AP features and capabilities and understand
configuration options related to them
3.3 Ensure proper PoE provisioning when required
3.4 Configure APs as standalone devices
3.6 Validate proper AP WLAN configuration
||||||||||||||||||||
||||||||||||||||||||
Choosing the correct network infrastructure devices to be
installed as part of a computer network (both wired and wireless) is a critical
element of a successful wireless LAN (WLAN) deployment. In this chapter,
we will look at a variety of infrastructure devices, including wireless access
points, wireless bridges, wireless repeaters/range extenders, WLAN
controllers, and cloud-managed wireless systems. Cloud-managed WLAN
deployments are growing at a fast pace in all markets. Whereas some
manufacturers specialize in only cloud-managed solutions, most
manufacturers of enterprise wireless equipment utilize cloud-managed access
points to some extent. You will learn about the features and benefits of these
and other wireless network infrastructure devices. Power over Ethernet (PoE)
is an extension to the IEEE 802.3 Ethernet standard that allows direct current
(DC) voltage to be supplied over Ethernet cable to wireless access points,
VoIP telephones, Ethernet security cameras, and other PoE-capable devices.
PoE consists of two ratified amendments and is heavily used in enterprise
WLAN deployments. This chapter will discuss the concepts involved in PoE,
including both of its amendments to the IEEE 802.3 standard.
Client devices were often thought of as computers—either desktop or
notebook—connected to a computer network. Now many other devices, both
wired and wireless, however, can connect to a network. WLAN client devices
include various types of computers, tablets, smartphones, scanners, print
servers, cameras, and other devices that are used to send data across the
network. This chapter will look at the features of various WLAN client
adapter types and the software for configuration and management of these
devices.
Devices that connect to wireless networks use various types of adapters.
Which adapter is used depends on the device that it connects to. You can
connect wireless adapters to such devices as a notebook computer, tablet,
desktop computer, or barcode scanner. WLAN adapters are available in
various types, both external and internal to the device. External adapters will
connect to an available interface in the device, such as a USB port. Some
devices use internal adapters that may require some level of disassembly or
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
removal of a cover panel prior to the installation. Examples of internal
adapter types are PCI, Mini-PCI, Full Mini-PCIe, and Half Mini-PCIe.
WLAN client adapters differ from other networking adapters (such as
Ethernet adapters) because they contain radio hardware and use radio
frequency (RF) to send the computer data over the air. Chapter 4, “Radio
Frequency Fundamentals for Wireless Networking,” will discuss RF
fundamentals in more detail. A WLAN design should be partly based on the
needs of the client applications, client device types to be supported, and the
environment where they will be used.
||||||||||||||||||||
||||||||||||||||||||
The Wireless Access Point
The wireless access point is an integral component of a WLAN infrastructure.
Wireless access points allow a variety of wireless client devices access to any
network resources that the device or user may have permissions for. The
access point provides computers, VoWLAN phones, smartphones, tablets, and
other wireless client devices access to a WLAN, using radio frequency (RF) as
the communication mechanism and free space (air) as the communication
medium.
Wireless access points are available in three common types: autonomous,
controller-managed, and cloud-managed (or “controller-less”). Autonomous
access points are self-contained units and can function as independent
network infrastructure devices. Controller-managed access points, by
contrast, function in conjunction with a hardware WLAN controller. Cloudmanaged access points provide a wireless network infrastructure without the
use of a hardware controller and are software-managed devices.
One manufacturer of cloud-managed solutions (Aerohive
Networks) pioneered a technology known as cooperative control
architecture, which is used with their cloud-managed infrastructure
devices.
When a wireless device is connected to an access point, it is known to be in
infrastructure mode. In this operation mode, all wireless data traffic is passed
through the access point to the intended destination, whether that is a file
server, a printer, the Internet, another wireless client device, or anything else
capable of receiving network data.
An access point can operate as a stand-alone network device, configured
independently to allow wireless devices to connect. It can also operate as part
of a larger wireless network by sharing some of the same parameters, such as
the service set identifier (SSID). The SSID is the logical name, or identifier, of
the WLAN; all wireless client devices connected to an access point will share
the same SSID setting. Figure 3.1 shows an example of an access point
connected to an Ethernet network with several wireless network client
devices.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.1 Access point connected to an Ethernet network
In addition to providing access through a shared medium, wireless access
points are half-duplex devices. Half-duplex is defined as two-way
communication that occurs in only one direction at a time. (By contrast, fullduplex, the other communication method used in computer networking,
allows two-way communication to occur between devices simultaneously.)
Communication only one way at a time means less data throughput for the
connected device. An access point is a network infrastructure device that can
connect to a distribution system (DS)—typically an Ethernet segment or
Ethernet cable—and allow wireless devices to access network resources with
the appropriate access permissions. According to the IEEE 802.11 standard,
all wireless devices, including access points, are considered stations
(abbreviated STA). However, per the standard, an access point is identified as
AP/STA (access point station). In a completely Ethernet-switched network,
devices will communicate directly with the Ethernet switch. Figure 3.2
illustrates half-duplex communication using a wireless access point.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.2 Half-duplex communication one direction at a time
This book uses the terms autonomous access point, controllermanaged access point, and cloud-managed access point to describe the
devices. In the industry, they are also known as intelligent access point,
split MAC architecture, remote MAC, and thin access point.
Manufacturers may also use various other terms to identify them.
Autonomous Access Points
Autonomous access points are self-contained units with all the intelligence
necessary to provide devices with wireless access to a wired network
infrastructure, and access to the resources the devices have permission to
use. There are three popular types of autonomous access points: consumergrade; small office, home office-grade (SOHO-grade); and enterprise-grade.
Not surprisingly, the enterprise type generally offers the most robust feature
set. The autonomous access point is best suited for small networks with only
a few access points or wireless hotspots, because they must be managed
independently, and therefore the scalability is somewhat limited.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The industry terminology for access points is not clearly defined.
What might be considered a consumer-grade or SOHO-grade access point
from one vendor might be considered the opposite from another vendor.
In fact, some access points might even be considered both consumergrade and SOHO-grade access points.
The Consumer-Grade Access Point
Consumer-grade access points, or home broadband wireless routers, are
usually equipped with an Internet port, several ports for Ethernet
connections, and a wireless access point. The routers are configured through
a web browser using either the HTTP or HTTPS protocol. Configuration of the
devices is fairly simple for the novice user using a web browser via a built-in
web server. In most cases, a broadband wireless router connects to either a
cable modem or a digital subscriber line (DSL) connection, available from an
Internet service provider (ISP). In this configuration, a router is able to accept
wired and wireless connections for computers and other devices, providing
them with access to the LAN or the Internet. A wireless broadband router
usually includes the following features:
Network Address Translation (NAT)
Dynamic Host Configuration Protocol (DHCP) server
Internet Protocol (IP) routing
Domain Name System (DNS) services
Built-in firewall
A wireless broadband router has many of the same features a SOHO-grade
access point has. Although consumer-grade access points contain a number of
features, they do not have the same hardware capabilities that the more
expensive enterprise-grade access points contain, such as processing power
and random access memory (RAM). Therefore, they usually support a lesser
number of associated client stations. An example of an IEEE 802.11ac dualband Gigabit wireless broadband router is shown in Figure 3.3.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.3 NETGEAR Model R7000 AC1900-Nighthawk Smart Wi-Fi dualband IEEE 802.11ac Gigabit router
Notice in Figure 3.3 that this device contains a Gigabit Ethernet switch, an
Internet WAN port, a USB 2.0 port, and a wireless access point all in one selfcontained unit. This is a very common configuration with the wireless
broadband router.
The SOHO-Grade Access Point
Although they are powerful devices, SOHO-grade access points usually have a
less extensive feature set than enterprise-grade access points. However, all
newer-model consumer-grade, SOHO-grade, and enterprise-grade access
points now support the highest standards-based security options available,
including IEEE 802.11i or Wi-Fi Protected Access 2.0 (WPA 2.0)
certifications. SOHO-grade access points are best used in the SOHO or home
environment and usually have a limited number of connections for
computers and devices. SOHO-grade access points typically have the
following features:
IEEE 802.11 standards support
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wi-Fi Alliance interoperability certifications
Removable antennas
Static output transmit power
Advanced security options
Wireless bridge functionality
Wireless repeater functionality
Dynamic Host Configuration Protocol (DHCP) server
Configuration and settings options
Figure 3.4 shows an example of a SOHO-grade access point. You will notice
that one difference between a SOHO-grade access point and a consumergrade wireless broadband router is the available connection ports. Whereas
the broadband router is usually equipped with an Internet port and several
ports for Ethernet connections, the SOHO-grade access point typically has
only one Ethernet port to connect to a LAN.
FIGURE 3.4 D-Link DAP-2590 AirPremier N dual-band PoE SOHO-grade
access point, front and end views
||||||||||||||||||||
||||||||||||||||||||
In Figure 3.4, notice that unlike the consumer-grade access point, this device
has only a single PoE-capable Ethernet connection and no Internet WAN
connection or USB port.
IEEE 802.11 Standards Support
All later-model SOHO-grade access points support the current IEEE 802.11
standard. Some older devices may not have firmware updates available, which
can cause implementation challenges where interoperability between newer
and legacy devices is required. In this case, I recommend replacing older
equipment with the most current, state-of-the art models. The 802.11
standard and amendments that are supported will vary based on several
factors, including the cost and complexity of the unit. The most common
consumer-grade and SOHO-grade access points support the IEEE 802.11b,
IEEE 802.11g, IEEE 802.11n, and now IEEE 802.11ac communication
amendments. Most equipment manufacturers make dual-band models, but
the cost is normally higher than single-band (IEEE 802.11b/g/n) access
points. See Chapter 2, “Wireless Local Area Networking, Standards, and
Certifications,” if you need to review these 802.11 amendments to the
standard.
Wi-Fi Alliance Interoperability Certifications
Interoperability certifications from the Wi-Fi Alliance are a common feature
of SOHO-grade access points. As mentioned in Chapter 2, these certifications
include WPA/WPA 2.0 and WPS for security, and WMM and WMM-PS for
QoS (Quality of Service). Selecting a SOHO-grade access point that is Wi-Fi
certified ensures compliance with IEEE standards and interoperability with
other IEEE 802.11 wireless devices.
In December 2011, a security flaw was reported with WPS and
should be considered before using this feature. See the warning in the
section “Wi-Fi Protected Setup Certification Overview” in Chapter 2 and
check the device manufacturer’s website for more information.
Removable Antennas
Some SOHO-grade access points are equipped with removable antennas. This
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
allows the end user to change to a larger (higher-gain) antenna, thereby
allowing an RF to cover a wider area. Conversely, connecting a smaller
(lower-gain) antenna will decrease the coverage area. Many SOHO-grade
access points have fixed or non-removable antennas, so you cannot add a
higher-gain antenna.
The RF coverage area of an access point can be increased by
adding a higher-gain antenna to the access point. For more information
on this and other antenna-related information, see Chapter 5, “Antenna
Technology for Wireless Networking.”
Static Output Transmit Power
Occasionally an end user will have the ability to adjust the transmit output
power in a SOHO-grade access point. If this is available, the settings are
usually very basic, such as low, medium, and high. With enterprise access
points, you can change the power in increments of a milliwatt (mW) or a
decibel milliwatt (dBm). The transmit output power of the access point will
determine in part the area of RF coverage, also known as the RF cell or basic
service area (BSA). A cell is the area of RF coverage of the transmitter—in
most cases, a wireless access point. The typical RF transmit power of a SOHOgrade access point is about 15 dBm, or 32 mW, although this will vary with
the manufacturer. An access point model with static output power settings
cannot be adjusted, which will limit your ability to decrease or increase the
size of the RF cell. Changing the RF cell size will allow the access point to
cover a larger area in the home or small office where the device is installed. In
this case, the only way to change the RF cell size is to change the gain of the
antenna in models that have the removable antenna feature. Note that
replacing the antenna will also change the vertical and horizontal
beamwidths, which is the electromagnetic radiation pattern that propagates
away from it.
Advanced Security Options
All newer-model SOHO-grade access points support the highest security
features, including the IEEE 802.11i amendment and WPA 2.0 personal and
enterprise operation modes. These security features give users with limited
||||||||||||||||||||
||||||||||||||||||||
technical knowledge the ability to provide the most up-to-date security for
their wireless network. For those users who have greater technical know-how,
SOHO-grade access points also provide more advanced security features, such
as user-based authentication IEEE 802.1X/EAP and VPN pass-through. Users
can find more information about these advanced features in most user guides
provided with the access point or online at the device manufacturers’
websites.
Wireless Bridge Functionality
SOHO-grade access points can sometimes be configured in wireless bridge
mode. Both point-to-point and point-to-multipoint settings are available. This
enables administrators to connect two or more wired LANs together
wirelessly using IEEE 802.11 equipment. You learned about point-to-point
and point-to-multipoint settings in Chapter 1, “Computer Networking
Fundamentals.” Wireless bridging is discussed later in this chapter.
Wireless Repeater Functionality
Some SOHO-grade access points can be configured to function as wireless
repeaters. Configuring an access point as a repeater enables administrators to
extend the size of the RF cell so that devices not in hearing range of an access
point can connect to the wireless network. The cost, however, is reduced
throughput for other devices accessing the network through a wireless
repeater, in addition to more contention. Wireless repeaters are discussed
later in this chapter.
Dynamic Host Configuration Protocol Server
It is also common for SOHO-grade access points to be able to act as DHCP
servers. A DHCP server will automatically issue an IP address (logical
address) to allow upper-layer communication between devices on the
network. IP addresses are a function of Layer 3 of the OSI model, as outlined
in Chapter 1. A built-in DHCP server will ease the installation and support of
the access point, providing a much better overall user experience.
Configuration and Settings Options
SOHO-grade access points are configured via a web browser, using either
HTTP (Hypertext Transfer Protocol) or HTTPS (Hypertext Transfer Protocol
Secure). This type of browser-based configuration is an easy way for the
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
novice administrator to make all the necessary settings based on the
application in which the access point will be used. SOHO-grade access points
rarely offer configuration from the command-line interface (CLI), which
allows for more extensive configuration parameters. Figure 3.5 shows an
example of a configuration page from a SOHO-grade access point.
FIGURE 3.5 D-Link DAP-2590 AirPremier N dual-band PoE SOHO-grade
access point configuration screen
For security reasons, it is best practice to configure access points from the
wired side of the network infrastructure whenever possible. Configuration of
an access point should only be done wirelessly if absolutely necessary. If
configuring this device from the wireless side of the network is the only
option, a secure connection such as HTTPS or SSH2 should be in place to
prevent potential compromise of administration user credentials and
unauthorized access of the wireless device.
||||||||||||||||||||
||||||||||||||||||||
Some manufacturers of consumer-grade and SOHO-grade wireless
equipment have online emulators that allow customers to view a sample
of the configuration process for a device. This allows users to sample the
configuration settings and become familiar with the device before making
a purchase.
The Enterprise-Grade Access Point
Enterprise-grade access points typically have a much more extensive feature
set than the previously mentioned SOHO-grade access points. Taking this
into consideration, the price point can be significantly higher for enterprisegrade access points. Figure 3.6 shows an example of an enterprise-grade
access point.
FIGURE 3.6 The Aruba Networks 220 series IEEE 802.11ac dual-band
access point
Enterprise-grade access points can include the following features:
IEEE 802.11 standards support
Wi-Fi Alliance interoperability certifications
Removable or expandable antennas
Adjustable output transmit power
Advanced security options
Multiple operation modes, including root access point, wireless bridge,
wireless repeater, and mesh capabilities
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Graphical user interface (GUI) and command-line interface configurations
In addition to the items listed here, enterprise-grade access points have
various other features that put them a notch above consumer-grade and
SOHO-grade access points. Some of these features are outdoor use, plenum
ratings, industrial environment ratings, more memory, and faster processors
to help handle the load and various environmental conditions.
IEEE 802.11 Standards Support
Like the other access point types discussed in this chapter, enterprise-grade
access points support IEEE standards. Enterprise-grade access points have a
more extensive feature set than SOHO-grade access points and, depending on
the manufacturer and model, will support all communication standards by
using the 5 GHz IEEE 802.11a/n/ac and the 2.4 GHz IEEE 802.11b/g/n dualband radios. Enterprise-grade access points can include support for some
amendments to the standard not supported by SOHO-grade access points.
Examples include support for IEEE 802.11e QoS, Wi-Fi multimedia
certifications, IEEE 802.11r fast BSS transition (FT), and IEEE 802.11w for
the security of management frames, to name a few.
Wi-Fi Alliance Interoperability Certifications
Certifications by the Wi-Fi Alliance are an important feature of enterprisegrade access points. These certifications include WPA/WPA 2.0 for security
and WMM and WMM-PS for QoS. Selecting an enterprise-grade access point
that is Wi-Fi certified ensures compliance with IEEE standards and
interoperability with other IEEE 802.11-compliant devices.
Removable or Expandable Antennas
Many enterprise-grade access points have removable or expandable antenna
capabilities. These antenna configurations provide a lot of flexibility, because
an installer can choose the appropriate antenna based on the deployment
scenario. Omnidirectional, semi-directional, and highly directional antennas
are all types of antennas commonly used in the enterprise environment.
Enterprise-grade access points that use internal antennas can offer options
for connecting external antennas, should they be required for the specific
installation. Antennas will be discussed in more detail in Chapter 5.
Adjustable Output Transmit Power
||||||||||||||||||||
||||||||||||||||||||
Unlike consumer-grade and some SOHO-grade access points, the RF output
power of the radio can be adjusted with enterprise-grade access points. This
feature allows an installer to select the correct amount of transmit power
based on the installation needs of the access point. One benefit of having
adjustable output power is that an installer can adapt to the environment in
which the access point is installed. If the RF dynamics of an area change, the
ability to change access point settings such as output transmit power without
physical intervention is beneficial.
Advanced Security Options
Compared to access points used in the consumer and SOHO environments,
enterprise-grade access points typically have more advanced security features.
In addition to IEEE 802.11i, WPA/WPA 2.0, passphrase and user-based
authentication, and IEEE 802.1X/EAP modes, features such as a built-in user
database for local Remote Authentication Dial-In User Service (RADIUS)
authentication are included. Local RADIUS authentication allows small- to
medium-sized businesses to provide their own advanced authentication
features without the need of external RADIUS authentication services. This
reduces costs and lowers administration overhead.
RADIUS is just one example of the more advanced security features available
in enterprise-grade access points. Another advanced security feature that may
be available is some level of a wireless intrusion prevention system (WIPS). A
WIPS will help determine and have the potential to mitigate certain levels of
wireless intrusions or attacks on the network. One example is the detection of
a rogue (unknown) access point.
Advanced security features are discussed in more detail in Chapter 8,
“Security Fundamentals for Wireless Networking.” Some of the common
configuration options available for one model of enterprise access point are
shown in Figure 3.7.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.7 Extreme Networks AP-7131 enterprise-grade access point
configuration page in a web browser
Multiple Operation Modes
In addition to the features just discussed, enterprise-grade access points
typically have several operation modes:
Root Access Point Mode (the most common configuration) What
some in the industry refer to as root access point mode is typically the default
operation mode in which an enterprise-grade access point operates. Root
access point mode involves connecting the access point to a distribution
system (DS), such as an Ethernet segment or a network infrastructure of
some sort. This mode allows computers and other wireless devices to connect
to the access point and use network resources based on the assigned
permissions of the user, computer, or other wireless device.
Wireless Bridge Mode (for connecting LANs together) This
configuration allows an access point to be set in bridge mode for wireless
point-to-point or point-to-multipoint configurations connecting two or more
||||||||||||||||||||
||||||||||||||||||||
LANs. Benefits of using wireless access points to bridge LANs together
include cost savings and high data transfer rates compared to some other
wired connectivity options.
Wireless Repeater Mode (to extend the RF cell) An access point
configured in wireless repeater mode can act to extend the RF cell. This
allows wireless client devices outside the radio hearing range of an access
point to still be able to connect to the network and access network resources
via the wireless repeater. This operation mode does have the downside of
reduced throughput and should be used only if justified because of no wired
connectivity that allows the access point/repeater to connect to the network.
Mesh Mode (for connecting access points together wirelessly) If an
access point has mesh capability, it can be configured to connect access points
together without using a wired infrastructure. This is useful in areas where
the physical distance from the network segment to the access points exceeds
the 328-foot or 100-meter limitation. This is what was formerly known as a
wireless distribution system (WDS). The term WDS is now considered
obsolete and has been removed from the latest revision of the IEEE 802.11
standard.
If an enterprise-grade access point is configured for an operation
mode other than an access point, it is no longer considered an access
point. Typically an access point can be configured to operate in only one
mode at any one time. Also, if an enterprise-grade access point is dualband capable, it may be possible to configure each band (radio) as a
different operation mode.
Access Point Configuration Methods
Enterprise-grade access points can commonly be configured, or “staged,” two
different ways:
Graphical User Interface (GUI) Configuration Enterprise-grade access
points can be configured using a GUI configuration from a web browser using
HTTP or HTTPS. This is a convenient way to configure and change settings on
the access point using a common graphical interface tool, a web browser. If
the access point is configured using a wireless connection, using HTTPS is
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
recommended for security at a minimum, but an SSH or IPsec VPN
connection is highly recommended.
Command-Line Interface (CLI) Configuration Most if not all
enterprise-grade access points have command-line interface (CLI) capabilities
to allow extensive and detailed configuration of the device. In some cases, the
CLI command set provides higher-level commands that allow an
administrator to perform additional configuration tasks that aren’t available
using the web browser method. This allows consistency in configuring other
network infrastructure devices, because many manufacturers share common
commands among devices. CLI capabilities vary depending on the
manufacturer, but most enterprise models have an extensive set of
commands. Access points with CLI capabilities may have a special console
port on the device, allowing a direct serial connection to a computer to access
for configuration purposes.
Controller-Managed Access Points
Controller-managed access points differ from autonomous access points in
that they are used with hardware WLAN controllers, not as stand-alone
devices. An autonomous access point is a self-contained unit that has all the
intelligence needed to provide computer and device access to a wireless
network. In contrast, controller-managed access points have shifted some of
the intelligence to the hardware WLAN controller. Since a controller-managed
access point may contain less intelligence than an autonomous access point,
the cost of a controller-managed access point may be lower, depending on the
local MAC capabilities.
Controller-managed access points are centrally managed from the hardware
WLAN controller. The extent of how this is accomplished depends on the type
of architecture that is in use: local MAC, split-MAC, or remote-MAC. SplitMAC is the most commonly used architecture, with the controller handling
the management and control planes and the access point taking care of the
real-time MAC functionality and the Physical layer communications. How
manufacturers implement the technology varies. Typically, communication
between the access point and the controller is handled by an IP or proprietary
tunnel that is built from the access point to the controller. Depending on the
manufacturer, they may have a more extensive feature set than autonomous
access points, while also including many of the features of those devices.
Figure 3.8 shows front and rear views of a controller-managed access point.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.8 Cisco Aironet 3500e CleanAir IEEE 802.11n access point
The benefits of controller-managed access points are similar to those of
autonomous access points, including RF management, security, and QoS.
With remote MAC controller-managed access points, very little or no
intelligence is contained within the devices. Controller-managed access points
are PoE capable for ease of deployment in either mid-sized or large
organizations. One thing to keep in mind is that if a controller-managed
access point is unable to communicate with the WLAN controller for some
reason, the access point may be able to still provide communications to the
associated client devices. How this is achieved widely varies, based on how
the manufacturer implements the technology.
Cloud-Managed Access Points
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Cloud-managed access point technology provides another solution for
deploying WLAN infrastructures. The architecture for networks that use this
type of access point is sometimes referred to as a “controller-less”
architecture, because the device intelligence has been pushed back out to or
distributed to the access point edge, similar to that of the autonomous access
point, but with much more intelligence and capabilities. The access points are
managed through a “cloud” software configuration tool, eliminating the need
for a hardware controller. This type of management tool can be accessed from
any computer with an Internet connection, assuming the user has appropriate
permissions to manage the devices. Some manufacturers also have “software
appliances,” eliminating the reliance on the cloud server because the software
is contained locally with the organization’s datacenter network. Figure 3.9
shows an example of a cloud-managed access point.
FIGURE 3.9 ADTRAN/Bluesocket 2030 IEEE 802.11ac (3x3:3) indoor access
point
Cloud-managed access points provide many of the same benefits and features
of a WLAN controller solution without the need and extra expense of a
hardware controller. This technology is scalable and performs well without
relying on a “tunnel” from the access point to a controller through which
some or all of the network traffic can be forwarded. This distributed
intelligence allows the cloud-managed access point to make decisions about
how frames traverse both the wired and wireless network without relying on
||||||||||||||||||||
||||||||||||||||||||
the hardware controller.
Some manufacturers of controller-managed solutions provide a variant of the
cloud technology by allowing autonomous access points to be “adopted” by a
controller in a large enterprise environment. These access points are then site
survivable, meaning they will still be able to function on their own should
connectivity with the controller be temporarily lost. The description of this
technology includes the term adaptive access point.
Wireless Branch Router/Remote Access Point
A wireless branch router, or remote access point, can be used to extend a
corporate network to a remote location, such as a home, conference room, or
branch office, through a secure connection using a WAN or the Internet. This
type of device typically has three interfaces available:
Ethernet port(s) to connect to a LAN
Internet port to connect to the WAN or to an Internet connection
Wireless port to allow IEEE 802.11 computers and devices to connect to a
network through a wireless connection
Wireless branch routers are usually compact and lightweight, making them
easy for sales representatives and other corporate employees to travel with.
They also have a more extensive feature set than wireless broadband routers,
including the capability of building a Layer 3 VPN tunnel between devices in
which the router on each side will act as a VPN endpoint. They can also be
configured as a VPN pass-through device, allowing another device on the
network, such as a VPN concentrator, to act as the VPN endpoint. They also
include these features:
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol/Internet Protocol Security (L2TP/IPsec)
SSH2
Advanced IP networking services
Edge router capability
Figure 3.10 shows an example of a wireless branch router.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.10 Aerohive BR200 wireless branch router
||||||||||||||||||||
||||||||||||||||||||
Wireless Mesh
Wireless mesh networking continues to grow at a steady pace. The concept of
mesh networking has been in existence for many years. In a full mesh
network, all nodes connect together with at least two paths for every node.
This allows for reliable communication in the event of a device or path
failure.
Wireless mesh networking is popular in the outdoor market space. Most
outdoor mesh infrastructure devices provide the highest levels of wireless
security and are usually inside a rugged weatherproof enclosure for
protection from the elements. Wireless mesh networks are currently utilized
in places such as metropolitan areas, university campuses, and
amphitheaters, as well as for applications used with public safety,
transportation, and government organizations.
Currently, many WLAN manufacturers use proprietary mechanisms and
protocols for wireless mesh networking. IEEE 802.11s is an amendment to
the IEEE 802.11 standard to include wireless mesh networking and was
ratified in 2011. Many enterprise-grade access points have the ability to
operate in mesh mode, whereas others have a dedicated mesh function.
Wireless mesh networking for indoor deployments is starting to appear as a
viable solution for some WLAN infrastructure deployments.
Manufacturers commonly recommend using two unlicensed RF bands for a
wireless mesh operation. One common solution is to use the 2.4 GHz ISM
band for wireless client device access and the 5 GHz UNII band for mesh
device infrastructure connectivity. The use of a third radio may be an option
in some cases. Using two different RF bands reduces contention on a single
band and increases the overall performance of the network.
Mesh can also be used in the event of Ethernet loss to an access point. Some
cloud-managed access points are able to automatically mesh together when
they suffer an Ethernet loss. By default, they typically support clients in both
bands, but they can mesh in 5 GHz if an Ethernet connection fails.
Figure 3.11 illustrates mesh access points connected to a wired infrastructure.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.11 Mesh access points/routers connected to a common
infrastructure and to the Internet
Some manufacturers may provide as many as four radios in a
mesh access point. The fourth radio could utilize the 4.94–4.99 GHz
licensed band, which is restricted to public safety use only (in the United
States).
||||||||||||||||||||
||||||||||||||||||||
Wireless Bridges
Wireless bridges connect two or more wired LANs. As discussed in Chapter 1,
typically there are two configurations for wireless bridges: point-to-point and
point-to-multipoint. A wireless bridge is a dedicated device that functions in
much the same way as an access point in bridge mode. Wireless bridges have
many of the same features as enterprise-grade access points, including
removable antennas and selectable power levels.
Connecting locations together using wireless bridging has many benefits,
including fast installation, cost savings, and high data transfer rates.
Depending on the circumstances, a wireless bridge can be installed in as little
as one day or even several hours. Cost savings can be enormous compared to
installing and maintaining a physical wired connection between locations,
whether it is copper, fiber optics, or a leased line from a service provider.
Most wireless bridges can work in either the 2.4 GHz ISM or 5 GHz UNII
unlicensed band. Keep in mind, however, that bridges using wireless
technology can also consist of proprietary technology using licensed
frequency bands, which may be capable of greater distances and faster speeds
than wireless bridges that use IEEE 802.11 devices. The connection can span
long distances, so it is important to take security and environmental
conditions into consideration, as well as the proper antenna selection.
Figure 3.12 illustrates wireless bridges connecting two LANs in two separate
buildings.
FIGURE 3.12 Wireless bridges connecting two LANs
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
When LANs are connected using wireless bridges, the bridges must
be set to the same RF channel and have the same SSID.
||||||||||||||||||||
||||||||||||||||||||
Wireless Repeaters/Range Extenders
Wireless repeaters are used to extend the RF cell. In a wired Ethernet
network, repeaters function at Layer 1 of the OSI model to extend the
Ethernet segment. An Ethernet repeater lacks intelligence—that is, it cannot
determine data traffic types and simply passes all data traffic across the
device. Since wireless infrastructure devices, including repeaters, are Layer 2
devices, they have more intelligence than Ethernet repeaters.
An Ethernet segment has a maximum distance for successful data
transmission, and WLANs do as well. This distance depends on several
factors, including the transmit power of the access point and the gain of the
antenna. Like an access point, the wireless client device is also a transmitter
and a receiver and will have an RF range limited by the transmit power and
gain of the antenna. A wireless repeater provides the capability for computers
and other devices to connect to a WLAN even when outside the normal
hearing range of the access point connected to the network. Figure 3.13
illustrates how a wireless repeater can extend the range of a wireless network.
FIGURE 3.13 A wireless repeater extends the range of a wireless network.
As illustrated, the wireless client device is not within hearing range of the
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
access point, so adequate communication is not possible between these
devices. In order for WLAN devices to communicate effectively with an access
point, the transmitter must be able to hear the receiver, and the receiver must
be able to hear the transmitter. It is a two-way radio communication. A
wireless repeater will allow this communication to occur where the wireless
client is outside the RF cell or BSA of the access point. The wireless client will
send information, or frames, to the repeater, and the repeater will forward
them to the access point, and vice versa. The downside of this configuration is
that it will reduce the overall throughput. The wireless repeater may be
named differently by the manufacturer and include the term wireless range
extender.
Using Wireless Repeaters Reduces Throughput
Before using a wireless repeater, consider whether it would be the best
solution. Since WLANs are half-duplex (two-way communication but only
one way at a time), data throughput will suffer when repeaters are used.
When data traverses a wireless link between devices that are set to the
same RF channel, the data throughput can be reduced by up to 50
percent. If a physical wired connection is available, it should be used for
an access point connection rather than a wireless repeater. For security
purposes, the Ethernet port on a wireless repeater should be disabled
because it is not connected to a wired network infrastructure.
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Controllers and Cloud-Managed
Architectures
The WLAN hardware controller is a main component in many WLAN
deployments. WLAN controllers range from branch office models with a few
controller-managed access points to large-scale enterprise devices with
hundreds or even thousands of controller-managed access points. The branch
office models are typically used in remote office installations or
small/medium business (SMB) applications with a limited number of access
points. The controller-less, or cloud-managed, architecture is growing at a fast
pace and provides another option for enterprise WLAN deployments. The
following sections discuss some of the many benefits and features available
on both WLAN controllers and cloud-managed controller-less solutions:
Centralized administration
Virtual LANs (VLANs)
PoE capability
Improved mobile device transition
WLAN profiles and virtual WLANs
Advanced security features
Captive web portals
Built-in RADIUS services
Predictive modeling site survey tools
RF spectrum management
Firewalls
QoS
Infrastructure device redundancy
WIPS
Direct and distributed access point connectivity
Layer 2 and Layer 3 access point connectivity
Distributed and centralized data forwarding
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Centralized Administration
WLAN controllers and cloud-managed, controller-less solutions provide
centralized administration and give an administrator complete control over
the wireless network from a single physical location. Unlike autonomous
access points, which require intervention at each device for configuration,
these solutions can be a “one-stop shop” for configuration and management
of the wireless network. A wireless network management system (WNMS)
can be used as a centralized tool to manage WLAN infrastructures. A WNMS
can be used to help scale the access point architecture as well but is not
required.
Virtual Local Area Networks
According to the IEEE 802.1Q standard, VLANs define broadcast domains in a
Layer 2 network by inserting VLAN membership information into Ethernet
frames. Layer 2 Ethernet switches can create broadcast domains based on
how the switch is configured, by using VLAN technology. This allows an
administrator to separate physical ports into logical networks to organize
traffic according to the use of the VLAN for security profiles, QoS, or other
applications. The concept of a Layer 2 wired VLAN is extended to IEEE 802.11
WLANs. Both hardware controller and controller-less solutions have the
ability to configure broadcast domains and segregate broadcast and multicast
traffic between VLANs.
Power over Ethernet Capability
WLAN controllers and cloud-managed solutions support PoE, allowing DC
voltage and computer data to be sent over the same cable. (The details of PoE
are discussed later in this chapter, in the section “Power over Ethernet.”)
Some hardware controllers provide direct access point connectivity to the
controller at the device connection layer and will provide the PoE. For
hardware controllers that do not support direct connectivity and cloudmanaged solutions, the access points will receive their PoE from the Layer 2
Ethernet switch.
Improved Mobile Device Transition
Fast, seamless Layer 2 and Layer 3 transitioning or roaming between access
points is another common feature of hardware wireless controllers and cloud-
||||||||||||||||||||
||||||||||||||||||||
managed solutions. This feature makes it possible for computers and other
wireless devices connected to the WLAN to maintain a connection while
physically moving throughout the wireless network. The IEEE 802.11r
amendment specifies fast transition (FT), and the IEEE 802.11k helps with
this functionality. Transitioning is more often than not an enterprise network
requirement and exists in very few SOHO deployments.
Wireless LAN Profiles and Virtual Wireless LANs
Both the WLAN controller and controller-less cloud-managed solutions can
give network administrators the ability to create a variety of configuration
profiles. These profiles can work in conjunction with VLANs to allow or deny
access based on requirements for the computer, device, or user. Profiles can
be configured for various situations, including different SSIDs for guest,
corporate, and voice networks; security configurations; and QoS support.
Each WLAN profile will create a virtual access point with its own BSSID and
will act as though it is a separate physical device. This includes all the
wireless management traffic that works with WLAN technology.
Although Wired Equivalent Privacy (WEP) is now rare and not
recommended to be used in any WLAN, it may still exist in deployments
that use legacy devices, such as wireless bar code scanners or wireless
print servers. Using WLAN profiles, you can allow this type of legacy
device to be located on a separate wireless VLAN without compromising
the security of the entire network. However, if WEP is still used, I highly
recommend moving away from it as soon as possible by upgrading legacy
devices.
Advanced Security Features
Like autonomous access points, hardware wireless controller and cloudmanaged solutions provide advanced security options. These include security
options based on IEEE 802.11i and WPA/WPA 2.0, with both passphrase and
enterprise configuration capabilities, allowing for the most secure
mechanisms available for WLAN technology, including IEEE 802.1X/EAP,
RADIUS, and certificates as used in most enterprise deployments.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Captive Web Portals
Captive web portal capability is a common feature in hardware WLAN
controllers and cloud-managed systems. A captive web portal will intercept a
user’s attempt to access the network by redirecting them to a web page for
authorization of some sort. This web page may request account credentials,
payment information from a user, or a simple agreement to terms and
conditions before granting access to the wireless network. One common
example of where you will see a captive portal is in a paid or free wireless
hotspot. The captive portal can be hosted by an outside service provider, by an
autonomous access point, by a hardware wireless controller, and in a cloudmanaged system on the access point. It is important to note that some mobile
devices may experience issues while connecting to a wireless network with
captive web portal technology enabled.
Built-in RADIUS Services
Another common feature of WLAN controllers and cloud-managed systems is
RADIUS services for 802.1X/EAP authentication, which is supported by WPA
and WPA 2.0. Built-in RADIUS allows a network administrator to utilize the
most advanced security features available today to secure the wireless
network. Built-in RADIUS servers typically limit the number of users that can
be created in the user database, which means that built-in RADIUS is a good
solution for SMB or remote office locations but not for very large
organizations. Larger networks can use external RADIUS services for
scalability. See www.gnu.org/software/radius for more about this server.
Predictive Modeling Site Survey Tools
Predictive modeling site survey tools assist in the placement of access points
and other wireless infrastructure devices. These tools are sometimes a feature
of a hardware WLAN controller. Performing a predictive modeling site survey
will assist in planning to determine coverage and capacity for data and voice
for both indoor and outdoor deployments. Some manufacturers of cloudmanaged enterprise solutions have web-based online predictive modeling site
survey tools. Aerohive is one example of a manufacturer that provides these
online wireless network planning tools. Visit the following website for more
information and instructions on how to access this tool:
www.aerohive.com/planner
||||||||||||||||||||
||||||||||||||||||||
Radio Frequency Spectrum Management
Keeping an eye on the RF environment is another responsibility of the
wireless network administrator. RF spectrum management consists of
adjusting RF parameters such as the RF channel (frequency) and the RF
transmit power after deployment. This allows the network to adapt to changes
in the environment and assist in the event of hardware failures.
Firewalls
An integrated stateful firewall feature helps protect a network from
unauthorized Internet traffic but still allows authorized traffic. Firewalls can
be hardware-based, software-based, or a combination of the two. Stateful
firewalls, which keep records of all connections passing through them, help
protect against broadcast storms, rogue DHCP server attacks, Address
Resolution Protocol (ARP) poisoning, and other potential attacks against the
WLAN.
Quality of Service
QoS features help time-critical applications, such as voice and video
communications, minimize latency and allow for traffic prioritization. With
the continual expansion of voice and video technology in the WLAN arena,
QoS is becoming an increasingly important component in the wireless
network.
Infrastructure Device Redundancy
Infrastructure device redundancy allows for fault-tolerant deployments and
provides uninterrupted access in the event an access point or WLAN
controller fails. Complete redundancy will prevent a major outage caused by
hardware failure for mission-critical or other deployments. Coverage is
maintained by alternating access points between the redundant infrastructure
devices, minimizing interruption for user access in the event of a hardware
failure. Cloud-managed systems eliminate the need of redundant hardware
WLAN controllers, and the technology allows for redundancy in the event of
an access point failure.
Wireless Intrusion Prevention System
A WIPS monitors all activity across the wireless network for potential
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
intrusion and malicious activities. A WIPS can take appropriate action to
mitigate an attack based on the type of intrusion. WIPS will be discussed
further in Chapter 8.
Direct and Distributed Access Point Connectivity
Connecting access points that are not directly plugged into a port on the
WLAN controller is a feature known as distributed access point connectivity.
It’s beneficial in large-scale deployments, and almost all manufacturers
support it. Direct access point connectivity is defined as a direct connection to
ports on the switch and is typically used with device connection layer
hardware wireless controllers.
Layer 2 and Layer 3 Access Point Connectivity
Early wireless network implementations were built with dedicated Layer 2
connectivity, which meant limited wireless mobility. Layer 2 transition
(roaming) occurs when a computer or other wireless client device moves out
of the radio cell of the currently associated access point and connects to a
different access point maintaining Layer 2 connectivity.
As wireless networking technology evolved, so did the need for Layer 3
connectivity and transition. IP addresses are logical Layer 3 addresses that
identify devices on a network. All IP devices on the same network or subnet
are considered to be in the same IP boundary. Layer 3 roaming occurs when a
client moves to an access point that covers a different IP subnet. After a
transition, the client will no longer have a valid IP address from the original
subnet, and the device will be issued an IP address from the new subnet while
maintaining Layer 3 connectivity.
Figure 3.14 illustrates Layer 2 and Layer 3 connectivity and wireless
transition.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.14 Wireless client device roaming across Layer 2 and Layer 3
boundaries
Distributed and Centralized Data Forwarding
WLAN controller solutions consist of two common types of architectures:
centralized and distributed. Early WLAN controller solutions supported the
centralized architecture (split-MAC architecture). This design separated the
intelligence from the access point and placed it into the wireless controller to
allow for centralized management and control of the wireless network. The
access point, for the most part, was just a radio and antenna, and traffic
decisions were sent to the controller through an Ethernet cable. This
technique is also known as centralized data forwarding. Depending on where
the controller was placed, it could cause bottlenecks and other issues in the
case of an overloaded or poorly designed network infrastructure. With the
data rates possible with IEEE 802.11n and now IEEE 802.11ac, the aggregate
throughput could be too much for the network to handle, resulting in poor
performance.
Distributed data forwarding reduces the amount of infrastructure traffic
because the controller-managed access point is able to make more decisions,
taking some of the load away from the wireless controller. Moving some of
the intelligence back to the edge (the wireless access point) minimizes the
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
bottlenecks and other potential issues such as latency. This is also true in a
cloud-managed or controller-less architecture, thus eliminating the need for
the data to be sent to the controller for handling.
Most enterprise WLAN equipment manufacturers now support both the
centralized and distributed WLAN architectures.
||||||||||||||||||||
||||||||||||||||||||
Power over Ethernet
PoE sends DC voltage and computer data over the same Ethernet cable,
enabling a device to receive DC power and computer data simultaneously.
This eliminates the need for an external alternating current (AC) power
source to be near the Ethernet device.
An Ethernet cable has four copper wire pairs, or eight copper wires.
Depending on the technology in use, either two or all four wired pairs may be
used to carry data traffic. Figure 3.15 shows an example of a standard
Ethernet cable pin assignment.
FIGURE 3.15 Standard Ethernet pin assignment
PoE now consists of two ratified amendments to the IEEE 802.3 standard.
They are defined in 802.3-2012 Clause 33, also known as IEEE 802.3af, and
IEEE 802.3at, sometimes called PoE+. These amendments define the
specifications for devices used in wired or wireless networking to receive DC
power from the Ethernet connection without the need for an external DC
power source. The PoE amendments to the Ethernet standard allow electrical
power to be supplied in one of two ways, either over the same wired pairs that
carry computer data or over the wired pairs that do not carry data. 10BaseT
and 100BaseT (Fast Ethernet) implementations use only two wired pairs
(four wires) to carry data. 1000BaseT (Gigabit Ethernet) may use all four
pairs (eight wires) to carry computer data. The standard defines which wire
pairs are allowed to carry the DC power based on whether the network is
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
10BaseT, 100BaseT, or 1000BaseT, and whether the power is sourced from an
endpoint or midspan injector. Both midspan and endpoint injectors are
explained later in this chapter.
The nominal voltage for PoE is 48 volts of direct current (VDC), but the
amendments allow for a range of 44 to 57 VDC at the power source. The PoE
amendments address two types of devices: power sourcing equipment (PSE),
the device that provides of the DC power, and the powered device (PD), the
device that receives the DC power.
Before PoE was standardized, some manufacturers used
proprietary implementations. These solutions used various voltages,
polarities, and pin assignments and may still be on the market today. I
recommend that you verify PoE standard compliance before using this
technology to prevent potential hardware or device failures.
The IEEE 802.3-2012 Clause 33 (802.3af) amendment was released in 2003
and allocates 15.4 watts (W) of power maximum per port. This amendment
has been incorporated into the IEEE 802.3-2012 standard. The IEEE 802.3at
amendment, PoE+, was released in 2009 and includes changes to add to the
capabilities of the IEEE 802.3-2008 standard, with higher power levels and
improved power management information. IEEE 802.3at allows for 34.2 W of
power per port maximum, a big increase over IEEE 802.3af, which allowed
for 15.4 W per port. IEEE 802.3af PoE will work with access points from all
manufacturers of enterprise-grade IEEE 802.11n access points. Using IEEE
802.3af will make it easier for organizations to transition from older-model
access points to the newer 802.11n technology, which will improve their client
service and provide overall better performance without having to immediately
upgrade their PoE infrastructure to IEEE 802.3at.
Power Sourcing Equipment
The power sourcing equipment (PSE) is the device that supplies the DC
voltage to the end devices that receive the DC power. The DC voltage (power)
can be delivered to the device in one of two ways:
An endpoint injector (usually a WLAN controller or a Layer 2 Ethernet
switch) delivers DC power directly over the same wire pairs that carry data
||||||||||||||||||||
||||||||||||||||||||
over the unused wire pairs.
A midspan injector (usually a single-port or multiple-port injector) injects
DC power into the Ethernet cable over the unused wire pairs or over the
data pairs, depending on the version of the standard in use.
Midspan Injectors
Midspan PoE injectors provide the required DC voltage (48 VDC) into the
Ethernet cable, allowing the access point, bridge, or other PD to receive
electrical power and computer data. There are two types of midspan devices:
single-port injectors and multiport injectors. A single-port injector supplies
power to a single device. This is useful in an implementation that may have
only a few PoE devices. A single-port injector is an in-line device that adds DC
power to the Ethernet cable. A multiport injector can supply DC power to
many devices simultaneously. It is an in-line device that functions like a
patch panel. Two ports on this device are required to supply both DC power
and computer data to a single PD, such as an access point, bridge, or IP
camera. Therefore, a 24-port injector will allow connectivity for only 12
devices.
Endpoint Injectors
Endpoint PoE injectors supply DC power and computer data directly at the
Ethernet port, rather than relying on an intermediate device to supply the
power. WLAN controllers and Ethernet switches are examples of endpoint
devices. A benefit of endpoint PoE is that no intermediate adapter to inject
power is necessary.
Powered Devices and Classification Signatures
The powered device (PD) is defined as the device receiving DC power, such as
a wireless access point, wireless bridge, IP camera, IP phone, and so on. The
IEEE 802.3 standard defines the maximum cable length of an Ethernet cable
to be 328 feet, or 100 meters. Because of line loss, the standard specifies less
maximum power than what is available at the port. Table 3.1 shows the
maximum power allowed for both the PSE and the PD.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 3.1 Maximum power supplied by PSE and drawn by PD for both
amendments to the IEEE 802.3 Ethernet standard
Specification
802.3af 802.3at
PSE power maximum
15.4 W
34.2 W
PD power draw maximum 12.95 W 25.5 W
Equipment manufacturers have the option of defining a classification
signature. The classification signature determines the maximum amount of
power a device requires, thereby allowing the PSE to better manage the
amount of power delivered to a specific port. The PoE amendments make five
classes of powered device available (class 0 through class 4). Table 3.2 shows
the available classes and the amount of power in watts for each class for IEEE
802.3-2012 Clause 33 devices.
TABLE 3.2 Classes of powered device described in the PoE amendment to
the Ethernet standard, 802.3-2012 Clause 33
Class Use
PSE Power Output, in
Watts
PD Max Levels, in
Watts
0
Default
15.4 W
0.44 W to 12.95 W
1
Optional
4.0 W
0.44 W to 3.84 W
2
Optional
7.0 W
3.84 W to 6.49 W
3
Optional
15.4 W
6.49 W to 12.95 W
4
Type 2 PoE
devices
30.0 W
12.95 W to 25.5 W
||||||||||||||||||||
||||||||||||||||||||
It is important to note that the “power budget” of the power
source equipment must be considered. The total amount of DC current a
PSE can supply will determine how many devices that draw the power can
be connected to the power source. This may cause some design
constraints, and you may not have enough DC power to supply to all of
the connected devices. Understand that each device will draw the required
amount of DC power for it to operate. For example, all dual-band,
enterprise-grade 802.11n access points can now operate in 3x3:3 MIMO
mode using 802.3af power, which allows a maximum of 15.4 watts per
port. However, the access points may only draw approximately 12 watts of
power. If the total maximum amount of power available in a 24-port
switch is 185 watts (the power budget), that would allow only 12 access
points to be connected, assuming the ports are allowing 15.4 watts each.
Twelve ports multiplied by 15.4 watts each is 184.8 watts of available
power. IEEE 802.3at PoE can be used for devices that may require more
DC power, such as some IEEE 802.11ac access points, which would
qualify as Class 4 devices, shown in Table 3.2.
Figure 3.16 shows an example of PSE and a PD.
FIGURE 3.16 PSE single-port injector and PD access port
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Benefits of PoE
There are many benefits to using devices that support PoE, including cost
savings and convenience. The IEEE 802.3 standard (Ethernet) specifies a
maximum distance of 100 meters, or 328 feet, for unshielded twisted-pair
(UTP) Ethernet cable. PoE enables a PoE device to receive DC power and
computer data at this distance without the need for electrical power at the
point where the device is installed or located. This can amount to a big cost
savings if a voltage source is not available where the device is located, because
there is no need to install electrical power at that point.
||||||||||||||||||||
||||||||||||||||||||
Radio Hardware Used with Wireless LAN
Technology
WLAN client devices require some type of radio hardware or chipset to send
the digital data (all the ones and zeros) across the air using RF. It is important
to understand that based on the IEEE 802.11 standard, every addressable unit
used in a WLAN is considered a station (STA). This includes both client
devices that connect to the network and wireless access points that allow
devices to connect to and use network resources.
Another point to consider is that with the recent advancements in WLAN
technology, including the release of the IEEE 802.11n/ac amendments, client
device selection will need to be carefully considered. Although it is beneficial
to use 802.11n/ac-capable client devices along with the newer 802.11n/ac
multiple-input multiple-output (MIMO) access points, radio technology used
in 802.11a/b/g devices may benefit from MIMO technology as well. Selecting
the correct wireless adapter will allow a user to take advantage of the newest
WLAN technology available.
Many organizations now have to deal with the Bring Your Own Device
(BYOD) subject. This is a trend in which employees bring their own personal
electronic wireless devices, such as tablets and Wi-Fi-enabled smartphones,
to the office or place of business. These devices will then have access to
company resources, including email services, file servers, computer data, and
printers. This may create problems for technical support and security issues.
BYOD is forcing organizations to address this in corporate policies.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
USB 1.0, USB 1.1, USB 2.0, and USB 3.0
Introduced in 1995, the Universal Serial Bus (USB 1.0) standard was designed
as a replacement for legacy serial and parallel connections.
Serial communication is the process of transmitting one data bit at a time.
Parallel communication has the capability of transmitting several data bits at
a time. Imagine a single-lane road compared to a four-lane highway. On a
single-lane road, only one car at a time can travel, whereas on a four-lane
highway, many cars can traverse the same path at the same time.
USB allows connectivity for various devices that once used serial and parallel
data connection ports. These devices include but are not limited to the
following:
Keyboard
Mouse
Digital camera
Printer
Computer networking adapter
HDMI video using a converter adapter
USB 1.0 specified data rates from 1.5 Mbps to 12 and was replaced by USB 1.1
in 1998. Devices using this version of the standard were more common in the
market.
USB standards are implemented by the USB Implementers Forum (USB-IF).
This organization consists of companies from the computer and electronics
industries, including Intel, Microsoft, NEC, and HP.
The USB 2.0 specification was released in April 2000. The first revision
appeared in December 2000, and the standard has been revised several times
since. USB 2.0 incorporates several changes, including connector types. Data
rates now allow for a maximum speed of up to 480 Mbps. (USB 1.0 supported
a maximum of 12 Mbps.)
Figure 3.17 shows an example of a USB 2.0 port.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.17 USB 2.0 port on notebook computer panel
USB 3.0 technology was introduced in early 2010 and is commonly available
to the point of being included on newer system boards. USB 3.0 devices have
faster transfer rates and use a wider bandwidth, and they allow multiple
logical streams and improved bus use with asynchronous readiness
notification without polling. USB 3.0 greatly increases the transmission speed
from the 480 Mbps of USB 2.0 up to 4.8 Gbps. This is more than 10 times
that of the earlier standard, and as a result USB 3.0 is known as SuperSpeed.
In addition to speed, the new USB 3.0 specification addresses improvements
to the technology, including bandwidth, by using bidirectional data paths,
power management, and improved bus utilization.
Features of USB
USB uses a standard connector that replaces 9-pin serial, 25-pin parallel, and
various other connector types. External configuration allows the user to plug
in the USB device and power it with a single USB port. The computer
operating system will guide the user through the device driver installation
process. External installation minimizes the need to open up a computer case
and make adjustments within the computer, such as switch or jumper
settings. USB also supports hot-swapping of devices, allowing connection and
disconnection without the need to power down the device or the computer. In
some cases, USB allows for power to be delivered to the peripheral device,
eliminating the need for an external power supply. Rarely will you see a
device with PC card or ExpressCard interfaces, and most use only USB ports
for adding peripheral devices.
For additional information and specifications regarding the USB
standards, visit the USB Implementers Forum (USB-IF) at www.usb.org.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Installation and Configuration of USB Devices
Exercise 3.1 walks you through the steps to install the D-Link Wireless N USB
2.0 Adapter. Many USB WLAN adapters use installation procedures similar to
this one. Installation steps are specific to the manufacturer, and I recommend
that you follow the manufacturer’s installation instructions. Always read the
manufacturer’s manual regarding installation and safety before attempting
installation.
EXERCISE 3.1
Installing a USB 2.0 Wireless LAN Adapter
To install the D-Link Wireless N USB 2.0 Adapter on a computer running
Microsoft Windows, follow these steps:
1. Visit the D-Link website at http://support.dlink.com to get the most
current installation files and device driver. You can search the support
website by entering the model number of the adapter into the search
bar. If an Internet connection is not available, you can use the setup
CD that comes with the adapter to install the client utility. Execute the
setup program you downloaded or insert the setup CD into the CDROM drive. The program should start automatically, and an Autorun
screen will appear. Click to start the installation, and the Installation
Wizard window will appear.
||||||||||||||||||||
||||||||||||||||||||
2. Accept the default location to install the files or browse for an
alternate file location.
3. When prompted, insert the USB adapter into an available USB port on
your computer.
4. When prompted, enter the network name (SSID) manually. If you
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
don’t know the SSID, click Scan to see the site survey page.
The site survey page will also appear if the SSID is entered incorrectly.
Click the network name (SSID) and click Next.
5. Click Finish to continue. If prompted to restart the computer, select
Yes, Restart The Computer Now.
||||||||||||||||||||
||||||||||||||||||||
Peripheral Component Interconnect
PCI is the acronym for Peripheral Component Interconnect, a standard for
computer interface cards that was developed by Intel. A PCI card is inserted
into a slot in the main board or motherboard of a desktop computer, allowing
for the attachment of peripheral devices. Installing a PCI card may require
basic tools such as a screwdriver, and the installer usually will need to remove
the cover from the desktop computer case. Figure 3.18 shows an example of
an IEEE 802.11 wireless PCI card.
FIGURE 3.18 NETGEAR WG311T IEEE 802.11g wireless PCI adapter
Features of PCI
A PCI adapter connects to what is known as a data bus in a desktop computer.
In basic terms, a data bus allows connection of devices to the computer’s
processor or “brain.” In the early days of personal computers, many devices
used a data bus. These devices included video, hard disks, serial ports,
Ethernet adapters, and parallel ports for printers. These interfaces connected
to what is known as an Industry Standard Architecture (ISA) bus.
Modern computers have integrated many of these interfaces directly into the
motherboard, system board, or main board. As PC technology evolved, so did
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
the data bus architecture, going to 32-bit and now 64-bit bus. Wireless
networks are no strangers to PCI. Even though wireless is often thought of as
portable or mobile, in many cases stationary desktop computers can utilize
WLAN connectivity through the use of wireless PCI interface cards.
PCI-SIG (Peripheral Component Interconnect-Special Interest
Group) is the industry organization for development and management of
the PCI standards. For additional information, visit www.pcisig.com.
Installation and Configuration of PCI Cards
Back in 1995, Microsoft introduced a feature in the Windows 95 operating
system called Plug and Play (PnP). This new feature accelerated the interest
in PCI. PnP made installing a PCI card a snap. All that was required was for
the installer to plug the card into the motherboard, and it would be
recognized and automatically work with the operating system. However, this
process still required user intervention to open the case in order to physically
install the card. Exercise 3.2 describes the steps for installing a PCI card in a
desktop computer.
EXERCISE 3.2
Installing a PCI Card
The following steps are typical for installation of a PCI WLAN card. Exact
installation steps are specific to the manufacturer, and I recommend that
you follow the manufacturer’s setup instructions. Always read the
manufacturer’s manual regarding setup and safety before attempting
installation.
1. Visit the NETGEAR website at https://www.netgear.com/support/ to
get the most current installation files and device driver. You can
search the support website by entering the model number of the
adapter into the search bar. If an Internet connection is not available,
you can use the setup CD that comes with the adapter to install the
client utility. Execute the setup program you downloaded or insert the
||||||||||||||||||||
||||||||||||||||||||
setup CD into the CD-ROM drive. The program should start
automatically, and a welcome or Autorun screen may appear. When
the screen appears, click Next to continue and follow the instructions
to install and configure the wireless PCI adapter. The Installation
Wizard will appear on the screen.
2. The setup program will copy the required files to the desktop
computer.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Turn off the computer to install the card. Once the computer is turned
off, unplug the power cord from the wall jack.
3. Open the case and identify an available PCI slot in the motherboard.
Using the appropriate tool, remove the cover over the slot. Insert the
wireless PCI adapter into the available PCI slot and securely fasten it
in place. The following image shows an available PCI slot in a desktop
computer.
||||||||||||||||||||
||||||||||||||||||||
4. Once the card is securely mounted, close the case and insert the power
cable into the wall jack. Turn on the computer.
5. The setup program will appear on the screen. Follow the onscreen
instructions to complete the installation.
In some cases, the installation and setup may require the computer to
be restarted in order for the adapter to operate correctly. Follow the
manufacturer’s recommendations.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Mini-PCI, Mini-PCIe, and Half Mini-PCIe
Mini-PCI is a variation of the PCI standard, designed for laptops and other
small-footprint computer systems. One common example of a Mini-PCI card
is the IEEE 802.11 Mini-PCI adapter shown in Figure 3.19.
FIGURE 3.19 IEEE 802.11 Mini-PCI adapter
Mini-PCI cards are common in many devices, such as Fast Ethernet networks,
Bluetooth, modems, hard drive controllers, and WLANs. In the wireless
world, Mini-PCI cards are used in access points and client devices such as
laptop or notebook computers.
Mini-PCI Express (Mini-PCIe) cards are a replacement for the Mini-PCI card
and are based on PCI Express.
||||||||||||||||||||
||||||||||||||||||||
Many notebook and portable computers with built-in WLAN use
either Mini-PCI or Mini-PCIe or now Half Mini-PCIe cards for wireless
IEEE 802.11 WLAN connectivity.
Features of Mini-PCI, Mini-PCIe, and Half Mini-PCIe Cards
Mini-PCI cards are available in three types: Type I, Type II, and Type III.
Types I and II cards use a 100-pin stacking connector. Type III cards use a
124-pin edge connector. Type II cards have RJ11 and RJ45 connectors for
telephone and Ethernet network connections. These cards are commonly
located at the edge of the computer or docking station so that the connectors
can be mounted for external access, such as to a modem or computer
network.
Mini-PCIe cards are 30 mm × 56 mm and have a 52-pin edge connector,
consisting of two staggered rows on a 0.8 mm pitch. These cards are 1.0 mm
thick excluding components. Table 3.3 summarizes the features of Mini-PCI
and Mini-PCIe cards.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 3.3 Features of Mini-PCI, Full Mini-PCIe, and Half Mini-PCIe cards
Card Type Connectors
Size
Mini-PCI
Type IA
100-pin stacking
7.5 mm × 70 mm × 45 mm
Mini-PCI
Type IB
100-pin stacking
5.5 mm × 70 mm × 45 mm
Mini-PCI
Type IIA
100-pin stacking, RJ11, RJ45
17.44 mm × 70 mm × 45 mm
Mini-PCI
Type IIB
100-pin stacking, RJ11, RJ45
5.5 mm × 78 mm × 45 mm
Mini-PCI
Type IIIA
124-pin edge
5 mm × 59.75 mm × 50.95 mm
Mini-PCI
Type IIIB
124-pin edge
5 mm × 59.75 mm × 44.6 mm
Full MiniPCIe
52-pin edge, two staggered
rows on 0.8 mm pitch
30 mm × 31.90 mm × 1 mm
(excluding components)
Half Mini- 52-pin edge, two staggered
PCIe
rows on 0.8 mm pitch
30 mm × 56 mm × 1 mm
(excluding components)
The Half Mini-PCIe cards are 30 mm × 31.90 mm. The main difference
between this card and the Mini-PCIe card is the length. The length of this new
form factor is about half of the Mini-PCIe card.
With the introduction of the Half Mini-PCIe card form factor, the
Mini-PCIe card is now called the Full Mini-PCIe card.
Figure 3.20 shows a Mini-PCIe adapter.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.20 Full Mini-PCIe adapter
Installation and Configuration of Mini-PCI, Full Mini-PCIe, and
Half Mini-PCIe Cards
As with the PCI card installation process, Mini-PCI and Mini-PCIe
installation may require the user to physically install hardware in the
computer. Location of the Mini-PCI or Mini-PCIe interface varies depending
on the computer manufacturer. On some computers, you just have to remove
a cover panel on the bottom of the notebook. On others, you need to
disassemble the computer case. Exercise 3.3 describes the typical installation
steps.
EXERCISE 3.3
Installing Mini-PCI and Mini-PCIe Cards
The following steps are typical for the installation of a Mini-PCI and
Mini-PCIe WLAN card on a notebook computer. Exact installation steps
are specific to the manufacturer, and I recommend that you follow the
manufacturer’s setup instructions.
1. Shut down the computer. Verify that the computer is not in
Hibernation mode. If it is, turn on the computer and perform a
complete shutdown.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
2. Disconnect the AC power cord from the wall jack.
3. Disconnect all connected peripherals and remove the battery pack.
4. Remove the panel covering the Mini-PCI—Mini-PCIe compartment.
(Details of this step will depend on the computer model.)
5. Insert the Mini-PCI or Mini-PCIe card into the correct slot. Note the
correct pin orientation.
6. Connect the wireless antenna cables to the Mini-PCI or Mini-PCIe
card.
7. Replace the panel for the Mini-PCI—Mini-PCIe compartment.
8. Replace all peripheral devices and battery pack. Plug in the AC power
cord to the wall jack.
9. Visit the manufacturer’s support website to get the most current
installation files and device driver. You can search the support website
by entering the model number of the adapter into the search bar. If an
Internet connection is not available, you can use the setup CD that
comes with the adapter to install the client utility. Power on the
computer and execute the setup program you downloaded or insert
the Setup CD-ROM into the CD-ROM drive. The program should start
automatically, and a welcome or Autorun screen may appear. When
the screen appears, click Install Drivers and follow the onscreen
instructions to install and configure the wireless Mini-PCI or MiniPCIe card.
Always read the manufacturer’s manual regarding installation and safety
before attempting installation.
||||||||||||||||||||
||||||||||||||||||||
Replacing a Full Mini-PCIe with Half Mini-PCIe Adapter
Upgrading an IEEE 802.11g wireless Full Mini-PCIe card to a newer IEEE
802.11n/ac Half-Mini PCIe card may require the use of a special adapter
or bracket. Keep in mind that the Half Mini-PCIe card is about half the
length of the Full card, and you may not be able to install the card
securely. Therefore, you may need to purchase a special bracket in order
for the new Half Mini-PCIe card to be securely mounted in the notebook
computer or other device where the card is to be installed.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wireless Workgroup Bridges
A wireless workgroup bridge (WWB), also known as a wireless client bridge,
is a wireless device acting as a client device that will allow potentially several
Ethernet devices on an Ethernet segment (devices connected to a common
Physical layer boundary) to connect to an infrastructure through a wireless
access point. This is accomplished without the need to upgrade each wired
device on the Ethernet segment to wireless. Figure 3.21 illustrates an
application of a WWB.
FIGURE 3.21 Typical application for an enterprise WWB
Features of Wireless Workgroup Bridges
The WWB can be used in a variety of business or SOHO applications,
including enterprise, medical, retail, education, and warehouse. Supported
devices include computers, printers, scales, medical equipment, barcode
readers, and point-of-sale machines, such as cash registers. Although the
WWB may have the appearance and features of an infrastructure device, such
as a wireless access point, it is considered a client device. A WWB will allow
for a limited number of wired client devices to connect to and use network
||||||||||||||||||||
||||||||||||||||||||
resources. A wireless access point sees a WWB as a single station even if
several wired stations are connected, because the WWB multiplexes the
signal to a single wireless connection. In other words, it is basically a
multiplex device.
WWBs may include the following features:
Fixed or detachable antennas
Advanced security features
Web browser and/or command-line interface management utilities
MAC filtering options
Multiple connectivity modes
PoE
Support for connection of a limited number of client devices
Installation and Configuration of Wireless Workgroup Bridges
The following are the steps usually necessary for installing and configuring a
WWB:
1. Connect the WWB to the Ethernet segment that needs to have a wireless
connection.
2. If PoE is not a feature of the device, connect the bridge power adapter to
the wall jack.
3. Using a web browser, connect to the assigned IP address. In some cases it
may be necessary to assign an IP address to the WWB from a CLI prior to
configuring the bridge.
4. From the web management interface, assign the correct SSID and RF
channel in order to associate to the correct access point.
5. Configure the correct security settings, either WPA or WPA2 and Personal
or Enterprise mode.
6. Verify association of the WWB to the desired access point.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Always read the manufacturer’s manual regarding installation
and safety before attempting installation.
Another form of WWB is one that is designed to allow a variety of single
Ethernet devices, not just computers, to connect to and use wireless
networks. These devices will have an Ethernet port but are not wirelesscapable. This type of client bridge also has characteristics similar to some
infrastructure devices, such as wireless access points. One benefit is that in
most cases no software is required—that is, you will not have to install device
driver or client utility software on the client Ethernet device. These devices
are seen by the access point as a single wireless client. Devices that can
benefit from this type of client bridge are printers, DVD/media players, and
game consoles. Figure 3.22 shows a wireless client bridge.
FIGURE 3.22 EnGenius Technologies ECB3500 802.11g High Power
600mW wireless access point/bridge/repeater/router
||||||||||||||||||||
||||||||||||||||||||
Client Device Drivers
All devices connected to a computer require a device driver. Components
requiring drivers include keyboards, mice, video cards, USB ports, printers,
wired network interface cards, IEEE 802.11 WLAN cards, and many others.
The device driver is software that allows the installed device to communicate
with or take instructions from the computer operating system in order to
provide correct functionality.
It is important to verify the latest revision of the device driver from the client
device manufacturer. Having the latest revision installed will ensure correct
operation and sometimes add additional features. Figure 3.23 shows a device
listing in the Windows 10 Professional operating system.
FIGURE 3.23 Microsoft Windows 10 Professional Device Manager utility
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Client Utility Software
All IEEE 802.11 WLAN cards require configuration in order to connect to a
wireless network. The configuration capabilities of device drivers are usually
very limited. Therefore, a user needs additional configuration software. The
user can choose from either manufacturer-specific utilities or third-party
client utilities built into some operating systems. When IEEE 802.1X portbased authentication is used, the client device is known as the supplicant. The
supplicant will provide authentication credentials to the authenticator, which
in wireless networking is the access point. 802.1X authentication will be
discussed in more detail in Chapter 8. Regardless of the client utility
installed, a user has the capability to create a profile that will retain the
connection/session parameters. A profile will contain information regarding a
specific connection, including network name or SSID and security settings.
Manufacturer-Specific Client Utilities
Most manufacturers of WLAN adapters provide a software client utility for
the wireless adapter. The features of the utility depend on whether the client
is SOHO-grade or enterprise-grade. SOHO-grade client utilities have basic
connection and security parameters. The client software installation usually
is part of the adapter install process and is typically performed through a
setup wizard. Figure 3.24 shows a screenshot from a SOHO-grade client
utility.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.24 Linksys Dual-Band Wireless-N USB client utility
Enterprise-grade client utilities may have a more advanced feature set,
including connection statistics and site survey. Typically, a user can install the
device driver and client utility simultaneously or will be able to choose
separate installation procedures. In most enterprise-grade client utilities,
profile setup is a manual process requiring a user to have a basic
understanding of the adapter’s capabilities as well as the network
configuration. Figure 3.25 shows an enterprise-grade client utility.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.25 Proxim Client Utility for 8494-US 802.11a/b/g/n USB adapter
Third-Party Client Utilities
Another option for a WLAN adapter client utility is a third-party utility built
into a computer operating system. Recent versions of the Microsoft Windows
operating system—Windows 7, Windows 8, and Windows 10, for example—
have a client utility built in and running as a service.
In later versions, such as Windows 10, the service is now called the WLAN
AutoConfig. After the wireless adapter is installed, a user may select a
wireless network to connect to and supply security parameters if required.
Figure 3.26 shows the Windows 10 Professional client utility using the
Microsoft AutoConfig service.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 3.26 Microsoft Windows 10 Professional client utility
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Summary
This chapter discussed network infrastructure devices, which are commonly
used to provide wireless connectivity to a computer network for computers
and other wireless client devices. The infrastructure devices include the
access point (an integral part of the WLAN and available as a self-contained
intelligent, or autonomous, device), a controller-managed device for use with
hardware WLAN controllers, and a cloud-managed access point that provides
user and client device access to network resources. Other infrastructure
devices include wireless broadband routers for SOHO or home use, wireless
bridges for connecting LANs together, and wireless repeaters for extending an
RF cell.
This chapter also explored some of the features, benefits, and applications of
these infrastructure devices. In addition, we took a look at the two PoE
amendments (IEEE 802.3-2012 Clause 33, also referred to as 802.3af, and
IEEE 802.3at), components, the DC voltage and amount of DC power
supplied to devices (in watts), and how the power may be delivered to a PD.
Many types of WLAN client devices are used in various applications. These
device types include desktop and notebook computers, printers, and barcode
scanners, to name a few. A wireless client adapter uses radio hardware or
chipset to send the digital data (all the ones and zeros) across the air using
RF. This chapter looked at some of the various IEEE 802.11 WLAN adapter
types, explaining the features, common hardware, software, and configuration
procedures. External adapters with WLAN functionality include the following:
USB 2.0
USB 3.0
WLAN adapters are also available as internal adapters. These adapters may
require some disassembly or removal of a panel for installation. Internal
adapter types include the following:
PCI
Mini-PCI
Full Mini-PCIe
Half Mini-PCIe
WLAN adapters require a device driver in order to communicate with the
||||||||||||||||||||
||||||||||||||||||||
operating system, and in most cases software utilities may be installed and/or
configured in order to connect the wireless network. This chapter described
several installation scenarios for various types of WLAN adapters, including
USB and PCI. We also looked at how a WWB can be used to connect
computers and other devices on an Ethernet segment to a network by
connecting to an access point.
Finally, this chapter showed how WLAN client utilities simplify the process of
connecting to a wireless network. Client utilities are sometimes supplied by
the manufacturer of the adapter or may part of the operating system. WLAN
AutoConfig (Windows 10) is a commonly used operating system client utility.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Remember the function and features of the different access point
technologies. Compare and contrast the features of autonomous,
controller-managed, and cloud-managed access points. Know that
autonomous access points are self-contained units, and controller-managed
access points work with WLAN controllers. Cloud-managed access points do
not require a hardware controller but use cloud-managed software for
configuration and management.
Understand differences between various infrastructure devices.
Identify the features and applications of wireless access points, wireless
bridges, wireless repeaters, and the WLAN controller, and how they differ
from one another.
Explain the function and implementation of wireless infrastructure
devices such as wireless bridges and wireless repeaters. Understand
the different modes in which wireless infrastructure devices operate, as well
as the uses for specific devices such as wireless bridges and wireless
repeaters.
Explain the differences between PoE devices. Know the differences
between power sourcing equipment (PSE) and powered devices (PDs), and
know how they are used in wireless networking. PSE devices will supply the
DC voltage, and PDs will receive the DC voltage.
Know the details of the IEEE 802.3-2012 Clause 33 (802.3af) and
802.3at PoE amendments to the Ethernet standard. Know that the
nominal voltage for PoE is 48 VDC. Identify the different classifications
signatures. Understand the difference between midspan and endpoint PoE
solutions. IEEE 802.3at allows 34.2 W maximum power per port, while IEEE
802.3-2012 Clause 33 (802.3af) allows for 15.4 W of power maximum.
Know the various types and features of external client adapters
used in WLAN clients. Understand the features and function of external
client adapters, including USB 2.0 and USB 3.0.
Know the various types and features of internal client adapters used
in WLAN clients. Be familiar with internal adapter cards used with 802.11
WLAN technology, including PCI, Mini-PCI, Full Mini-PCIe, and Half MiniPCIe cards. Understand the installation factors involved with internal
network adapters.
||||||||||||||||||||
||||||||||||||||||||
Understand the installation process of client adapters and client
software. USB 2.0, USB 3.0, PCI, Mini-PCI, and Full and Half Mini-PCIe
cards require software components such as a device driver and client utility
software to be installed in order to function correctly.
Explain the function and features of specialty client devices.
Specialty client devices such as a WWB can be used to connect devices on a
common Physical layer cable to a wireless network.
Know the differences among software components of wireless client
adapters. Device drivers, client utility software, and third-party client
software all play important roles in the successful installation of a wireless
client adapter. Understand the details of software components used in
wireless networking.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. In computer network terminology, the definition of half-duplex is closest
to which of the following?
A. One-way communication only
B. One-way communication one way at a time
C. Two-way communication both directions simultaneously
D. Two-way communication one way at a time
2. A self-contained intelligent access point is ____________.
A. Controller-managed
B. Heavyweight
C. Autonomous
D. Thin
3. Wireless bridges must be configured with ____________and
____________. (Choose two.)
A. A null SSID
B. The same SSID
C. The same RF channel
D. Channel scanning
E. Wired Equivalent Privacy
4. Which of the following are benefits of a wireless repeater? (Choose two.)
A. Higher data transfer rate.
B. Larger cell size allows more devices to access the medium.
C. Smaller cell size allows fewer devices to access the medium.
D. Less data throughput.
E. Extends cell size.
5. Which of the following devices is an in-line device that will inject DC
voltage into the Ethernet cable?
||||||||||||||||||||
||||||||||||||||||||
A. Midspan
B. Midpoint
C. Endspan
D. Endpoint
6. Access points work at which layers of the OSI model? (Choose two.)
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
E. Layer 5
F. Layer 6
G. Layer 7
7. Enterprise access points may contain which of the following features?
(Choose three.)
A. WPA 2.0 support
B. RADIUS server
C. Static output power
D. Repeater mode
E. Power sourcing equipment
8. A controller-managed access point connected to a port on the WLAN
controller and not to an intermediate device is considered to have which of
the following?
A. Direct connectivity
B. Distributed connectivity
C. Decentralized connectivity
D. Centralized connectivity
9. Which access point mode involves connecting the access point to a
distribution system for user access to the LAN?
Technet24.ir
||||||||||||||||||||
A. Bridge-only mode
B. Repeater-only mode
C. Root access point mode
D. Access mode
10. WLAN controllers may contain which of the following features? (Choose
three.)
A. Centralized administration
B. Captive portal
C. Network Address Translation (NAT)
D. Built-in RADIUS services
E. IP routing
11. You have a notebook computer and wish to connect to an IEEE 802.11ac
wireless network. The computer does not have a built-in WLAN card or a
PC card interface. You do not want any peripherals connected to the
notebook that use wires and do not want to disassemble the computer.
Which wireless adapter would be the best solution?
A. Wireless PCI
B. Wireless PCMCIA
C. Wireless Full Mini-PCIe
D. Wireless USB 2.0
12. Which component is required for a successful installation and operation
of an 802.11ac wireless USB adapter?
A. Device driver
B. Client utility
C. Profile software
D. Windows AutoConfig
13. You want to connect a desktop computer to an IEEE 802.11ac wireless
network. Which WLAN adapter would be the best solution if you do not
want to disassemble the computer?
||||||||||||||||||||
A. Mini-PCI
||||||||||||||||||||
B. USB 3.0
C. Half Mini-PCIe
D. PCMCIA
14. How many data bits does serial communication transmit at a time?
A. 1
B. 3
C. 4
D. 8
15. Most manufacturers recommend installing a wireless IEEE 802.11ac USB
adapter at what point?
A. When the computer is not powered on
B. When instructed by the setup utility
C. After calling technical support
D. Before starting the setup process
16. Enterprise-grade IEEE 802.11n/ac client utilities typically contain which
advanced feature?
A. PCI configuration
B. Spectrum analyzer
C. Setup wizard
D. Site survey
17. A wireless workgroup bridge will allow you to do which of the following?
A. Connect two WLAN NICs together
B. Connect a wired LAN to an access point
C. Connect a PCI card to a WLAN
D. Connect two client bridges
18. Which WLAN adapter can be installed in a computer without the need to
disassemble the computer in any way?
||||||||||||||||||||
A. PCI
Technet24.ir
||||||||||||||||||||
B. USB 3.0
C. PCIe
D. Mini-PCI
19. A device driver can be used in wireless networking. Which is an example
of a device driver?
A. Software to control a wireless NIC
B. Software to control the operating system
C. Hardware to install a PCI card
D. Hardware to install a client bridge
20. Which is required in order to successfully install an IEEE 802.11ac WLAN
adapter?
||||||||||||||||||||
A. Security profile
B. Device driver
C. Third-party client utility
D. SOHO utility
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 4
Radio Frequency Fundamentals for Wireless
Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.2 Define basic characteristics of and concepts relating to WiFi technology
3.1 Define the basic concepts and units of RF measurements,
identify when they are used, and perform basic unit conversion
3.2 Identify and explain RF signal characteristics
3.3 Identify factors which affect the range and rate of RF
transmissions
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.1 Identify RF characteristics
1.2 Explain basic RF behaviors
2.1 Know the frequency bands used
2.3 Select appropriate channels
3.3 Determine capabilities of client devices
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.1 Describe RF signal characteristics
1.2 Explain RF behaviors and signal propagation
1.3 Understand how to detect RF signal factors
1.4 Create basic RF channel plans
2.4 Determine the channels and streams supported by client
devices
5.2 Troubleshoot performance problems
||||||||||||||||||||
||||||||||||||||||||
Radio frequency (RF) plays an essential role in wireless LAN
(WLAN) technology. Radio waves are passed through the air (which is the
medium) and are used to get information from one wireless device to
another. Technically speaking, with respect to WLANs, RF consists of highfrequency alternating current (AC) signals passing over a copper cable
connected to an antenna. The antenna then transforms the signal into radio
waves, which propagate through the air from a transmitter to a receiver.
Unlike wired devices, which use physical cable to communicate, WLANs use
the radio waves and the air to communicate. This chapter will discuss the
characteristics of RF and explain how far a radio signal will travel depending
on various factors, the area covered by the RF propagation, and some of the
factors determining how many clients or devices can use the RF signals for
data communications. This chapter will also explain the range and speed of
RF transmissions. Range (how far radio waves will travel) and speed can be
affected by several environmental conditions or behaviors, such as reflection
and refraction. Additionally, this chapter will examine some of the conditions
that affect the transmission of information across the air, including
interference.
Understanding RF units of measure, such as watts (W), milliwatts (mW), and
decibels (dB), is important to RF work, just as understanding denominations
of money is an important part of daily life. We will discuss RF signal
measurements, including receiver sensitivity, received signal strength
indicator (RSSI), and signal-to-noise ratio (SNR).
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Understanding Radio Frequency
Radio frequency (RF) waves are used in a wide range of communications,
including radio, television, cordless phones, WLANs, and satellite
communications. RF is around everyone and everything, and comes in many
forms. RF energy is emitted from the numerous devices that use it for various
types of communications. For the most part, it is invisible to humans. There
is so much of it around that if you could actually see RF, it would probably
scare you. Don’t let it scare you, however, because the amount of regulated
RF power transmitted from the devices used with wireless computer
networking is harmless. Figure 4.1 shows some of the many ways RF is used.
Studies have shown that the amount of power emitted from many of these
devices, such as cordless telephones or wireless network adapters, will not
cause any physical harm if the devices are manufactured not to exceed the
maximum regulated power allowed for the device.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.1 Radio frequency is used in many different devices to provide
wireless communications.
Remember, RF consists of high-frequency alternating current (AC) signals
passing over a copper cable connected to an antenna. This antenna will then
transform the received signal into radio waves that propagate through the air.
The most basic AC signal is a sine wave, which is the result of an electrical
current varying uniformly in voltage over a period of time. This sine wave
cycle will repeat a specific number of times (cycles) over a period of one
second. The number of cycles per second will result in different frequencies.
Figure 4.2 shows a basic sine wave.
Successful radio transmissions consist of a minimum of two components, a
transmitter and receiver (see Figure 4.3). With IEEE 802.11 wireless
networking, a wireless station can transmit and receive and is known as a
transceiver. These two components work together: For every radio
transmitter, there must be one or more radio receivers. It is important to
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
understand the basic characteristics of RF transmissions. These
characteristics work together to form AC signals and include the wavelength,
frequency, amplitude, and phase. The antenna will transform these signals
into radio waves that travel through the air carrying information from the
transmitter to the receiver. This is accomplished in different ways, depending
on the wireless technology in use. This theory will be discussed more in
Chapter 5, “Antenna Technology for Wireless Networking.”
FIGURE 4.2 A basic sine wave, one complete cycle varying voltage at a point
in time
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.3 RF transmitter and receiver. In a WLAN, the transmitter and
receiver could be an access point and client device, respectively.
Wavelength in Wireless LANs
The wavelength is the distance of one complete cycle, or one oscillation, of an
AC signal. Wavelength is typically identified by the Greek symbol lambda, λ,
which is used in formulas for calculations. This distance is usually measured
in centimeters or inches. Figure 4.4 shows an example of a wavelength.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.4 The wavelength is the distance of one complete cycle,
measured in centimeters or inches.
IEEE 802.11 WLANs currently use both the 2.4 GHz and 5 GHz unlicensed
frequency ranges for transmission. The IEEE 802.11-2016 standard also
specifies some additional frequency ranges in which WLANs can operate.
Although these do not fall under the “unlicensed” category, 4.9 GHz public
safety and 3.650 GHz (IEEE 802.11y amendment) can also be used for IEEE
802.11 WLAN communications. Table 4.1 lists some examples of wavelengths
for IEEE 802.11 WLANs using unlicensed frequencies.
TABLE 4.1 Typical radio transmission wavelengths for WLANs
RF Channel Frequency (GHz) Length (in) Length (cm)
6
2.437 GHz
4.85 in
12.31 cm
40
5.200 GHz
2.27 in
5.77 cm
153
5.765 GHz
2.05 in
5.20 cm
||||||||||||||||||||
||||||||||||||||||||
The IEEE 802.11ah amendment (also known as Wi-Fi HaLOW)
allows for WLAN operation in frequency bands below 1 GHz (also called
the Sub 1 GHz band, or S1G). This allows for long-range, low-power
connections using an unlicensed frequency, including the 900 MHz
frequency band. The actual frequency ranges used vary based on
regulatory domains. The driving force behind this amendment is the
Internet of Things (IoT) devices.
Frequency in Wireless LANs
Frequency is defined as the number of complete cycles in one second. Low
frequencies correspond to long waves, and high frequencies to short waves;
so, the higher the frequency, the shorter the wavelength (range). From a
WLAN perspective, if all things were equal, such as radio transmit power and
antenna gain, the range of a 2.4 GHz signal would be approximately twice as
far as a 5 GHz signal because of the difference in wavelengths. In formulas,
frequency is typically identified by the lowercase letter f.
Figure 4.5 shows an example of frequency.
FIGURE 4.5 Frequency is the number of complete cycles in one second.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
How Far Can a Signal Travel?
A few years back, 900 MHz cordless telephones were very popular.
Cordless telephones were introduced in the 1970s, and in 1990 the FCC
opened the 900 MHz range for these telephones. With a 900 MHz phone,
you could hypothetically go up to 500 feet away from the cordless phone’s
base station before losing the signal and no longer being able to make a
phone call. In the past few years, higher-frequency phones have increased
in popularity. After upgrading to a 2.4 GHz phone, you may have noticed
you can get only about 250 feet away (half the distance compared to a 900
MHz phone) in the same environment before losing the signal. This is
because the 2.4 GHz wavelength is about half the distance of a 900 MHz
wavelength, assuming both phones are operating at the same output
power. With 5.8 GHz cordless telephones, the range is still less, assuming
the same amount of transmit power.
IEEE 802.11 WLANs work in several unlicensed frequency ranges. The
unlicensed ranges used for WLANs are from 2.4 GHz to 2.5 GHz and from
5.15 GHz to 5.875 GHz. There are some areas in the 5.15 GHz to 5.875 GHz
range that are not used for standards-based wireless networking. With respect
to wireless networking, think of the wavelength and frequency as the range or
distance a signal will propagate.
Amplitude in Wireless LANs
From a WLAN perspective, the amplitude is the strength or the amount of
power of an RF signal. This is calculated from the height (in a twodimensional view), on the y-axis of the sine wave, representing the voltage. A
basic sine wave is a change in voltage over a period of time. Using a formula,
the voltage at the peak of the signal can be used to calculate the amount of RF
power. So an increase in amplitude is equal to an increase in RF power. An
increase in power is also known as gain. Conversely, any decrease in
amplitude will be a decrease in power. A decrease in power is known as loss.
If a transmitter outputs a certain amount of RF power (for example, 100
mW0, then it has a specific amplitude of some value. As this signal travels
through an RF cable, it will have a specific level of loss based on the type and
length of cable in use, resulting in attenuation. Therefore, the result will be
less amplitude at the end of the cable due to the loss value of the cable.
||||||||||||||||||||
||||||||||||||||||||
Figure 4.6 shows two signals operating at the same frequency with different
amplitudes. The signal with the higher amplitude (Signal A) is more powerful
than the signal with the lower amplitude (Signal B). With respect to wireless
networking, think of the amplitude as the amount of transmitted or received
RF power.
FIGURE 4.6 Two signals at the same frequency with different amplitudes
Phase in Wireless LANs
Phase is the difference in degrees at a particular point in the time of a cycle,
measured from some arbitrary zero and expressed as an angle. For example, if
a second sine wave starts a quarter of a wavelength after the first sine wave, it
is considered to be 90° out of phase with the first sine wave. Figure 4.7 shows
an example of the phase relationship between two AC signals. Two radio
waves that have the same frequency but start at different times are known to
have a phase difference and are considered out of phase with one another.
The amount of the phase difference is typically measured in degrees, ranging
from 0° to 360°.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.7 Phase is the difference in degrees between two signals.
Waves that arrive at a receiver out of phase will experience some level of
distortion, which will cause corruption in a single radio system. This is known
as multipath. The difference in time of arrival of the main signal and a
reflected signal that causes the multipath problem is called the delay spread.
If two waves arrive at a receiver 180° out of phase, this will usually result in a
cancellation effect or nullify the two signals. Conversely, two waves that
arrive in phase are additive, and this will result in an increase in signal
strength known as upfade. Keep in mind, however, that the amplitude of the
waves that experience the upfade effect will never be higher than the wave
transmitted. With respect to wireless networking, think of the signal phase as
it pertains to interference (multipath) and the modulation of an RF signal.
Radio Frequency Used in Wireless LANs
As discussed in Chapter 2, “Wireless Local Area Networking, Standards and
Certifications,” RF spectrum is governed by local regulatory agencies. The
country where the RF is used determines the regulations, such as frequency
use and maximum power. Table 4.2 illustrates examples of local RF
regulations.
||||||||||||||||||||
||||||||||||||||||||
TABLE 4.2 Examples of local RF regulations
Location
Regulation
Canada
ISC RSS-210
China
RRL/MIC Notice 2003-13
Europe
(ETSI)
ETS 300.328ETS 301.893
Israel
MOC
Japan
(MKK)
TELEC 33BTELEC ARIB STD-T71
Singapore
IDA/TS SSS Issue 1
Taiwan
PDT
United
States
FCC (47 CFR) Part 15C, Section 15.247FCC (47 CFR) Part 15C,
Section 15.407
U.S. (FCC) Unlicensed Frequency Bands
In the United States, the Federal Communications Commission (FCC) is the
local regulatory agency responsible for regulating licensed and unlicensed
radio spectrum. Listed are the unlicensed RF bands available in the United
States for use with wireless communications:
ISM (Industrial, Scientific, and Medical):
902−928 MHz
2.400−2.4835 GHz
5.725−5.875 GHz
UNII (Unlicensed National Information Infrastructure):
5.15−5.25 GHz: UNII-1, lower
5.25−5.35 GHz: UNII-2, lower middle
5.470−5.725 GHz: UNII-2e, upper middle
5.725−5.825 GHz: UNII-3, upper
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The 5.725−5.875 GHz UNII band is used in the United States for
a single channel (165). The IEEE 802.11-2016 Standard Clause 17 section
17.3.8.4.1 reads, “The OFDM PHY shall not operate in frequency bands
not allocated by a regulatory body in its operational region. Regulatory
requirements for a given frequency band are set by the regulatory
authority responsible for spectrum management in a given geographic
region or domain.” The FCC allows this frequency for IEEE 802.11
wireless networking. It is important to note that as of April 2014, the FCC
rules changed and channel 165 (5.825 GHz), which was previously
categorized as an ISM channel, now falls under the UNII band.
The IEEE 802.11 standard addresses the 2.4 GHz ISM band and the 5 GHz
UNII band. In the United States, the 2.4 GHz ISM band allows for 11 of 14
total channels to be used for WLAN communications. The 5 GHz UNII band
consists of four bands utilizing four frequency ranges: UNII-1, the lower
band; UNII-2 and UNII-2e, the middle bands; and UNII-3, the upper band.
Table 4.3 shows unlicensed frequency bands and channels used by IEEE
802.11 WLAN technology. Keep in mind that the 5.725−5.875 GHz UNII band
is used where allowed by the regulatory agency.
TABLE 4.3 IEEE 802.11 frequency and channel allocations
Band
Frequency
Number of Channels
ISM
2.400−2.500 GHz 14
UNII-1 5.150−5.250 GHz 4
UNII-2 5.250−5.350 GHz 4
UNII-2e 5.470−5.725 GHz 12
UNII-3 5.725−5.825 GHz 5
A chart of the United States frequency allocations is available
from the National Telecommunications and Information Administration.
To view this chart, visit www.ntia.doc.gov/osmhome/allochrt.pdf.
||||||||||||||||||||
||||||||||||||||||||
Radio Frequency Channels
As you have seen, RF is divided into bands. These bands can be further
separated into channels. A channel is a smaller allocation of a RF band. One
familiar application in which this is accomplished is television. Until overthe-air television became available in digital format, television was allocated
certain frequency ranges. Common television channels operated in the very
high frequency (VHF) band—for example, channels 2 through 13 operated
from 54 through 216 MHz. This frequency range was divided into 12 channels,
allowing optimal use of the frequency range for the application—in this case,
television signals.
A viewer can change channels on a television to watch different programs
running simultaneously. Only one program can be viewed at any one time,
however, depending on which channel is currently selected. (Picture-inpicture televisions can show two or more channels at once on the screen, but
each picture is still being received on a different channel.)
WLANs use channels in the same way. Certain unlicensed frequency ranges
are allocated for wireless networking, and those frequency ranges are
subdivided into channels. In order for a transmitter and receiver to
communicate with one another, they must be on the same channel. The 2.4
GHz ISM band has a total of 14 channels available for wireless networking.
The locale where they are used will determine which of the 14 channels can
be legally used for wireless networking. In the United States, IEEE
802.11b/g/n wireless networks use 11 of the 14 channels available in the 2.4
GHz ISM band. Each of these 11 channels for DSSS or HR/DSSS technology is
22 MHz wide, and for OFDM technology it is 20 MHz wide. Understand that
these channels are further defined by their center frequency; for example,
Channel 1 in the 2.4 GHz ISM band has the center frequency at 2.412 GHz.
Simple arithmetic shows there will be overlap in order to accommodate all of
the 20 MHz or 22 MHz wide channels in this frequency range. Table 4.4
shows the 14 available channels in the 2.4 GHz range.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 4.4 Channels in the 2.4 GHz ISM band
Channel
Number
Center
Frequency in
GHz
United
States
Europe Israel* China Japan
1
2.412
✔
✔
✔
✔
✔
2
2.417
✔
✔
✔
✔
✔
3
2.422
✔
✔
✔
✔
✔
4
2.427
✔
✔
✔
✔
✔
5
2.432
✔
✔
✔
✔
✔
6
2.437
✔
✔
✔
✔
✔
7
2.442
✔
✔
✔
✔
✔
8
2.447
✔
✔
✔
✔
✔
9
2.452
✔
✔
✔
✔
✔
10
2.457
✔
✔
✔
✔
✔
11
2.462
✔
✔
✔
✔
✔
12
2.467
✔
✔
✔
13
2.472
✔
✔
✔
14
2.484
✔
*Israel allows only channels 5–13 outdoors, but 1–13 indoors.
The 5 GHz UNII band is also divided into channels. This band consists of four
bands—lower, lower middle, upper middle, and upper. These four bands
consist of four different frequency ranges. Since there are fewer channels in
the same amount of space, channels in the UNII band do not overlap. In the 5
GHz UNII band, channels are 20 MHz wide. Table 4.5 shows the 5 GHz UNII
band for the FCC and ETSI locales.
||||||||||||||||||||
||||||||||||||||||||
TABLE 4.5 Number of available channels in the 5 GHz band
Locale
Frequency Range
Number of
Channels
Americas/EMEA
UNII-1 band
(5.15−5.25)
4
Americas/EMEA
UNII-2 band
(5.25−5.35)
4
Americas/EMEA
UNII-2e band
(5.470−5.725)
12
Americas/EMEA (with
restrictions)
UNII-3 band
(5.725−5.825)
5
Radio Frequency Range
RF range for WLANs is based on the wavelength or distance of a single cycle
—the higher the RF, the shorter the range of the signal; and the lower the
frequency, the longer the range of the signal. At the same output power level
(amplitude), a 2.4 GHz signal will travel almost twice as far as a 5 GHz signal.
If the transmit power of a 2.4 GHz or 5 GHz device were increased or
decreased, the range of the signal would also be affected. If a network design
is planning to use dual-band access points, range will need to be considered to
ensure proper coverage for both the 2.4 GHz ISM and 5 GHz UNII bands. A
wireless site survey will help determine the usable range an access point will
produce. A survey can involve physically walking around the proposed space
and/or predictive modeling using one of many software programs. This
process is discussed further in Chapter 9, “Design for Wireless Networking.”
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Coverage and Capacity
Coverage and capacity are two key factors to take into consideration when
designing and implementing an IEEE 802.11 WLAN. During the design phase
of an IEEE 802.3 wired network, the design engineer will take capacity into
account, verifying and validating that there are enough capacity switches,
ports, and so on, for the user base of the network. The same is true for a
wireless network. The number of devices/users connected to an access point
and the applications they perform need to be carefully considered. The fact
that wireless networks use a shared medium is an issue, because the more
devices that are connected to an access point, the lower the performance may
be, depending on what the devices are doing. This capacity consideration will
ensure satisfied end users and excellent network performance—proof of a
successful wireless network design and deployment.
In wireless networks, coverage also needs to be considered. Coverage is
determined by the RF cell size. In IEEE 802.11 wireless networks, a cell is the
area of RF coverage of the radio transmitter—in most cases, an access point.
Depending on implementation, wide coverage or large cell size may not be the
best solution. A large space covered by a single access point could result in
less than adequate network performance based on factors such as the user’s
distance from the access point. The farther away from an access point, the
less throughput a device or user will experience. This is because a weaker
received signal will use a lower signaling rate due to the ability of a receiver to
effectively demodulate the signal. The proprietary dynamic rate switching
(DRS) process will allow an associated wireless device to adapt to the RF
signal strength and signal quality in a particular location of the basic service
area. As a wireless device moves away from an access point, the amount of
received signal will decrease because of the free space path loss. When this
occurs, the modulation type will change because the RF signal quality is less
and thus a lower data rate will be realized. If users will be scattered
throughout a large space, it will be best to have several access points covering
the space to allow for optimal performance.
||||||||||||||||||||
||||||||||||||||||||
The term cell has several different meanings, depending on the
context. In the world of IEEE 802.11 wireless networks, a cell is the radio
coverage area for a transmitter such as an access point or a client device.
Wireless LAN Coverage
The term coverage has different meanings, depending on the context in which
it used. For example, if you buy a gallon of paint, the label will specify the
approximate coverage area in square feet (sq ft). If one gallon of paint covers
300 sq ft and the room you wish to paint is 900 sq ft, simple arithmetic shows
at least three gallons of paint would be needed to effectively cover the room.
The concept is similar in IEEE 802.11 wireless networking. Unlike with paint,
however, there is no simple rule that determines how much space an access
point will cover with the RF energy it is transmitting. This coverage will
depend on many factors, some of which include:
Physical size of the area
Bandwidth-intensive software applications in use or hardware
applications, which may negatively impact the performance, thereby
requiring smaller RF coverage cells
Obstacles, including building materials and propagation (the way radio
waves spread through an area)
RF range
WLAN hardware in use, which affects coverage because higher
frequencies, such as 5 GHz, do not travel as far as lower frequencies, such
as 2.4 GHz
Transmitter output power
You might initially assume that you want the RF signal to propagate over the
largest area possible. But this may not be the best solution. A very large cell
may allow too many devices to connect to a single access point, causing a
decrease in overall performance. For those client devices connected at a
greater distance, the performance will be lower than for stations closer to the
access point. Figure 4.8 shows a large coverage area, approximately 11,250 sq
ft (1,046 sq m) covered with a single access point. This is an example of too
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
large an area for a single access point.
FIGURE 4.8 Wide coverage with only a single access point is not
recommended.
Physical Size of the Area
Rarely, if at all, will a manufacturer of enterprise-grade IEEE 802.11 WLAN
hardware commit to the amount of area an access point will cover. There are
too many variables to take into consideration, which makes it difficult to
specify an exact number. Some manufacturers, however, may estimate the
effective range of the device or access point. A site survey of the area will help
determine the coverage area of an access point. A manual survey will allow
for testing to verify the distance a signal will travel. A predictive site survey
will model the environment and determine the signal propagation. Chapter 9
discusses this concept further.
Applications in Use
The application types in use—either software or hardware—can affect the
bandwidth of an access point. If the devices connected to an access point use
||||||||||||||||||||
||||||||||||||||||||
bandwidth-intensive applications, such as a computer-aided
design/computer-aided manufacturing (CAD/CAM) application, it could
result in poor throughput for all devices or users connected to that access
point due to device contention and the shared medium. This is another
example of where more access points, with each covering a smaller area,
could be a better solution than a single access point covering a large area.
Multiple access points could allow the high-bandwidth users to be separated
from other parts of the network, increasing overall performance of the
network.
Obstacles, Building Materials, Propagation, and Radio Frequency Range
Obstacles in an area, including building materials such as walls, doors,
windows, and furnishings, as well as the physical properties of these obstacles
—thickness of the walls and doors, density of the windows, and type of
furnishings—can also affect coverage. The RF used, either 2.4 GHz or 5 GHz,
will determine how well a signal will propagate and handle an obstacle.
For example, a wall made from sheetrock or drywall materials may have an
attenuation value of about 3 dB to 4 dB, whereas a wall made of concrete may
have an attenuation value of about 12 dB. Keep in mind that a 3 dB loss is
actually one half of the amount of RF power. Therefore, the sheetrock wall
would have less impact on the RF propagation than the concrete wall.
Partitions, walls, and other obstacles will also determine the coverage pattern
of an access point because of the way RF behaves as it travels through the air.
Behaviors of RF will be discussed later in this chapter in the section
“Environment: Radio Frequency Behavior.”
Wireless LAN Hardware and Output Power
The WLAN hardware in use can also have an impact on the coverage area.
Examples include the antenna type, antenna orientation, and gain of the
antenna. The higher the gain of an antenna, the greater the coverage area can
be; conversely, the lower the gain of an antenna, the smaller the coverage
area. The polarization of an antenna (horizontal vs. vertical) will also have an
effect on the coverage area because of the different shapes of the radiation
patterns. The output power of the transmitter or access point will also have
an effect on coverage. The higher the RF transmit power, the greater distance
a signal will propagate. A higher power signal will provide more coverage.
Most enterprise-grade access points provide the capability to control or adjust
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
the output power.
Wireless LAN Capacity
One definition of capacity is the maximum amount that can be received or
contained. An example of this would be an elevator in a building. An elevator
typically will have a maximum number of people or amount of weight it can
hold; this is usually stated on a panel within the elevator. To ensure safety,
the elevator may have a safety mechanism to prevent overloading. Likewise, a
restaurant has a certain number of chairs to hold customers; therefore, they
would have a maximum capacity of customers who can be served at any one
time. Does this mean that when a restaurant fills its seats to capacity, the
doors close and no other customers can enter the building? Not necessarily.
In some cases, a restaurant could have customers standing and waiting to be
seated.
Just as an elevator or a restaurant has a limited number of people they can
accommodate comfortably, wireless access points also have a limited number
of devices and bandwidth they can handle, known as capacity. The capacity of
an access point is how many devices or users the AP can service effectively,
offering the best performance. This capacity depends on several factors,
including:
Software and hardware applications in use
Desired throughput or performance
Number of devices/users
The following sections discuss how these factors affect the capacity of an
access point.
||||||||||||||||||||
||||||||||||||||||||
What Happens When an Access Point Is Overloaded?
If the capacity of a single access point has exceeded the maximum
number of users or devices based on the performance metrics, access
points may need to be added. If a wireless network is installed correctly,
an access point will not be overloaded with an excessive number of users.
An overloaded access point will result in poor performance and therefore
unhappy users.
Consider the restaurant example. If a restaurant seats 20 customers and
all 20 seats are taken, the restaurant has reached its capacity. Let’s say the
restaurant is short-staffed because two servers did not show up for work.
The servers who did show up will have to work extra hard to handle the
customers. This may cause delays in service because the servers need to
handle more than their normal number of tables. The delays may result
in unhappy customers.
The same is true for wireless access points. If a wireless access point has
reached its capacity, it could get overloaded. This would result in its
taking longer to handle any individual request for access. The delays may
result in unhappy users. This situation could justify adding another
access point in the area to handle the additional users. Just as a
restaurant will not close its doors when all seats are taken, an access
point will continue to accept users to connect unless restrictions, such as
load balancing, are implemented.
Software and Hardware Applications in Use
The software and hardware applications in use may affect the capacity of an
access point. Some applications are more bandwidth-intensive than others.
For example, word processing applications may not require much bandwidth,
whereas database or CAD/CAM applications may require much more
bandwidth than other applications. If high-bandwidth applications are in use,
the contention among the connected users will increase because they are
using a shared medium (air and RF). Therefore, performance will potentially
be reduced for all users connected to the access point. The access point is
providing the same amount of bandwidth, but the overall performance has
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
been decreased for the connected users because the software applications are
all using a lot of bandwidth.
The use of Voice over Wireless LAN (VoWLAN) technology continues to
increase in many wireless network deployments. This is an example of a
hardware application. Voice technology on wireless networks is subject to
latency. Therefore, depending on the number of voice client devices
connecting to an access point, the network must be carefully planned.
Capacity planning and quality of service (QoS) features are important when it
comes to deploying voice technology on wireless networks.
Desired Throughput or Performance
The desired throughput or performance can also affect capacity. A large
number of users connected to an access point using a bandwidth-intensive
application will cause poor performance. Therefore, it may be necessary to
limit the capacity to a certain number of users to give the connected users the
best performance possible. Any software application that is bandwidthintensive, such as CAD/CAM, streaming video, or File Transfer Protocol
(FTP) downloads, can affect overall performance. One way to help resolve this
would be to use a load-balancing method to limit the number of users who
can connect to an access point. Another way would be to create RF cells with
smaller coverage areas and add more access points.
Number of Devices/Users
The number of connected devices in an area will also affect the access point
capacity. A single access point covering a large area will potentially allow for a
large number of devices connecting to the access point. For example, an office
of 8,000 sq ft may consist of 100 people, each with their own wireless device.
This is an example of wide coverage and large capacity. The software
applications in use on the wireless network will have an impact on the overall
performance. If all 100 devices connected are using a CAD/CAM application,
which is a bandwidth-intensive application, the overall performance will be
poor because this type of application requires a lot of resources. Therefore,
more access points, each covering less space and less capacity, would parlay
into better overall performance for all of the users.
Wide coverage in a densely populated area may allow too many devices to
connect to a single access point, resulting in poor performance overall.
WLANs use what is known as a shared medium. In other words, all devices
||||||||||||||||||||
||||||||||||||||||||
users connected to an access point will share the available bandwidth. Too
many devices using powerful applications will overload the access point,
adding to the poor performance issues. This scenario is considered a capacity
issue. In this situation, more access points with each AP covering a smaller
area and a lower number of devices or less capacity would be a better
solution. As you learned in Chapter 3, “Infrastructure and Client Devices
Used with Wireless Networking,” many organizations now have to deal with
the “bring your own device” (BYOD) issue.
In addition to potential problems with technical support and security, WLAN
capacity is also a major concern. The BYOD expansion of Wi-Fi devices is
causing a wireless client device density issue within the enterprise market. If
a company’s corporate policy allows employees to bring their own wireless
capable devices, then WLAN capacity needs to be carefully evaluated to
address this potential issue.
Radio Frequency Channel Reuse and Device Co-location
The 2.4 GHz ISM band has a total of three nonoverlapping channels. In the
U.S. FCC implementation of this band, the three nonoverlapping channels are
1, 6, and 11. This means there must be a separation of five channels in order
for them to be considered nonoverlapping. In the 2.4 GHz ISM band,
channels are separated by 5 MHz on center. Taking this into consideration,
channels must be separated by 25 MHz or greater in order to be considered
nonoverlapping (IEEE 802.11-2016, Clause 16). This is calculated from five
channels of separation multiplied by 5 MHz on center (5 × 5 = 25). With
deployments larger than a few access points, a channel plan may be
necessary. A channel plan will minimize the chance of interference caused by
two transmitters (access points) set to the same or adjacent overlapping
channels.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The IEEE 802.11-2016 Clause 15 specifies 30 MHz or greater of
separation to be considered nonoverlapping: “Adjacent channel rejection
is defined between any two channels with ≥ 30 MHz separation in each
channel group defined in 15.4.4.3.” Keep in mind that this specification is
for 802.11 DSSS. For HR/DSSS (IEEE 802.11-2016, Clause 16), channels
must be separated by 25 MHz or greater in order to be considered
nonoverlapping.
Figure 4.9 illustrates a 2.4 GHz deployment with no channel planning. Users
in the areas where the circles overlap will experience interference. This
interference will result in lower overall throughput for the connected users
because of the Physical layer (PHY) technologies that WLANs use. This
interference basically has the same effect as collisions in an Ethernet
network, resulting in retransmissions of data.
FIGURE 4.9 Users of these access points will experience overlapping
channel interference in a multichannel architecture because they are all set to
the same channel.
A correct channel plan will implement channel reuse and ensure that
overlapping cells will not use overlapping channels. Channel reuse is using
nonoverlapping channels—for example 1, 6, and 11 in the 2.4 GHz range—in
such a way that the overlapping cells are on different RF channels. Figure
4.10 shows a 2.4 GHz deployment utilizing proper channel reuse. Channel
reuse may be accomplished by mapping out the access points on a floor plan
||||||||||||||||||||
||||||||||||||||||||
and minimizing the chances that the RF cells propagated by the access points
do not overlap on the same RF channels. This type of channel plan can be
done manually or with site survey software applications. Site survey
applications will be discussed in more detail in Chapter 9. In parts of the
world where the regulatory agency allows WLAN use of channels 12, 13, and
14 in the 2.4 GHz ISM band it may be possible to utilize four channels (1, 5, 9,
and 13) instead of the more common three non-overlapping channels of 1, 6,
and 11.
FIGURE 4.10 Co-location of access points with proper channel reuse.
Overlapping areas use different channels in a multichannel architecture to
prevent interference.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Radio Frequency Range and Speed
How far and fast a RF signal travels depends on a variety of factors, including
line of sight, RF interference, and the types of materials within the
environment. This section discusses these factors.
Line of Sight in Wireless Networking
RF communication between devices in 802.11 wireless networking uses
different types of line of sight. There are two types of line of sight to take into
account when planning, designing, and installing wireless networks:
Visual line of sight
Direct link RF line of sight
Visual line of sight is when a transmitter and receiver can “see” each other. In
order for wireless networking direct link communication to be successful in
an outdoor wireless link, there should be a clear, unobstructed view between
the transmitter and receiver. An unobstructed line of sight means few or no
obstacles blocking the RF signal between these devices.
In an outdoor WLAN installation, direct link RF line of sight is an
unobstructed line between a radio transmitter and receiver. This line will be
surrounded by an area of RF transmissions known as the Fresnel zone. The
Fresnel zone consists of a number of concentric ellipsoidal volumes that
surround the direct RF line of sight between two points, such as an RF
transmitter and receiver or two wireless bridges.
In outdoor WLAN installations, the RF line of sight, and therefore the radio
transmissions between a transmitter and receiver, could be affected if the
total area of the Fresnel zone is blocked by more than 40 percent. This
blockage can come from a variety of sources, such as trees, buildings, terrain,
or other obstacles, including the curvature of the earth over a distance of 7
miles (11.2 km) or greater. Figure 4.11 illustrates a Fresnel zone.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.11 The oval area represents the Fresnel zone RF coverage area
between a transmitter and receiver, two wireless bridges in a point-to-point
connection.
One way to think about line of sight is by the analogy of two people looking at
each other. If two people about the same height standing some distance apart
are making direct eye contact, they have a good visual line of sight. In
addition to being able to see directly in front of them, people have peripheral
vision. This peripheral vision gives people the ability to see movement and
objects outside of their direct line of sight or direct eye contact. This
peripheral vision or side vision is analogous to the Fresnel zone theory.
Exercise 4.1 provides a fun way to conceptualize a Fresnel zone on your own.
EXERCISE 4.1
Demonstrating Fresnel Zone and Blockage
Here is one way to demonstrate the Fresnel zone. Focus your eyes at a
location on a wall. Make sure there are obstacles or movement off to both
left and right sides of your view. Hold your hands down to your sides.
Continue to focus your eyes for a minute or so, and then take your right,
left, or both hands and slowly raise them from your sides toward the side
of your head while blocking your peripheral vision. You’ll notice as your
hands get closer to the side of your head, the view of the objects or
movement to the sides will be blocked by your hands. This is an example
of a blocked Fresnel zone.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Sixty percent at a minimum of the total area of the Fresnel zone
must be clear of obstacles in order to have RF line of sight.
Because of the low transmit and receive power and the short distance, a visual
line of sight is not required for an indoor WLAN deployment. An indoor
access point may cover areas that are divided by walls, ceilings, and other
obstacles. With this short range and if the RF is able to penetrate the
obstacles, wireless communication between a transmitter and a receiver will
be successful even when the devices do not have a visual line of sight.
||||||||||||||||||||
||||||||||||||||||||
Wi-Fi and Non–Wi-Fi Interference
Interference, from a RF point of view, occurs when a receiver hears two
different signals on the same or close frequency. Interference causes received
RF signals to be distorted. In WLANs, this interference can have a severe
impact on the quality of signal received by a wireless device. This distorted or
corrupted signal will decrease the amount of data a device can effectively
receive, thereby causing less data throughput.
A WLAN receiver has similar characteristics to the human ear. Both can hear
a range of frequencies. If one person is speaking and a number of people are
listening, that is analogous to a single transmitter and multiple receivers. If a
second person started to speak at the exact same time, people listening might
not be able to understand either speaker. In a sense, they are experiencing
interference.
An IEEE 802.11 wireless network may use the unlicensed 2.4 GHz industrial,
scientific, and medical (ISM) band. This band is also used for many other
devices, including:
Cordless phones
Microwave ovens
Medical devices
Industrial devices
Baby monitors
Other IEEE 802.11 wireless networks
Some IEEE 802.15 devices
Because these devices also use RF to operate and the frequency is in the same
unlicensed band as IEEE 802.11 wireless networks, they have the potential to
interfere with one another. Although they may coexist in the same RF space,
the interference factor needs to be taken into consideration. This can be done
as part of the site survey process.
Adjacent Channel and Co-channel Interference
Adjacent channel and co-channel interference occurs when two devices in the
same physical area are tuned to close RF channels or the same channel. For
example, an access point on channel 1 and another access point on channel 2
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
in close or hearing range of each other will experience adjacent channel
interference. Some of the symptoms of adjacent channel interference are
reduced throughput and the equivalent of collisions causing data
retransmissions. Co-channel interference is when two or more independently
coordinated access point radios are providing RF coverage to the same
physical area using the same 802.11 channel such as Channel 1 and Channel
1. Another term used for co-channel interference is “co-channel cooperation,”
since it is not really interference but rather an increase in the size of the
contention domain.
Co-channel interference is defined as two different radio
transmitters using the same frequency. The IEEE 802.11-2016 standard,
however, defines interference between channels 1 and 2 as co-channel
interference caused by overlapping channels. According to the standard,
adjacent channel interference for HR/DSSS and ERP in the 2.4 GHz ISM
band is caused by frequencies of greater than or equal to 25 MHz
separation, such as channels 1 and 6. The terms co-channel and adjacent
are used loosely in the WLAN industry. Please consult specific
manufacturers’ documentation for their definition. The CWNP program
complies with the IEEE standards definition.
Overlapping interference is defined as two devices (such as access points) on
the same frequency overlapping one another. For example, two access points
on the 2.4 GHz ISM band in close proximity to each other, one on channel 1
and the other on channel 3, might interfere with each other.
Both adjacent channel interference and co-channel channel interference will
cause poor performance and throughput on a wireless network. In a wireless
network, co-channel or adjacent channel interference can have the same
impact. Figure 4.12 shows that 2.4 GHz ISM band channel 4 and channel 6
overlap.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.12 Channel overlap in the 2.4 GHz ISM band
A properly designed WLAN will have overlapping RF cells. Overlapping cells
provide continuous coverage and channel reuse for the entire area where the
access points are placed. Overlapping cells allow devices to move from one
access point to another and maintain a constant connection. A well-designed
WLAN will also minimize or eliminate overlapping and co-channel
interference. This design includes assigning nonoverlapping RF channels to
cells that do overlap with each other. In practice, an overlapping cell design
will include approximately a 20 percent overlap to encourage better
transitioning for the connected devices. Wireless repeaters require a 50
percent overlap to be effective. The frequency in use is determined by how
many nonoverlapping channels are available in the band. For example, in the
United States, the 2.4 GHz band used for 802.11b/g/n has three
nonoverlapping channels: 1, 6, and 11. Figure 4.13 shows 2.4 GHz ISM band
with these three nonoverlapping channels.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.13 Five channels of separation and 25 MHz of separation
between nonoverlapping channels
WLAN/WPAN Interference
The performance of IEEE 802.11 wireless networks can be affected when they
are co-located with IEEE 802.15 wireless personal area networks (WPANs).
Bluetooth is an example of a WPAN. Like 802.11, Bluetooth devices operate in
the 2.4 GHz frequency range and use frequency-hopping spread spectrum
(FHSS) technology. This functionality in older Bluetooth devices could
potentially interfere with IEEE 802.11 wireless networks. Newer versions of
Bluetooth that use adaptive frequency hopping (AFH) have less chance of
interfering with other wireless networks, including 802.11 wireless networks.
AFH allows devices such as Bluetooth to adapt to the RF environment by
seeking areas of interference and not operating in those specific frequency
ranges. This will lessen the chances of 802.15 WPAN devices interfering with
802.11 WLAN devices. This newer technology is proven such that WLAN
802.11 and WPAN 802.15 Bluetooth devices may coexist in the same physical
radio chipset. Keep in mind, however, that a high density of Bluetoothenabled devices may still cause interference with IEEE 802.11 wireless
networks in the 2.4 GHz ISM band.
Environment: Radio Frequency Behavior
In addition to various types of RF interference, the interaction between RF
and the surrounding environment can also affect the performance of IEEE
802.11 wireless networks. RF behavior is the result of environmental
||||||||||||||||||||
||||||||||||||||||||
conditions, including:
Reflection
Refraction
Diffraction
Scattering
Absorption
Diffusion
Reflection
Reflection occurs when an RF signal bounces off a smooth, nonabsorptive
surface, such as a tabletop, and changes direction. Reflections can affect
indoor WLAN installations fairly significantly in certain cases. Depending on
the interior of the building—such as the type of walls, floors, or furnishings—
there could be a large number of reflected signals. If not properly handled,
reflections could cause a decrease in throughput and poor network
performance in IEEE 802.11a/b/g (non-MIMO) wireless networks.
Furnishings, metal beams, walls, ceilings, shelving, and roofing can all cause
reflections. Figure 4.14 illustrates reflection.
FIGURE 4.14 Radio frequency reflection
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
When it comes to reflection, think of a ping-pong game. When a
ping-pong ball is served or hit, it comes in contact with the table—a
smooth, hard surface—and bounces off in a different direction. This is
similar to how reflection works with radio frequency.
Refraction
When an RF signal passes between mediums of different densities, it may
change speeds and also bend. This behavior of RF is called refraction. Glass is
an example of material that may cause refraction. When an RF signal comes
in contact with an obstacle such as glass, the signal is refracted (bent) as it
passes through, and some of the signal is lost. The amount of loss depends on
the type of glass, its thickness, and other properties. Figure 4.15 shows
refraction.
FIGURE 4.15 Radio frequency refraction
Diffraction
When an RF signal passes an obstacle, the wave changes direction by bending
around the obstacle. This RF behavior is called diffraction. A building or
other tall structure could cause diffraction, as could a column in a large open
area or conference hall. When the signal bends around a column, building, or
other obstacle, the signal weakens, resulting in some level of loss. Figure 4.16
illustrates diffraction.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.16 Radio frequency diffraction
Demonstrating Diffraction: A Rock in a Pond
You can demonstrate diffraction by using a pond of still water. Place a
large object, such as a two-by-four piece of lumber, in a pond of still
water. After the water settles, try to drop a pebble or small rock off to the
side of the piece of lumber. Watch closely and you will see the ripple of
the water bend around the lumber, resulting in a diffraction effect. It is
easy to confuse the term diffraction with diffusion. Note that diffusion is
the natural widening (spreading) of an RF signal as it leaves an antenna
element. This is the premise of free space path loss (FSPL), which is
discussed further in the “Diffusion” section.
Scattering
When an RF signal strikes an uneven surface, wavefronts of the signal will
reflect off the uneven surface in several directions. This is known as
scattering. Scattering, illustrated in Figure 4.17, is another form of loss that
may severely degrade the RF signal. The difference between scattering and
reflection is the surface with which the RF comes in contact. As with
reflection, furnishings, metal beams, walls, ceilings, shelving, and roofing all
can cause scattering.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.17 Radio frequency scattering
Absorption
Absorption is the conversion of the RF signal energy into heat. This occurs
because the molecules in the medium through which the RF signal is passing
do not travel as fast as the RF waves, resulting in a loss of signal. There are
many materials to consider with absorption, including brick, concrete,
windows, doors, water, drywall, wood, and people. When material absorbs an
RF signal, it may significantly affect the signal as it penetrates through the
material. One example of absorption is the human body, which has a high
liquid content and will absorb RF signals. This type of absorption can be a
problem for wireless network deployments in certain environments.
Absorption should be considered when designing a WLAN for densely
populated areas such as stadiums, airports, and conference halls. Figure 4.18
shows absorption.
FIGURE 4.18 Radio frequency absorption
Diffusion
||||||||||||||||||||
||||||||||||||||||||
Diffusion occurs when the RF signal naturally widens as it leaves an antenna
element. As a result of this widening effect, the transmitted RF signal will
decrease in amplitude and be less powerful at any distance from the antenna.
This is known as free space path loss (FSPL). FSPL is the greatest form of loss
factor in a RF link. FSPL is calculated using frequency and distance as
variables and entered into a mathematical formula. The receiving antenna is
only able to receive a small amount of the transmitted signal because of this
widening effect of the diffused signal as it propagates through the air. Any
signal that is not received by the intended device is considered loss.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Basic Units of Radio Frequency Measurement
If a person were given a dollar bill, they would be one dollar richer. If this
person were given 100 cents, they would still be one dollar richer. From this
example, we see 1 dollar = 100 cents, and 1 cent = 1/100th of a dollar. One
dollar and 100 cents are the same net amount, but a cent and a dollar are
different units of currency.
The same is true for RF measures of power. The basic unit of measure for RF
is the watt (W). A wireless access point may be set to an output of 30 mW
(milliwatts) of power. A milliwatt is 1/1000 of a watt. Just as in currency
cents and dollars are both denominations of money, watts and milliwatts are
measurements of RF power. Other units of measurement for RF are dB, dBi,
dBd, and dBm.
Absolute Measurements of Radio Frequency Power
The amount of power leaving a wireless access point is one example of an
absolute measure of power. This is an actual power measurement, not a ratio
or a relative value. In other words, this is a measurable amount of power and
can be determined with the proper instrument, such as a watt meter. A typical
maximum amount of transmit output power from an access point is 100 mW.
The measure of AC power can be calculated using the following basic
formula:
P=E×I
Power (P) equals voltage (E) multiplied by current (I).
A simple example would be to calculate the power from 1 volt and 1 amp.
Using the given variables, the formula is as follows:
P = 1 volt × 1 amp
The answer would be power = 1 watt.
The formula P = E × I is shown here for reference only to
demonstrate the calculation of RF power. You will not need to know this
formula for any of the associated certification exams.
||||||||||||||||||||
||||||||||||||||||||
Watt
The watt (W) is a basic unit of power measurement. It is an absolute value,
which is a measurable amount of power. Most indoor wireless networks
function in the milliwatt range. Power level in watts is a common
measurement in long distance point-to-point and point-to-multipoint
connections.
Milliwatt
One milliwatt (mW) is 1/1000 of a watt. This is a common value used in RF
work and indoor IEEE 802.11 WLAN deployments. The output power of an
access point typically ranges from 1 mW to 100 mW. Most enterprise-grade
access points allow you to change the output power. Most SOHO-grade access
points have a fixed output power, typically about 30 mW. The milliwatt is also
an absolute unit of power measurement.
Decibel Relative to a Milliwatt
dBm is the power level compared to 1 milliwatt. This is based on a logarithmic
function. A good rule to remember is 0 dBm = 1 mW. This value is considered
as absolute zero. Using a formula or basic RF calculation rules, you can easily
convert any milliwatt value to decibels: 100 mW = 20 dBm, for example.
The dBm is also an absolute unit of power measurement. A dB is an example
of a change in power or relative measurement of power where dBm is
measured power referenced to 1 milliwatt or an absolute measure of power.
The next section discusses relative measurements of power.
Remember, absolute values are measurable values of power,
such as watt, milliwatt, and decibel milliwatt.
Relative Measurements of Radio Frequency Power
Changes in RF power are known as relative. dB and dBi are relative
measurements of power. An example would be an RF amplifier. If the input
power to an amplifier is 10 mW and the output power is 100 mW, the gain of
the amplifier is 10 dB—a change in power.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
If the input RF power to an antenna is 100 mW and the theoretical amount of
RF output power is 200 mW, the gain of the antenna is 3 dBi—a change in
power. Both of these are examples of changes in power and are known as
relative expressions of RF power.
Decibel
The decibel (dB) is a ratio of two different power levels caused by a change in
power. Figure 4.19 shows how an amplifier will provide an increase or change
in power.
FIGURE 4.19 Output doubled in power from 100 mW to 200 mW from
amplifier with a gain or change in power of +3 dB
Basic RF Math: The 3s and 10s Rule
This section is beyond the scope of the exam objectives and is for
informational purposes only.
There is a simple way to perform any RF math calculation without having
to use logarithms and mathematical formulas. This method is known as
the 3s and 10s Rule (or sometimes referred to as the 10s and 3s Rule). If
you remember five basic steps, you can perform any RF math calculation.
The five basic steps are as follows:
0 dBm = 1 mW (starting point)
Increase by 3 dBm and power in mW doubles or × 2
Decrease by 3 dBm and power in mW is cut in half or ÷ 2
Increase by 10 dBm and power in mW is multiplied by 10 or × 10
Decrease by 10 dBm and power in mW is divided by 10 or ÷ 10
Decibel Isotropic
||||||||||||||||||||
||||||||||||||||||||
Decibel isotropic (dBi) is the unit that represents the gain or increase in
signal strength of an antenna. The term isotropic in the RF world means
energy broadcast equally in all directions in a spherical fashion. An imaginary,
perfect antenna is known as an isotropic radiator. This is a theoretical
concept and is used as a reference and in calculations. dBi will be discussed
and used in more detail in Chapter 5. Table 4.6 shows a summary of absolute
and relative power measurements.
TABLE 4.6 Absolute and relative measures of power
Absolute Power Units Relative Power Units
Watt
dB
Milliwatt
dBi
dBm
dBd
Remember, relative values are changes in power from one value
to another value. dB, dBi, and dBd measure relative power.
Decibel Dipole
The gain of some antennas may be measured in decibel dipole (dBd). This
unit of measurement refers to the antenna gain with respect to a reference
dipole antenna. The gain of most antennas used in WLANs is measured in
decibel isotropic (dBi); however, some manufacturers may reference the gain
of an antenna in dBd. The following simple formula derives the dBi value
from the dBd value:
dBi = dBd + 2.14
This formula converts from dBi to dBd:
dBd = dBi − 2.14
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
dBd vs. dBi
You are a procurement agent working for a manufacturing company. An
engineer orders some antennas to be used in a WLAN deployment. The
part number you received from the engineer on the bill of materials is for
antennas that are currently out of stock at your normal supplier. The
order has to be placed as soon as possible, but technical support for the
vendor is gone for the day, and you are not able to get any assistance.
You found what appears to be a reasonable alternative for the requested
antennas. However, the gain of the antennas does not exactly match what
the engineer documented on the bill of materials. The engineer requested
omnidirectional antennas with a gain of 6 dBi. You found what appears to
be a comparable alternate with a gain of 6 dBd. It will be necessary for
you to determine whether these antennas will work. Not quite
understanding the difference, you do some research to determine the
difference between dBd and dBi. After searching various websites, you
find a formula to convert the two different units:
dBi = dBd + 2.14
Using your calculator, you enter the value from the specification sheet for
the alternate antennas:
6 dBd + 2.14 = 8.14 dBi
Unfortunately, the antennas found will not be good alternates in this
example. Back to the drawing board!
Radio Frequency Signal Measurements
It is important to understand the various signal measurements of RF used in
WLAN technology. Using tools like a wireless adapter client utility or a
spectrum analyzer will allow you to view different statistics that pertain to a
wireless network. Some of these statistics are
Receiver sensitivity
RF noise
||||||||||||||||||||
||||||||||||||||||||
Received signal strength indicator (RSSI)
Signal-to-noise ratio (SNR)
Receiver Sensitivity
The basic definition of receiver sensitivity is the measurable amount of RF
signal usable by a receiver. More complex modulation and coding types will
require better signals and are directly related to which signaling rate will be
used to transfer the data. This is also determined by how much RF noise is in
the area of the radio receiver. Figure 4.20 shows a data sheet of a wireless
access point that displays the minimum receiver sensitivity required to
achieve a specific data rate.
FIGURE 4.20 Data sheet from an Aruba Networks IEEE 802.11ac AP 330
wave 2 wireless access point showing the mapping of minimum receiver
sensitivity in dBm to data rates in Mbps
It is important to note that data sheets from wireless equipment
manufacturers show the minimum amount of receive signal to achieve the
listed data rates. You can see in Figure 4.20 that this specific access point
requires a minimum of −75 dBm receiver sensitivity in order to get the data
rate of 54 Mbps. Most industry best practices recommend a minimum of −65
dBm to −67 dBm in order to achieve the highest data rate and best possible
performance. There is a lack of industry standards for calculating the RSSI
value. Manufacturers may derive the same or similar values but use different
proprietary calculations to do so. Two devices from different manufacturers
having equal distance from the transmitting device and subjected to the same
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
interference sources may calculate different RSSI values. So, when
conducting a physical site survey, if possible it is recommended to use the
same type of wireless devices that will be deployed in the environment to
sample RSSI and SNR values.
Radio Frequency Noise
Radio frequency noise is the term for RF signals from sources other than the
transmitter and receiver that are in communication. Here is an analogy to
help explain. You and a guest are in a crowded open-space restaurant for
dinner. There are many unrelated conversations occurring at the same time at
the various tables throughout the restaurant. If you and your dinner guest
momentarily paused in your conversation, you would hear these other
conversations, as well as the noise from equipment, telephones, and tables
that are being cleared. This would be the restaurant equivalent of RF noise, as
shown in Figure 4.21.
FIGURE 4.21 Restaurant analogy example of radio frequency noise
||||||||||||||||||||
||||||||||||||||||||
In a WLAN environment, several RF devices may be operating in the same
physical space as the wireless transmitter (access point) and receiver (client
device). Depending on the level of this RF noise, it may be difficult for the
transmitter and receiver to understand each other because the signal level
may be too close to the noise floor and the receiver will have a difficult time
determining the difference between signal and the RF noise. In Figure 4.22, a
screen capture from a spectrum analyzer utility shows a wireless basic service
set on channel 161 in the 5 GHz UNII-3 band. Also shown is the RF noise
floor of about −98 dBm.
FIGURE 4.22 The MetaGeek Chanalyzer spectrum analyzer utility shows a
noise floor for the tested site of about −98 dBm.
Received Signal Strength Indicator
Received signal strength indicator (RSSI) is an arbitrary number assigned by
the radio chipset or device manufacturer, and it will not be comparable
between devices from different manufacturers. As stated in the standard, the
RSSI may be averaged over time using a vendor-specific smoothing function.
The calculation of the RSSI value is done in a proprietary manner, and a
wireless device from one manufacturer may indicate different signal strength
than that indicated by another, even though they both are receiving the exact
same signal and at the same actual amount of RF power. This value is a key
determinant of how well the WLAN device will perform. How the device is
used with the network will determine the required levels of signal for optimal
connectivity. Most wireless client device manufacturers allow their chipsets
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
to access the higher data rates as long as they are getting a −70 dBm signal or
stronger. Wireless VoIP manufacturers recommend deploying so that the
client devices can receive a −67 dBm or better signal from the access point, a
strength that is double the −70 dBm required for higher data rate use due to
the need for better signaling in QoS communications.
Signal-to-Noise Ratio
The signal-to-noise ratio (SNR) is the difference between the amount of
received signal and the noise floor. Looking back at the restaurant analogy, if
you were to continue your conversation and the tables surrounding yours
were all speaking at higher volumes, you might not be able to hear your
dinner guest very well because of the amount of noise created in the open
area of your table. Looking at this from a WLAN perspective, if a client device
records a received signal of −85 dBm and the noise floor is −95 dBm, the SNR
will be 10 dB. This value is calculated by subtracting the received signal from
the noise. In this case −85 dBm − (−95 dBm) = 10 dB. This would not be an
adequate SNR, because the receiver would have a difficult time determining
the difference between the wanted RF signal and the surrounding RF noise.
On the other hand, if the received signal is −65 dBm and the noise floor is
−95 dBm, then the SNR will be 30 dB. This value again is calculated by
subtracting the received signal from the noise—in this case, −65 dBm − (−95
dBm) = 30 dB. This would be an excellent SNR because the receiver would
easily be able to determine the intended RF signal from the surrounding RF
noise. The SNR is a very important metric used with WLAN design. This value
is used to determine the minimum received signal strength required for
optimal performance of a WLAN system. Current best practices recommend a
minimum SNR of 25 dB. Figure 4.23 illustrates the SNR as seen in a spectrum
analyzer tool.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 4.23 Graph showing the received signal strength vs. noise floor and
the SNR using the MetaGeek Chanalyzer spectrum analyzer utility
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Summary
This chapter explored RF basics and the essential role RF plays in the world
of IEEE 802.11 wireless networking. You learned the definition of RF as it
pertains to wireless networking and the basic characteristics or properties of
RF, including:
Wavelength
Frequency
Amplitude
Phase
Then we described devices such as transmitters and receivers and how they
communicate. In WLAN technology, an example of a transmitter and receiver
is an access point and client device. We also discussed the unlicensed RF
bands and channels used in the 2.4 GHz ISM and 5 GHz UNII ranges for
WLAN communications, as well as other frequency ranges that may be
allowed for use with IEEE 80211 wireless networking depending on the local
regulatory agency. RF coverage and capacity are two important areas that
should be considered closely to ensure that a wireless deployment will offer
reliable connectivity and perform well for the user base.
We then explained correct channel reuse to minimize interference from the
co-location of access points. This chapter explored the cause and effect of cochannel interference from sources other than wireless networks operating in
the ISM and UNII bands. We also looked at RF behaviors such as reflection,
refraction, and absorption, and the impact of building materials on the
propagation of radio waves. We discussed RF units of measure, both absolute
and relative, including the watt, milliwatt, dB, and dBi. Finally, we covered
various types of RF signal measurements used with IEEE 802.11 wireless
networking. These topics included:
Receiver sensitivity
RF noise
Received signal strength indicator (RSSI)
Signal-to-noise ratio (SNR)
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Know the basic characteristics or properties of RF. Understand the
characteristics of RF, such as wavelength, phase, frequency, and amplitude.
Be familiar with the frequencies used for wireless networks. Know
the unlicensed ISM and UNII bands available for use with wireless networks.
Understand wireless network coverage and capacity. Know the
difference between coverage and capacity and the factors that will have an
impact on both.
Know what RF factors will affect the range and speed of wireless
networks. Understand the effects of interference and the devices that cause
interference. Be familiar with the environmental conditions that cause
reflection, refraction, diffraction, scattering, and absorption. Understand their
impact on the propagation of RF signals.
Identify basic RF units of measurement. Understand the difference
between absolute and relative measures of RF power. Define W, mW, dB,
dBm, and dBi.
Identify RF signal measurements Understand receiver sensitivity, radio
frequency noise, RSSI, and SNR.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. What is the term defining the number of times a cycle of an RF signal will
oscillate in one second?
A. Phase
B. Frequency
C. Amplitude
D. Wavelength
2. How many nonoverlapping channels are available in the unlicensed 2.4
GHz ISM band?
A. 1
B. 3
C. 6
D. 11
3. The capacity of an access point is dependent on which factors? (Choose
two.)
A. Number of devices
B. Channel reuse
C. Co-location
D. Software applications
E. Frequency
4. When an RF signal passes between media of different densities and may
change speeds and bend, the behavior is known as:
A. Refraction
B. Reflection
C. Scattering
D. Diffraction
5. What two devices use RF to communicate? (Choose two.)
A. Transmitter
||||||||||||||||||||
||||||||||||||||||||
B. Transistor
C. Reactor
D. Reflector
E. Receiver
6. Which are relative measures of RF power? (Choose two.)
A. mW
B. dB
C. dBm
D. dBi
E. Watt
7. In the 2.4 GHz range, what distance between the center frequencies (in
megahertz) is required for two channels to be considered nonoverlapping
for HR/DSSS?
A. 5 MHz
B. 22 MHz
C. 25 MHz
D. 30 MHz
8. Two characteristics of RF signals are
A. Amplitude
B. Reflection
C. Phase
D. Refraction
E. Diffraction
9. How many channels are available for WLANs to use in the unlicensed
UNII-1 band?
A. 2
B. 4
C. 6
Technet24.ir
||||||||||||||||||||
D. 11
10. Which are absolute measures of RF power? (Choose two.)
A. Watt
B. dB
C. mW
D. dBi
E. dBd
11. Which two channels are considered nonoverlapping in the 2.4 GHz band?
A. 1 and 6
B. 2 and 6
C. 6 and 10
D. 11 and 13
12. How many channels are available for WLAN use in the unlicensed 2.4
GHz ISM band?
A. 8
B. 10
C. 11
D. 14
13. The range of a 2.4 GHz signal is mostly dependent on which RF
characteristic?
A. Frequency
B. Wavelength
C. Amplitude
D. Phase
14. Which item has an effect on RF line of sight?
||||||||||||||||||||
A. Phase
B. Obstacles
C. Interference
||||||||||||||||||||
D. Amplitude
15. How many channels are available for WLAN use in the unlicensed middle
UNII-2e band?
A. 4
B. 6
C. 12
D. 14
16. As seen in a two-dimensional (X/Y) view, the amplitude of an RF signal is:
A. Height
B. Length
C. Shift
D. Width
17. An 802.11b channel is how wide in MHz?
A. 5 MHz
B. 22 MHz
C. 25 MHz
D. 30 MHz
18. When an RF signal bounces off a smooth, nonabsorptive surface, the
behavior is
A. Refraction
B. Reflection
C. Scattering
D. Diffraction
19. What is the gain of an antenna measured in?
||||||||||||||||||||
A. dB
B. dBc
C. dBi
D. dBm
Technet24.ir
||||||||||||||||||||
20. When RF passes or bends around an obstacle such as a building or
column, the behavior is:
||||||||||||||||||||
A. Reflection
B. Refraction
C. Scattering
D. Diffraction
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 5
Antenna Technology for Wireless Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.3 Identify the purpose, features, and proper implementation
of antennas
2.4 Describe the proper locations and methods for installing
RF antennas
3.6 Understand and apply basic RF antenna concepts
3.7 Identify the use of WLAN accessories and explain how to
select and install them for optimal performance and regulatory
domain
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.3 Understand antenna types
2.1 Know the frequency bands used
2.4 Identify factors impacting wireless LAN (WLAN)
performance
4.8 Match organizational goals to WLAN features and
functions
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.5 Describe the basic differences among antenna types
1.6 Select the appropriate external antenna when required
3.2 Select appropriate mounting kits for a specified installation
location
||||||||||||||||||||
||||||||||||||||||||
Antennas are an essential part of a successful wireless LAN
(WLAN) deployment. From the transmitter perspective, an antenna takes the
modulated RF energy from the transmission system, transforms it into radio
waves, and propagates it through the free air. From the receiver perspective,
an antenna performs the opposite task—it receives the modulated radio
waves, transforms them back to AC signals, and, finally, sends the
information to a computer or other wireless device.
Many factors are involved in determining the proper antenna to be used in an
application or deployment of a WLAN. These factors include
Indoor or outdoor installation
Distance between transmitter and receiver
Frequency to be used
Horizontal or vertical orientation/polarization
Aesthetics
Cost
Manufacturer
Intended use
Mounting brackets
Electrical characteristics
Height
Location
Local ordinances
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Basic Radio Frequency Antenna Concepts
It is important to understand some of the basic theory, characteristics, and
terminology associated with antennas prior to learning how they operate.
Becoming familiar with this will help in making decisions when it comes to
sales and support of antennas and WLAN systems. Some of the terminology
for characteristics of antennas is listed here:
Radio frequency lobes: Shape of the radiation patterns
Beamwidth: Horizontal and vertical angles
Antenna charts: Azimuth and elevation
Gain: Changing the RF coverage pattern (beamwidths)
Polarization: Horizontal or vertical orientation
Radio Frequency Lobes
The term lobe has many meanings, depending on the context in which it is
used. Typically, it is used to define the projecting part of an object. In
anatomical terms, an example would be part of the human ear known as the
ear lobe. In botanical terms, a lobe is the divided part of a leaf. As an RF
antenna technology term, lobe refers to the shape of the RF energy emitted
from an antenna element. RF lobes are determined by the physical design of
the antenna. The antenna design also determines how the lobes project from
an antenna element.
The effect of antenna design, particularly the shape of the RF lobes, is one
reason why choosing the correct antenna is a critical part of a WLAN design.
Antennas may project many lobes of RF signal, some of which are not
intended to be usable areas of coverage. The RF lobes that are not part of the
main or intended lobe coverage—that is, the rear and side lobes—contain
usable RF but are not intended to be used to provide coverage for the WLAN
cell. They are, for the most part, unintentional coverage areas and are not part
of a good WLAN design and planned coverage area. The type of antenna
utilized—omnidirectional, semidirectional, or highly directional—will
determine the usable lobes. These antennas as well as the RF radiation
patterns they project will be discussed in more detail later in this chapter.
Figure 5.1 shows an example of RF lobes emitted from an antenna element.
The “main signal” is the lobe intended to be used.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.1 RF lobes’ shape and coverage area are affected by the type and
design of an antenna.
Antenna Beamwidth
The design of an antenna will determine how RFs propagate and the specific
patterns in which the RF energy propagates from an antenna element. As
mentioned earlier, the patterns of energy emitted from an antenna are known
as lobes. For antennas, the beamwidth is the angle of measurement of the
main RF lobe measured at what is called the half-power point, or − or power.
This is where the RF power decreases by 50 percent. Antenna beamwidth is
measured both horizontally and vertically, in degrees. It is important to
understand that antennas shape the RF coverage or isotropic energy that
radiates from the antenna element. Changing types or remaining with the
same type of antenna but changing the gain will also change the coverage area
provided by the WLAN system.
Documents or antenna specifications are available to illustrate the horizontal
and vertical beamwidths. Azimuth and elevation charts available from the
antenna manufacturer will show the beamwidth angles.
The azimuth refers to the horizontal RF coverage pattern, and the elevation is
the vertical RF coverage pattern. The azimuth is the view from above, or the
“bird’s-eye view” of the RF pattern; in some cases it will be 360°. Think of the
elevation as a side view. If you were to look at a mountain from the side view,
it would have a certain height or elevation measured in feet or meters. For
example, Pikes Peak, a mountain in the front range of the Rocky Mountains,
has an elevation of 14,115′ (4,302 meters). Figure 5.2 shows a representation
of horizontal and vertical beamwidths. Some predictive modeling site survey
software programs will allow the WLAN designer to adjust the azimuth and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
elevation of the antennas used in the predictive modeling design to more
closely depict the real-world coverage of the WLAN system. WLAN site
surveys and predictive modeling will be discussed in more detail in Chapter 9,
“Design for Wireless Networking.”
FIGURE 5.2 Horizontal (azimuth) and vertical (elevation) beamwidths
measured at the half power, or −3 dB point
Reading Azimuth and Elevation Charts
Understanding how to read an azimuth and elevation chart is useful from
a technical sales, design, or integration perspective. Knowing these
patterns will help when making hardware recommendations for
customers based on needed coverage and device use. These charts show
the angles of RF propagation from both the azimuth (horizontal or
looking down, top view) and the elevation (vertical or side view). They
give a general idea of the shape of the RF propagation lobe based on
antenna design.
Antenna manufacturers test antenna designs in a laboratory. Using the
correct instruments, an engineer is able to create the azimuth and
||||||||||||||||||||
||||||||||||||||||||
elevation charts. These charts show only approximate coverage area based
on the readings taken during laboratory testing and do not take into
consideration any environmental conditions such as obstacles or
interference. The following image shows an example of an azimuth and
elevation chart for a semidirectional antenna.
Understanding how to read one of these charts is not complicated. Notice
that the chart is a circular pattern with readings from 0° to 360°, and
there are many rings within these charts. The outermost ring shows the
strongest signal from the testing process of this antenna. The inner rings
show measurements and dB ratings less than the strongest measured
signal from the outside ring. A good chart will show the most accurate
readings from the testing process. A sales or technical support
professional can use these charts to get an idea of how the radiation
pattern would look based on a specific antenna type and model.
Antenna Gain
The gain of an antenna provides a change in a coverage pattern that is a result
of the antenna focusing the area of RF propagation. This gain is produced
from the physical design of the antenna element. In Chapter 4, “Radio
Frequency Fundamentals for Wireless Networking,” we looked at various
characteristics of RF. One of these characteristics is amplitude, which is
defined as the height (voltage level) or the amount of power of a sine wave.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The amplitude is created by varying voltage over a period of time and is
measured at the peaks of the signal from top to bottom. Amplification of an
RF signal will result in gain. An antenna is a device that can change the RF
coverage area, thus propagating an RF signal further. Antenna gain is
measured in decibels isotropic (dBi), which is a change in intensity as a result
of increasing the isotropic energy. Isotropic energy is defined as energy
emitted equally in all directions. The sun is a good example of isotropic
energy, emitting energy in a spherical fashion equally in all directions. Figure
5.3 illustrates energy being emitted from an isotropic radiator.
FIGURE 5.3 A perfect isotropic radiator emits energy equally in all
directions.
Passive Gain
It’s quite intriguing how an antenna can provide passive gain, a change in
coverage without the use of an external power source. Because of their
design, antennas focus isotropic energy into a specific radiation pattern.
Focusing this energy increases coverage in a particular direction. A common
example used to describe passive gain is a magnifying glass. If a person is
standing outside on a beautiful sunny day, the sun’s energy is not intense
because it is being diffused across the entire earth’s hemisphere. Thus, there
is not enough concentrated energy to cause any harm or damage in a short
period of time. If this person were to point one side of a magnifying glass
toward the sun and the other side toward a piece of paper, however, more
than likely the paper would start to heat quickly. This is because the convex
shape of the magnifying glass focuses, or concentrates, the sun’s energy into
one specific area, thus increasing the amount of heat to that area.
||||||||||||||||||||
||||||||||||||||||||
Antennas are designed to function in the same way by focusing the energy
they receive from a signal source into a specific RF radiation pattern.
Depending on the design of the antenna element, as the gain of an antenna
increases, both the horizontal and vertical radiation patterns (beamwidths)
will decrease or create narrower beamwidths. Conversely, as the gain of an
antenna decreases, the beamwidths will increase, making a larger radiation
pattern. One exception to this behavior is the omnidirectional antenna. This
type of antenna has a horizontal beamwidth of 360°. When the gain is
increased or decreased, the beamwidth will remain 360° but the size of this
coverage area will increase or decrease depending on the change in the gain.
Omnidirectional antennas are discussed in more detail later in this chapter.
Figure 5.4 shows a drawing of a WLAN system with 25 mW (milliwatts) of RF
power at the antenna. Because of passive gain, the antenna has the effect of
emitting 250 mW of RF power.
FIGURE 5.4 An access point supplying 25 mW of RF power to an antenna
with a gain of 10 dBi for an output at the antenna of effectively 250 mW of RF
power
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
It is important to understand that many local RF regulatory
domains or agencies restrict the amount of RF power that can be emitted
from an unlicensed RF system. This “system” includes all the components
certified by the local regulatory agency and may include the transmitter
(access point), the connectors, and the antenna. Changing and increasing
the gain of an antenna will increase the amount of effective RF energy
leaving the antenna and may violate the regulations set forth by the local
regulatory agency and void the certification. The Federal Communications
Commission (FCC) has modified what it allows several times, to the point
of much confusion for installers trying to remain compliant with the
regulations. Additionally, altering the original design in any way may
require the entire system to be recertified based on the regulations in
each RF agency and that agency’s interpretation of the term licensed
system.
Exercise 5.1 provides a simple way to demonstrate passive gain.
EXERCISE 5.1
Demonstrating Passive Gain
You can demonstrate passive gain by using a standard 8.5″ × 11.0″ piece
of notebook paper or cardstock.
1. Roll a piece of paper into a cone or funnel shape.
2. Speak at your normal volume and notice the sound of your voice as it
propagates through the air.
3. Hold the cone-shaped paper in front of your mouth.
4. Speak at the same volume.
5. Notice that the sound of your voice is louder. This occurs because the
sound is now focused into a specific area or radiation pattern, and
passive gain occurs.
Active Gain
||||||||||||||||||||
||||||||||||||||||||
Active gain will also provide an increase in signal strength. In a WLAN
system, active gain is accomplished by providing an external power source to
an installed device. An example of such a device is an amplifier. An amplifier
is placed in series in the WLAN system and will increase the signal strength
based on how much gain it provides.
If an amplifier is used in a WLAN system, certain regulatory domains require
that the amplifier be certified as part of the system. It is best to carefully
consider whether an amplifier is necessary before using such a device in an
IEEE 802.11 WLAN system. Using an amplifier may nullify the system’s
certification and potentially exceed the allowed RF limit. Therefore, it is
important to stay within the rules of the regulatory agency that governs the
use of RF when adding amplifiers, changing antennas, or changing transmit
power settings in any WLAN deployment.
Antenna Polarization
Antenna polarization describes how a wave is emitted from an antenna and
the orientation of the electrical component or electric field of the waveform.
To maximize RF signals, the transmitting and receiving antennas should be
polarized in the same direction or as closely as possible. Antennas polarized
the same way ensure the best possible RF signal.
If the polarization of the transmitter and receiver are different, the power of
the RF signal will decrease depending how different the polarization is. Figure
5.5 shows an example of horizontal and vertical polarized antennas.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.5 Horizontally and vertically polarized antennas
With the large number of WLAN devices available, it is a challenging task to
accomplish the same polarization for all devices on the network. Performing a
WLAN site survey will show signal strength based on several factors,
including polarization of access point antennas. This survey will help
determine the received signal strength of the WLAN devices. Site surveys and
antenna polarization are discussed in more detail in Chapter 9.
||||||||||||||||||||
||||||||||||||||||||
Antenna Polarization Example
It is fairly simple to demonstrate antenna polarization with a notebook
computer or other WLAN device and either a wireless network adapter
client utility or other third-party software that shows signal strength
and/or signal-to-noise ratio. One such utility is Acrylic WiFi Home, a free
Wi-Fi network scanning utility for various operating systems. You can
download and install the program from the Acrylic WiFi website, at
https://www.acrylicwifi.com/en/wlan-software/wlan-scanner-acrylicwifi-free. Acrylic WiFi Home displays the received signal strength from
the access points in the receiver area.
You can visualize polarization by performing the following steps. This
experiment should be performed using a notebook computer or mobile
device within close proximity to an access point.
1. Verify that you have a supported wireless network adapter.
2. Install and launch the Acrylic WiFi Home program or other utility that
shows signal strength.
3. Monitor the received signal strength indicator (RSSI) value.
4. While monitoring the RSSI value, change the orientation of the
notebook computer.
5. Notice the change in the RSSI value (either an increase or decrease)
when the orientation of the computer changes with respect to the
access point.
This demonstrates how polarity can affect the received signal of a device.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Antenna Types
The type of antenna that is best for a particular installation or application will
depend on the desired RF coverage pattern. Making the correct choice is part
of a good WLAN design. Using the wrong type of antenna can cause
undesirable results, such as interference to neighboring systems, poor signal
strength, or incorrect coverage pattern for your design.
The following are three common types of antennas for use with WLANs:
Omnidirectional/half wave dipole antennas
Semidirectional antennas
Highly directional antennas
This section describes each type of antenna in more detail and provides
specifications and installation or configuration information about these
antennas.
Omnidirectional Antennas
Omnidirectional antennas are common on most access points of either SOHO
(Small Office Home Office) or enterprise grade. An omnidirectional antenna
has a horizontal beamwidth (azimuth) of 360°. This means that when the
antenna is vertically polarized (perpendicular to the earth’s surface), the
horizontal radiation pattern is 360° and will propagate RF energy in every
direction horizontally. The vertical beamwidth (elevation) will vary depending
on the antenna’s gain. As the gain of the antenna increases, the horizontal
radiation pattern will increase, providing more horizontal coverage. Keep in
mind the beamwidth is still 360°, but it will be a larger 360° area that is
covered because of the higher gain of the antenna. The vertical radiation
pattern will decrease, however, thus providing less vertical coverage.
The shape of the radiation pattern from an omnidirectional antenna looks
like a donut and is known as a torus. Figure 5.6 shows an example of the
toroidal radiation pattern of an omnidirectional antenna.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.6 The omnidirectional radiation pattern has a toroidal shape.
Omnidirectional antennas are one of the most common types of antenna for
indoor WLAN deployments. Most access points use omnidirectional
antennas. Access points come with fixed, removable, or integrated antennas.
If the antenna is removable, the installer can replace it with one of different
gain. Enterprise-grade access points typically have removable antennas that
are sold separately.
Some regulatory domains require the use of proprietary connectors with
respect to antennas. These connectors limit access points to the specific
antennas tested with the system. Therefore, it is best to consult with the
manufacturer of the access point or other WLAN transmitting device to
determine which antennas may be used with the system.
The most common type of omnidirectional antenna used indoors is known as
the rubber duck antenna. This type of antenna typically has a low gain of 2
dBi to 3 dBi and connects directly to an access point. Rubber duck antennas
usually have a pivot point so the polarization can be adjusted vertically or
horizontally regardless of how the access point is mounted.
Some antennas will operate in both the 2.4 GHz ISM band and the 5 GHz
UNII band and can thus work with a multiband wireless device.
Figure 5.7 shows a dual-band rubber duck omnidirectional antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.7 2.4–2.5 GHz and 5.1–5.8 GHz dual-band rubber duck antenna
Image provided by www.L-com.com.
Omnidirectional Antenna Specifications
In addition to the beamwidth and gain, omnidirectional antennas have
various other specifications to be considered, including the following:
Frequency range
Voltage standing wave ratio (VSWR)
Polarization
Attached cable length
Dimensions
Mounting requirements
||||||||||||||||||||
||||||||||||||||||||
Table 5.1 is an example of a specification sheet for a rubber duck
omnidirectional antenna.
TABLE 5.1 Omnidirectional antenna specifications
Electrical Specifications
Frequency ranges and
gain
2400-2483 MHz @ 3 dBi 5150-5900 MHz @ 5
dBi
Horizontal beamwidth
360°
Impedance
50 ohm
VSWR
<2:1
Mechanical Specifications
Weight
0.18 lb (.07 kg)
Length
10.1″ (256 mm)
Base diameter
1.6″ (40.6 mm)
Finish
Matte black
Connector
Reverse polarity SMA plug
Operating temperature
−30°C to 60°C (−22°F to 140°F)
Polarization
Vertical
RoHS-compliant
Yes
A physical representation of the antenna is also helpful for sales and
integration professionals. Figure 5.8 shows the physical specifications
diagram for a rubber duck omnidirectional antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.8 Omnidirectional 2.4–2.5 GHz and 5.1–5.8 GHz dual-band
rubber duck antenna physical specifications
Azimuth and elevation charts are usually available to allow visualization of
the RF radiation pattern emitted from the antenna. This is useful for a WLAN
professional to determine the approximate RF propagation pattern. The
purpose of these charts, and how to read them, was explained in “Reading
Azimuth and Elevation Charts” earlier in this chapter. Figure 5.9 shows the
charts for a rubber duck omnidirectional antenna.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.9 Vertical (elevation) and horizontal (azimuth) charts for
omnidirectional antenna
Image provided by www.L-com.com.
Semidirectional Antennas
Semidirectional antennas take RF power from the transmitting system and
focus it into a more specific pattern than an omnidirectional antenna offers.
Semidirectional antennas are available in various types, including patch,
panel, sector, and Yagi. These antennas, manufactured for either indoor or
outdoor use, are designed to provide more specific coverage by focusing the
horizontal radiation pattern to a value of less than 360°. A semidirectional
antenna will allow the WLAN designer to provide RF coverage to a specific
area within a deployment. This coverage area may consist of rooms or areas
in which an omnidirectional antenna might not be the perfect solution. For
indoor installations, such areas include rectangular rooms or offices,
hallways, and long corridors. For outdoor deployments, they include point-topoint and point-to-multipoint bridging installations.
Patch/Panel Antennas
In the WLAN world, the terms patch and panel are commonly used to
describe the same type of antenna. The intended use will affect the choice of
patch/panel antenna to be used in a specific application. Choosing the correct
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
patch/panel antenna will require knowing the dimensions of the physical area
to be covered as well as the amount of gain required. A patch/panel antenna
can have a horizontal beamwidth of as high as 180°, but usually the
horizontal beamwidth is between 35° and 60°. The vertical beamwidth usually
ranges between 30° and 80°. Figure 5.10 shows a 2.4 GHz MIMO/802.11n flat
panel antenna. Sector antennas are a type of semidirectional antenna that can
be configured in an array to provide omnidirectional coverage. Sector
antennas are covered in more detail later in this chapter.
FIGURE 5.10 2.4 GHz 11 dBi dual polarization diversity/MIMO/802.11n flat
panel antenna
Image provided by www.L-com.com.
||||||||||||||||||||
||||||||||||||||||||
Appropriate Use of a Semidirectional Antenna
A small business consultant is tasked with providing WLAN access to
several offices in a multi-tenant building. The client wants to provide
adequate coverage for the offices but would like to minimize the number
of access points. The client wishes to use access points and antennas that
are aesthetically pleasing, since these offices allow public access. The
areas to be covered are rectangular, as shown here:
One solution would be to provide several access points using low-gain
omnidirectional antennas. The following image illustrates how several
access points could be used to provide coverage to this area.
The consultant believes, however, that if low-gain rubber duck
omnidirectional antennas were used, an access point with significant
output power would be required to cover the length of the rooms. In
addition, the client wants to minimize the number of access points and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
make the installation aesthetically pleasing.
An alternate solution is to use a patch antenna on both sides of the office,
thereby providing adequate coverage and minimizing the use of access
points. The following image shows patch antennas mounted at both ends
of the office area as well as the projected coverage area of both antennas.
Patch/Panel Antenna Specifications
The specifications for semidirectional antennas such as patch or panel vary
based on the design of the antenna. Semidirectional antennas are available in
single- or dual-band capability. Semidirectional antennas may be used
indoors or outdoors, depending on the application. Table 5.2 is an example of
a specification sheet for a 2.4 GHz flat patch antenna.
||||||||||||||||||||
||||||||||||||||||||
TABLE 5.2 2.4 GHz 11 dBi dual-polarization diversity/MIMO/802.11n flat
patch antenna specifications
Electrical Specifications
Frequency ranges
2400−2500 MHz
Gain
11 dBi
Horizontal beamwidth
(Antennas 1 & 2)
60°
Vertical beamwidth
(Antennas 1 & 2)
30°
Impedance
50 ohm
Maximum power
25 W
VSWR
<1.5:1 avg
Mechanical Specifications
Weight
0.95 lb (0.43 Kg)
Dimensions
8.5″ × 8.5″ × 1″ (216 × 216 × 26 mm)
Radome material
UV-inhibited polymer
Connector
RP SMA
Operating temperature
−40°C to 85°C (−40°F to 185°F)
Mounting
Four 1/4″ (6.3 mm) holes
Polarization
Horizontal (Left antenna lead) Vertical (Right
antenna lead)
Flame rating
UL 94HB
RoHS-compliant
Yes
Wind survival
>150 mph (241 kph)
A radome cover will protect an antenna from outdoor elements and certain
weather conditions. Attenuation from the materials that the radome covers
are constructed of will be minimal. They mainly protect the antenna from the
collection of elements such as snow and hail.
Azimuth and elevation charts are also available for patch/panel antennas.
Figure 5.11 shows the charts for the 2.4 GHz 11 dBi flat patch antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.11 Vertical (elevation) and horizontal (azimuth) charts for 2.4
GHz 11 dBi dual polarization diversity/MIMO/802.11n flat patch antenna
Image provided by www.L-com.com.
Sector Antennas
Sector antennas can be used to create omnidirectional radiation patterns
using semidirectional antennas. These antennas are often used for base
station connectivity for point-to-multipoint connectivity. Sector antennas
have an azimuth that varies from 90° to 180°. These are typically configured
to offer a total azimuth of 360°. For example, using sector antennas with an
azimuth of 120° each would require three antennas in order to get
omnidirectional or 360° coverage. This is a common configuration used with
cellular phone technology. Figure 5.12 shows a sector panel antenna.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.12 2.4 GHz and 4.9 to 5.8 GHz dual-feed dual-band 90° sector
panel antenna
Image provided by www.L-com.com.
Sector Antenna Specifications
As mentioned earlier, sector antennas are commonly configured in an array to
allow semidirectional antennas to provide omnidirectional coverage. This is
useful in a campus environment or community arrangement to provide
WLAN access such as Internet access. Sector antennas will usually have wide
horizontal beamwidth (azimuth) and a narrow vertical beamwidth
(elevation). Table 5.3 is an example of a specification sheet for a dual-band 14
dBi 90° sector panel WLAN antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 5.3 90° sector panel WLAN antenna specifications
Electrical Specifications
Frequency ranges
2400–2500 MHz 4900–5900 MHz
Gain
14 dBi
Horizontal beamwidth 90°
Vertical beamwidth
16° (2400–2500 MHz) 8° (4900–5900 MHz)
Impedance
50 ohm
Maximum input power 50 W
VSWR
<1.5:1 avg
Front-to-back ratio
>21 dB
Lightning protection
DC ground
Mechanical Specifications
Weight
4.4 lb (2 kg)
Dimensions
24 × 6.3″ × 2.3″ (620 × 160 × 60 mm)
Radome material
UV-inhibited fiberglass
Connector
(2) Integral N-female
Operating temperature −40°C to 60°C (−40°F to 140°F)
Mounting
1.5–2 in (40–53 mm) dia. mast max.
Polarization
Vertical
RoHS-compliant
Yes
Rated wind
>130 mph (210 Km/h)
Wind Loading Data
Wind Speed (mph)
Loading
100
34 lb
125
54 lb
Figure 5.13 shows the charts for the 2.4 GHz and 4.9 to 5.8 GHz dual-feed
dual-band 90° sector antenna.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.13 Vertical (elevation) and horizontal (azimuth) charts for 2.4
GHz and 4.9 to 5.8 GHz dual-feed dual-band 90° sector panel antenna
Image provided by www.L-com.com.
Yagi Antennas
Yagi antennas are designed to be used indoors in long hallways and corridors,
or outdoors for short-range bridging (typically less than two miles). Yagi
antennas have vertical and horizontal beamwidths ranging from 25° to 65°.
The radiation pattern may look like a funnel or a cone. As the signal
propagates away from the antenna, the RF coverage naturally widens
(diffuses). The aperture of the receiving antenna is much narrower than the
signal at that point. This is a result of diffusion, which is the biggest form of
loss in an RF link. Figure 5.14 shows a Yagi antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.14 2.4 GHz 15 dBi Yagi antenna
Image provided by www.L-com.com.
Yagi Antenna Specifications
Table 5.4 is an example of a specification sheet for a 2.4 GHz 15 dBi Yagi
WLAN antenna.
||||||||||||||||||||
||||||||||||||||||||
TABLE 5.4 15 dBi Yagi antenna specifications
Electrical Specifications
Frequency ranges
2400−2500 MHz
Gain
14.5 dBi
−3 dB beamwidth
30°
Impedance
50 ohm
Maximum power
50 W
VSWR
<1.5:1 avg
Lightning protection
DC short
Mechanical Specifications
Weight
1.8 lb (.81 kg)
Dimensions − Length ×
diameter
18.2″ × 3″ (462mm × 76mm)
Radome material
UV-inhibited polymer
Mechanical Specifications
Connector
12″ N-female
Operating temperature
−40°C to 85°C (−40°F to 185°F)
Mounting
1-1/4″ (32mm) to 2″ (51mm) diameter
masts
Polarization
Vertical and horizontal
Flame rating
UL 94HB
RoHS-compliant
Yes
Wind survival
>150 mph (241 kph)
Wind Speed (mph)
Loading
100
12 lb
125
19 lb
Figure 5.15 shows the charts for the 2.4 GHz 14 dBi Yagi antenna.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.15 Vertical (elevation) and horizontal (azimuth) charts for 2.4
GHz 14 dBi Yagi antenna
Image provided by www.L-com.com.
Outdoor Installation of Yagi Antennas
A Yagi antenna may be in a weatherproof enclosure. This is not required
but may be useful in outdoor installations. The weatherproof enclosure
will prevent collection of certain elements such as snow and ice. Radome
covers are available for parabolic dish antennas for the same purpose.
Highly Directional Antennas
Highly directional antennas are typically parabolic dish antennas used for
long-range point-to-point bridge connections. These antennas are available
with a solid reflector or a grid. Some manufacturers of parabolic dish
antennas advertise long ranges depending on the gain and the environmental
conditions. Parabolic dish antennas have very narrow horizontal and vertical
beamwidths. This beamwidth can range from 3° to 15° and has a radiation
pattern similar to that of a Yagi, with the appearance of a funnel. The
beamwidth starts very narrow at the antenna element and naturally widens
||||||||||||||||||||
||||||||||||||||||||
because of diffusion. Because these antennas are designed for outdoor use,
they need to be manufactured to withstand certain environmental conditions,
including a wind rating and appropriate mounting. Grid antennas can provide
similar coverage and are less susceptible to wind loading. Figure 5.16 shows a
parabolic dish antenna.
FIGURE 5.16 Front and back views of a 5.8 GHz 29 dBi ISM / U-NII band
parabolic dish antenna
Image provided by www.L-com.com.
Highly Directional Antenna Specifications
Table 5.5 is an example of a specification sheet for a 5.8 GHz 29 dBi solid
parabolic dish antenna. Notice that the vertical and horizontal beamwidths of
this antenna are 6°, very narrow compared to other antenna types.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 5.5 5.8 GHz 29 dBi solid parabolic dish antenna specifications
Electrical Specifications
Frequency ranges
5725–5850 MHz
Gain
29 dBi
Horizontal beamwidth 6°
Vertical beamwidth
6°
Impedance
50 ohm
Maximum power
100 W
VSWR
<1.5:1 avg
Mechanical Specifications
Weight
13.2 lb (6 kg)
Dimensions
23.6″ diameter (600 mm)
Grid material
Galvanized steel
Operating temperature −40° C to 85° C (−40° F to 185° F)
Mounting
1.5″ (38 mm) to 3″ (76 mm) dia. masts
Lightning protection
DC Short
Wind Speed (mph) Loading
With Radome
100
113 lb
75 lb
125
177 lb
116 lb
Figure 5.17 shows the charts for a 5.8 GHz solid parabolic dish antenna.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.17 Vertical (elevation) and horizontal (azimuth) charts for a 5.8
GHz 29 dBi ISM/U-NII band solid parabolic dish antenna
Image provided by www.L-com.com.
Shipping a Parabolic Dish Antenna
One thing to consider regarding the sale and procurement of a highly
directional parabolic dish antenna is the size and shipping weight. Since
these antennas are much larger and heavier than other antennas used in
WLANs, shipping cost may be a factor. Some specification sheets will
detail shipping information for this reason.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Radio Frequency Cables and Connectors
Radio frequency cables play a role in various WLAN deployment situations.
For example, cables may be used to connect access points and client devices
to antennas or to connect other devices that may be used in wireless
networking. Several factors need to be taken into consideration when using
cables in a WLAN system, including these:
Type of cable
Length of cable
Cost of cable
Impedance rating
Choosing the correct cable for use in WLAN systems is an important part of a
successful WLAN deployment. The right cable for the right job will help
ensure that signal loss—a decrease in signal strength—is minimized and
performance is maximized.
Radio Frequency Cable Types
The type of cable used will depend on the application. Many systems use
cables to extend from the wireless device such as an access point to an
antenna located outside of a building. It is important to choose the correct
type of cable in order to optimize the performance of the WLAN system.
Cables vary in diameter, and the application will determine the type of cable
to use. For example, connecting a WLAN adapter on a notebook computer to
an external antenna requires a specific type of cable that should be short and
flexible. Thick, rigid cables are best used for longer runs.
The RF range in which the cable will be used also is important to consider.
Where the cable is used will determine the RF rating of the cable. For
example, WLANs use cable rated at 50 ohms, whereas television (such as
satellite and cable) use cable rated at 75 ohms. Using cable with the correct
rating will minimize voltage standing wave ratio (VSWR), a phenomenon
discussed in the section “Impedance and VSWR.” Figure 5.18 shows a spool of
high-quality 50 ohm cable.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.18 L-com spool of low-loss 400-series coaxial bulk cable
Image provided by www.L-com.com.
Radio Frequency Cable Length
The length of a cable used in a WLAN system is another factor to consider. A
cable of even a very short length will have some level of attenuation or loss.
As a reminder, loss is a decrease in signal strength. This decrease in signal
strength means less overall performance and throughput for users of the
WLAN. Professionally manufactured cables typically are available in many
standard common lengths. Best practices recommend using the correct length
and minimizing connections. For example, if a run from an access point to an
external antenna is 27′, it would be best to use a single cable as close to that
length as possible. Connecting two or more pieces of cable together will
increase the loss to the system. One might be tempted to use a longer piece,
such as 50′, but this is not recommended since the extra length will add loss
to the system.
Figure 5.19 shows a short length of cable, known as a pigtail, used to connect
a standard cable to a proprietary cable. If an RF cable is used or extended, the
attenuation that is introduced can be offset with the use of an amplifier or
with a higher-gain antenna. An amplifier will provide active gain, and an
antenna will provide passive gain. Keep in mind that using an incorrect
amplifier may void the system certification and that using a higher-gain
antenna may exceed the rules set by the local RF regulatory agency.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.19 Short pigtail adapter cable
Image provided by www.L-com.com.
Radio Frequency Cable Cost
Cable cost may also play a role in the type of cable to be used. The old saying
“you get what you pay for” is true with cables as well. I recommend using
high-quality name-brand RF cables to optimize the performance of your
system. Premium cables may come at a higher price, but the benefit of better
quality signal is the main advantage.
Impedance and VSWR
Impedance is the measurement of alternating current (AC) resistance. It is
normal to have some level of impedance mismatch in a WLAN system, but
the impedances of all components should be matched as closely as possible in
order to optimize performance of the system. Impedance mismatches can
result in what is called voltage standing wave ratio (VSWR). A large
impedance mismatch can cause higher than desired levels of VSWR and will
have an impact on the WLAN system and transmitted or received signal.
Electrical resistance is measured in ohms. IEEE 802.11 WLAN devices have
an impedance of 50 ohms. This includes antennas, cables, connectors, and
other accessories.
Radio Frequency Connectors
In a WLAN system, RF connectors are used to join devices together, allowing
the RF signal to transfer between the devices. These devices may connect
access point to antenna, antenna to cable, cable to cable, or various other
components to each other. RF connectors also cause an impedance mismatch
||||||||||||||||||||
||||||||||||||||||||
to some degree and increase the level of VSWR. To minimize the effects of
VSWR, best practices suggest keeping the use of connectors to a minimum.
Using connectors can also result in insertion loss. Insertion loss is usually
minor by itself, but it can contribute to overall loss in a system, thereby
resulting in less RF signal and less throughput.
Using Proprietary Connectors for Regulatory Domain
Compliance
Some regulatory domains require the use of proprietary connectors on
antennas and antenna connections in WLAN systems. These proprietary
connectors prevent an installer or integrator from unintentionally using
an antenna that might exceed the maximum amount of power allowed for
the transmission system. Although these connectors are considered
proprietary, many manufacturers share proprietary connectors.
Standard RF connectors may be used in WLAN systems to connect devices
that are not part of the point connecting to the antenna. For example, an
access point connecting to a length of cable that is then connected to an
amplifier could use a standard RF connector. The cable connecting the
amplifier to the antenna would require a proprietary connector. Figure 5.20
shows examples of common RF connectors.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.20 Several common RF connectors used with WLANs
Image provided by www.L-com.com.
||||||||||||||||||||
||||||||||||||||||||
Factors in Antenna Installation
Several factors are important to consider when you are planning to install an
antenna in a WLAN environment. These include earth curvature, multipath,
and RF line of sight. This section includes information about how to take
these factors into account when planning a wireless installation.
Addressing the Effects of Earth Curvature
Beyond seven miles (11.2 km), the curvature of the earth will have an impact
on point-to-point or point-to-multipoint WLAN connections. Therefore, it is
important to add height to the antenna in order to compensate for the earth
curvature, sometimes referred to as earth bulge. A formula is used to
calculate the additional height of antennas when a link exceeds seven miles.
However, this is beyond the scope of the exam objectives and is not discussed
in this book.
Antenna Placement
The installation location and placement of antennas depend on the type of
antenna and application in which it will be used. When installing antennas,
consider both the placement based on the design of the WLAN and the
intended use of the antenna. When antennas are used outdoors, lightning
arrestors, grounding, and adherence to local codes, laws, and government
regulations must be followed, as well as good RF design. Increasingly, local
ordinances dictate how or if outdoor antennas can be mounted for looks as
well as safety. Lightning arrestors and grounding methods are discussed later
in this section.
Omnidirectional Antenna Placement
Placement of an omnidirectional antenna will depend on the intended use.
Some omnidirectional antennas can be connected directly to an access point
or may be integrated within the access point. The installation is fairly
straightforward; it involves simply attaching the antenna to the access point
or using the integrated antenna. Omnidirectional antennas are usually placed
in the center of the intended coverage area. High-gain omnidirectional
antennas are typically used in outdoor installations for point-to-multipoint
configurations. This configuration is more complex because more than likely
it requires mast or tower mounting. The exact placement depends on the
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
intended coverage area as well as the gain of the antenna.
Semidirectional Antenna Placement
Semidirectional antennas may be used for either outdoor or indoor
installations. When mounted indoors, a patch/panel antenna typically will be
mounted flat on a wall, with the connector upward for connections to a cable
or directly to an access point. A template with the mounting hole placement
may be included for ease of installation. These antennas usually will use four
mounting holes (one in each corner) to fasten the antenna to the wall
securely. Yagi antennas can also be mounted either indoors or outdoors. The
most common installation is outdoors for short-range point-to-point or pointto-multipoint bridging solutions. This will require a mounting bracket such as
a tilt and swivel for wall mounting or U-bolts and plate for mast or pole
mounting.
Highly Directional Antenna Placement
Highly directional antennas such as a parabolic dish are almost always used
exclusively in outdoor installations. This type of antenna is used mostly for
long-range point-to-point bridging links and will require installation on
building rooftops or antenna towers. Alignment for long-range links is critical
for reliable communications. Software and hardware tools are available for
the installer to use for accurate alignment. As with other outdoor
installations, secure mounting is essential in order to maintain safety and
link reliability.
||||||||||||||||||||
||||||||||||||||||||
Minimizing the Effects of Multipath Using Antenna
Diversity
In Chapter 4, we discussed some of the behaviors of RF, including reflection,
refraction, scattering, and diffraction. To review, reflection is caused by an RF
signal bouncing off a smooth, nonabsorptive surface and changing direction.
Indoor environments are areas that are prone to reflections. Reflections are
caused by the RF signal bouncing off walls, ceilings, floors, and furniture;
thus, some installations will suffer from reflection more than others. The
effect of reflection will be a decrease in signal strength due to a phenomenon
called multipath. Multipath is the result of several wavefronts of the same
transmission signal received out of phase at slightly different times. This can
cause the receiver to be confused about the received signals. The result is
corrupted signal and less overall throughput. Figure 5.21 illustrates
multipath.
FIGURE 5.21 Effects of multipath
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Think of multipath as an echo. If you were to stand near a canyon
and speak to somebody at a high volume some distance away, the other
person would notice an echo. This echo is due to the fact that the sound
of your voice is reflecting off the canyon walls. Therefore, the other
person is hearing variations of your voice at slightly different times—as
with RF multipath, several wavefronts of the same signal are arriving out
of phase.
Antenna diversity is one way to help reduce the effects of multipath. Antenna
diversity is a technology used in IEEE 802.11a/b/g WLANs; a station (access
point or client device) will utilize two antennas combined with one radio to
decrease the effects of multipath. Using multiple antennas and some
additional electronic intelligence, the receiver will be able to determine which
antenna will receive and send the best signal. In diversity systems, two
antennas are spaced at least one wavelength apart. This allows the receiver to
use the antenna with the best signal to transmit and receive. With respect to
RF diversity, the antennas are required to be of the same design, frequency,
gain, and so on. Newer IEEE 802.11 technologies (802.11n and 802.11ac, for
example) are capable of high throughput (HT) multiple-input, multipleoutput (MIMO), which uses radio chains to transmit and receive radio
signals. IEEE 802.11a/b/g devices used a single radio to transmit and receive
radio signals, which is known as single-input, single-output (SISO)
technology. SISO systems are subject to multipath. This is a problem for IEEE
802.11a/b/g systems, whereas MIMO actually uses the reflections
(multipath) to help enhance the performance and throughput using several
radio chains and additional electronics in newer WLAN technology. You can
read more about MIMO in Chapter 2, “Wireless Local Area Networking,
Standards, and Certifications,” in the section “The IEEE 802.11n
Amendment.”
||||||||||||||||||||
||||||||||||||||||||
Diversity Antenna Orientation
When you are using a diversity system such as an access point, it is
important to have both antennas oriented the same way. They cannot be
used to cover different areas. Using diversity antennas in an attempt to
provide coverage for different areas will defeat the purpose of the
diversity design.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Combating Effects of Wind and Lightning in
Wireless LAN Installations
Weather conditions such as rain, snow, and sleet typically do not affect
WLAN communications unless the conditions are extreme or snow and sleet
collect on antenna elements. However, some weather conditions that can
affect wireless communication are wind and lightning.
Most outdoor antennas that can be affected by wind will have wind-loading
data in the specification sheet. Wind loading is the result of wind blowing at
high speeds and causing the antenna to move.
Lightning can destroy components connected to a network if the antenna
takes either a direct or an indirect lightning strike. A properly grounded
lightning arrestor will help protect WLAN and other networking equipment
from indirect lightning strikes.
Lightning Arrestors
Transient or induced electrical currents are the result of an indirect lightning
strike in the area of a WLAN antenna system. Lightning arrestors are an inseries device installed after the antenna and prior to the transmitter/receiver.
Although this device will not provide protection from a direct lightning strike,
it will help protect against an indirect lightning strike, which can damage
electronics at distances away from the source of the strike. When the induced
electrical currents from a lightning strike travel to the antenna, a lightning
arrestor shunts this excess current to ground, protecting the system from
damage. Figure 5.22 shows a lightning arrestor.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.22 Phoenix Contact 2.4–5.9 GHz surge protection device
Image provided by www.phoenixcontact.com.
Grounding Rods
A grounding rod is a metal shaft used for grounding a device, such as an
antenna used in wireless networking. The rod should be driven into the
ground at least 8′ deep. Grounding rods are available in various types of steel,
including stainless, galvanized, and copper clad. They are also available in a
variety of diameters and lengths. Depending on the local electrical code, the
grounding system should measure resistance between 5 and 25 ohms. Local
code should also be consulted regarding material, diameter, and length of
grounding rods. You should not share grounding rods with other equipment
because interference or damage may occur.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
It is imperative to install a grounding rod properly to ensure
correct operation. If installing a grounding rod and other lightning
protection equipment is beyond the knowledge level of the wireless
engineer or installer, it is best to have a professional contractor perform
the job.
||||||||||||||||||||
||||||||||||||||||||
Installation Safety
Professional contractors should be considered in the event you are not
comfortable with performing the installation of a WLAN antenna yourself.
Installing antennas may require bonded or certified technicians. Be sure to
check local building codes prior to performing any installation of a WLAN
antenna. Never underestimate safety when installing or mounting antennas.
All safety precautions must be adhered to while performing an installation.
The following are some general guidelines and precautions to be considered
for a WLAN antenna installation:
Read the installation manual from the manufacturer.
Always avoid power lines. Contact with power lines can result in death.
Always use the correct safety equipment when working at heights.
Correctly install and use grounding rods when appropriate.
Comply with regulations for use in the area and for the use of towers.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Antenna Mounting
In addition to choosing the correct antenna to be used with a WLAN system,
you must take into account the antenna mounting. The required antenna
mounting fixture will depend on the antenna type, whether it will be used
indoors or outdoors, and whether it will be used for device/client access or
bridging solutions such as point-to-point or point-to- multipoint. It is best to
consult with the antenna or device manufacturer to determine which
mounting fixture is appropriate for use based on the intended deployment
scenario. The following are several mounting types that may be used for a
WLAN antenna solution:
Internal and external (to the access point) antennas
Pole/mast mount
Ceiling mount
Wall mount
Internal and External (to the Access Point) Antennas
Some wireless access points allow the use of either integrated or external
antennas. Most modern controller-managed and cloud-managed access points
provide integrated antennas, and some have connectors to allow for the use of
external antennas. Integrated antennas may be a better solution, mostly to
match the aesthetics requirements of the organization where the access point
will be used. Integrated antennas make an access point less noticeable if it is
hanging from a standard 8′−10′ high ceiling. Integrating them will also
prevent individuals from tampering with antennas that if external might be
within a person’s reach. Tampering could be an issue in areas that are
accessible to the general public, such as installations in educational, library,
and medical environments.
It is important to take the mounting orientation into consideration when
using access points with integrated antennas. The access point may be
designed to be mounted on a ceiling. If you were to mount this type of access
point on a wall, the radiation patterns would change, and this might create a
coverage problem, especially with omnidirectional antennas.
One disadvantage of access points with integrated antennas is that the
antennas cannot be changed to any other type. Basically you would be
||||||||||||||||||||
||||||||||||||||||||
committed to using the antennas that are part of the access point and would
be unable to add an antenna with higher gain or a different radiation pattern.
Access points that have external antenna connectors allow the user to add
different antennas that may be better suited to the environment or
installation location. The external antennas will allow for a higher gain and
possibly a different radiation pattern. Using an external antenna usually
requires a software configuration that will disable the integrated antenna
when external antennas are installed. You should not be able to use both the
integrated and external antennas simultaneously. Many indoor access point
models that use internal antennas offer the same coverage as their external
antenna model counterparts This, however, will vary based on the
manufacturer.
When using wireless access points with integrated antennas, it is
important to take the mounting into consideration. Some access points of
this style are intended to be mounted on a ceiling or a wall, possibly both.
Mounting an antenna in a way it is not designed for will produce
undesirable results, including RF coverage problems.
Pole/Mast Mount
Pole/mast mounts typically consist of a mounting bracket and U-bolt
mounting hardware. The mounting bracket is commonly L-shaped. One side
of the bracket has a hole to mount an omnidirectional or similar antenna. The
other side of the bracket has predrilled holes for fastening the bracket to a
pole using U-bolts. Figure 5.23 shows an example of a mast mount bracket.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 5.23 Stationary antenna mast mounting kit with U-bolts
Image provided by www.L-com.com.
Exercise 5.2 describes the basic steps for installing an omnidirectional
antenna using a mast mount adapter.
EXERCISE 5.2
Installing a Pole/Mast Mount
1. Attach the mounting bracket to the mast using the supplied hardware.
2. Remove the antenna mounting bolt and washer from the base of the
antenna.
3. Insert the antenna into the hole in the top of the mounting bracket.
Without overtightening, securely fasten the antenna to the mounting
bracket using the washer and antenna mounting bolt.
4. For outdoor installations, remember to use the proper sealant for
weatherproofing when connecting the cable to the antenna.
Ceiling Mount
It may be necessary to mount certain antennas or access points with attached
or integrated antennas from a ceiling. Many antennas can be mounted
directly to a hard ceiling made from concrete, drywall, or similar material.
||||||||||||||||||||
||||||||||||||||||||
Another possibility is a drop ceiling with acoustic tiles. Regardless of the type
of ceiling in question, follow the manufacturer’s instructions on the
appropriate fixture to be used for mounting and detailed instructions for
ceiling mounts. Figure 5.24 shows an example of a ceiling mount antenna.
FIGURE 5.24 L-com 2.3 GHz to 6 GHz 3 dBi omnidirectional ceiling mount
antenna
Image provided by www.L-com.com.
Wall Mount
Antennas or access points with attached antennas may need to be mounted to
a wall based on the use or site survey results. Just as with a ceiling mount,
follow the manufacturer’s instructions on the appropriate fixture for wall
mounting. When mounting an antenna to the wall, consider the polarization
of the antenna. Keep in mind that some antennas are designed to be mounted
on the ceiling; these types should not be mounted on a wall. This is especially
true for access points with integrated antennas. It is best to try to match the
polarization of the access points and the wireless client devices. In other
words, if the access point’s antennas are vertically polarized, the wireless
client devices should be polarized in the same manner to promote better
connectivity. With the wide variety of newer wireless client devices available,
however, this is getting harder to achieve. Choosing the correct antenna and
mounting position is typically part of a WLAN site survey. Site surveys will be
discussed in more detail in Chapter 9.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Maintaining Clear Communications
Several factors affect whether two wireless devices can communicate with
each other. These factors include line of sight (both visual and RF) and
Fresnel zone. Indoor WLAN installations use a low amount of RF transmit
power, usually around 30 mW to 50 mW, and will be able to communicate
effectively even if the client device does not have a line of sight with an access
point. This is because the RF will be able to penetrate obstacles such as walls,
windows, and doors. Outdoor installations usually use a much higher output
transmit power and will require an RF line of sight for effective
communication.
Visual Line of Sight
Visual line of sight (LoS) is defined as the capability of two points to have an
unobstructed view of one another. A visual LoS is usually not necessary for
communications using indoor IEEE 802.11 WLAN systems; it is implied with
RF LoS. If a WLAN engineer were planning to connect two buildings together
using WLAN technology, one of the first things the engineer would do is to
verify that there is a clear, unobstructed view between the planned locations
in order to provide an RF LoS.
Radio Frequency LoS
For two devices to communicate successfully at a distance via RF, including a
point-to-point or point-to-multipoint connection, a clear path for the RF
energy to travel between the two points is necessary. This clear path is called
RF LoS. This RF LoS is the premise of the Fresnel zone.
Fresnel Zone
The Fresnel zone for an RF signal is the area of RF coverage surrounding the
visual LoS. The width or area of the Fresnel zone will depend on the specific
RF used as well as the length or distance of the signal path. There is a formula
used to calculate the width of the Fresnel zone at the widest point; however,
that is beyond the scope of the exam objectives and is not shown in this book.
In an outdoor point-to-point or point-to-multipoint installation, it is
important for the Fresnel zone to be clear of obstructions for successful
communications to take place between a RF transmitter and receiver. Best
||||||||||||||||||||
||||||||||||||||||||
practices recommend maintaining an obstruction-free clearance of the least
60 percent for the Fresnel zone in order to have acceptable RF LoS.
Maintaining a clear RF LoS becomes more difficult as the distance between
two points increases. Obstructions can cause the Fresnel zone to be blocked
enough for communications to suffer between a transmitter and receiver.
Such obstructions include
Trees
Buildings or other structures
Earth curvature
Natural elements such as hills and mountains
Figure 5.25 illustrates the Fresnel zone between two highly directional
antennas.
FIGURE 5.25 Visualization of the Fresnel zone
In order for your antennas to stay clear of obstructions, carefully plan their
placement and height. Keep in mind that a WLAN link may cross public areas
in which an integrator or installer will have no control over the environment.
There is a possibility, depending on the environmental conditions, that an
IEEE 802.11 WLAN link may not be a feasible solution due to the inability to
maintain an RF LoS. You should perform an outdoor site survey prior to the
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
procurement and installation of WLAN hardware to ensure the installation
and operation of the WLAN will be successful.
||||||||||||||||||||
||||||||||||||||||||
Summary
Antennas are a critical component in a successful operation of a WLAN. In
this chapter, you learned about RF signal characteristics and basic RF
antenna concepts, including the following:
RF lobes
Beamwidth (horizontal and vertical measurements)
Passive and active gain
Horizontal and vertical polarization of antennas
By understanding these characteristics and concepts, a sales engineer,
integrator, or other WLAN professional can help choose the best antenna to
be used for a specific use.
Understanding the RF propagation patterns of various antenna types as well
as the recommended use of an antenna will assist in deciding which antenna
is best suited for the desired application. As discussed in this chapter,
antennas are available in various types:
Omnidirectional
Semidirectional
Patch/panel
Sector
Yagi
Highly directional
Parabolic dish
Omnidirectional antennas are one of the most common types of antenna used
for indoor applications of wireless networking. Omnidirectional antennas
provide a horizontal radiation pattern of 360°. Other antennas, such as
patch/panel, Yagi, or parabolic dish, can be used if justified by the intended
use. You learned about the radiation patterns of each of these types of
antennas as well as how each may be used.
A proper mounting fixture is required to ensure safety and correct operation
of the antenna and wireless network. This chapter looked at various methods
for mounting antennas, including integrated and external (to the access
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
point), pole/mast mount, ceiling mount, and wall mount.
Finally, you learned about the following other factors to be considered when
choosing and installing an antenna for use with WLANs:
Visual line of sight
RF line of sight
Fresnel zone
Understanding these concepts will help you achieve more successful
deployment, operation, and use of antennas in WLANs.
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Understand RF signal characteristics and basic RF concepts used
with antennas. Know the difference between passive and active gain.
Understand that antennas use passive gain to change or focus the RF
radiation pattern. Understand the difference between beamwidth and
polarization.
Know the different types of antennas used in wireless networking.
Be familiar with different types of antennas used with wireless networking,
including omnidirectional antennas, semidirectional antennas, and highly
directional antennas. Understand the various radiation patterns each of these
antennas is capable of.
Identify various RF cables, connectors, and accessories used in
WLANs. Understand that, depending on the local regulatory body,
proprietary connectors may be required for use with antennas. Know that
cables will induce some level of loss in a WLAN system. Be familiar with the
types of connectors available.
Identify the mounting options of antennas used in wireless
networking. Antennas may be integrated or external to the wireless access
point. Identify different types of antenna mounts, including internal and
external (to the access point), pole/mast, ceiling, and walls.
Understand additional concepts regarding RF propagation.
Understand and know some of the additional concepts when choosing and
installing antennas used with WLANs. These concepts include visual line of
sight, RF line of sight, and Fresnel zone.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. Omnidirectional antennas have a horizontal beamwidth ____________
of degrees.
A. 90
B. 180
C. 270
D. 360
2. Antennas provide an increase in RF coverage by using ____________
gain.
A. Active
B. Passive
C. Positive
D. Maximum
3. Horizontal beamwidth is ____________ to the earth’s surface.
A. Parallel
B. Perpendicular
C. Positive
D. Negative
4. IEEE 802.11a/b/g access points require ____________ antennas on
each radio for diversity functionality.
A. One
B. Two
C. Three
D. Six
5. What device is used to shunt transient current to ground in the event of
an indirect lightning strike?
A. Lightning striker
B. Lightning arrestor
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
C. Lightning prevention
D. Lightning breaker
6. Powered amplifiers provide an increase in signal strength by using
____________ gain.
A. Active
B. Passive
C. Positive
D. Maximum
7. Highly directional antennas are typically used for ____________
connectivity.
A. Short-range
B. Omnidirectional
C. Long-range
D. Dipole
8. You are a network engineer troubleshooting a WLAN weak signal
complaint. While moving a handheld WLAN device, you notice that the
signal strength increases when the device is moved from a horizontal to a
vertical position. This is because the ____________is changing.
A. Polarization
B. Wavelength
C. Frequency
D. Diffusion
9. RF line of sight is required for which type of IEEE 802.11 WLAN
installation? (Choose two.)
A. Point-to-point
B. Scattered
C. Point-to-multipoint
D. Reflected
E. Refracted
||||||||||||||||||||
10. Which can cause a loss of signal strength? (Choose two.)
A. Antenna
B. Amplifier
C. Cable
D. Connector
E. Transmitter
11. An IEEE 802.11g access point requires a minimum of how many antennas
to move data?
A. One
B. Two
C. Four
D. Six
12. 802.11a access points support which antenna technology to help reduce
the effects of multipath?
A. Adjustable gain
B. Antenna diversity
C. Adjustable polarization
D. Antenna multiplexing
13. The following graphic shows which type of antenna?
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
A. Omnidirectional
B. Yagi
C. Patch/panel
D. Parabolic dish
14. Which weather element would commonly have an effect on a WLAN
system?
A. Rain
B. Snow
C. Wind
D. Hail
15. Wireless network cables and devices have impedance (AC resistance) of
____________ ohms.
||||||||||||||||||||
A. 10
B. 25
C. 50
||||||||||||||||||||
D. 75
16. The curvature of the earth will have an impact on the WLAN signal after
how many miles?
A. 2
B. 7
C. 10
D. 25
17. A patch antenna is an example of which type of antenna?
A. Semidirectional
B. Omnidirectional
C. Highly directional
D. Dipole-directional
18. An azimuth chart shows which RF radiation pattern?
A. Vertical
B. Horizontal
C. Positive
D. Negative
19. A point-to-point wireless link requires what percent of the Fresnel zone to
be clear in order to be considered to have an acceptable RF line of sight?
A. 0
B. 20
C. 40
D. 60
20. The following image shows which type of antenna?
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
A. Highly directional
B. Dipole-directional
C. Omnidirectional
D. Semidirectional
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 6
Communication for Wireless Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
1.2 Define basic characteristics of and concepts relating to WiFi technology
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.6 Describe features of enhanced 802.11 functions
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.2 Explain the basic WLAN location processes
2.3 Describe the basic steps required in the WLAN connection
process
2.5 Configure client devices
4.2 Identify legacy security technologies that should not be
used
This chapter will look at terminology and basic
communication used in 802.11 wireless networking. IEEE 802.11 wireless
LANs (WLANs) can be configured in one of two operation methods: ad hoc or
infrastructure mode. We will discuss both of these methods, as well as how
the technology is applied and its advantages and disadvantages. In addition,
we will examine some of the technical aspects, such as naming the WLAN and
identifying the devices through Layer 2 MAC addressing or logical names. You
will also learn about the methodologies a WLAN device or client station uses
to locate and connect to the wireless network. (These include passive and
active scanning as well as the authentication and association processes.)
||||||||||||||||||||
||||||||||||||||||||
It is important to know how IEEE 802.11 WLAN infrastructure devices such
as access points are connected using a common distribution system. This
distribution system allows access points to communicate with each other and
enables the associated and connected WLAN devices to roam or move
between access points and maintain consistent connectivity across the
WLAN.
Other WLAN technology factors are important to understand when studying
IEEE 802.11 wireless networking. This chapter will discuss the differences
between data rates, modulation, coding schemes, and throughput. A sales or
technical support specialist should be able to understand and explain why, for
example, an IEEE 802.11ac access point advertises a maximum aggregate
signaling rate of up to 6,933.3 Mbps (6.93 Gbps), but in many cases the data
transfers are much less than the advertised rate.
Finally, we will look in depth at IEEE 802.11 protection mechanisms and
explain why they are needed for backward compatibility and the effect they
may have on the data transfer rate.
Some of the topics you will see in this chapter have been briefly touched on in
earlier chapters. One of the objectives of this chapter is to tie the terminology
and topics together. It can be somewhat challenging to cover certain parts of
the WLAN technology without touching lightly on some other topics. This
chapter will tie some of the loose ends together and help you to better
understand how IEEE 802.11 wireless networks operate.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Operation Methods
WLANs can be configured to operate in different modes for device and user
access. Two common modes for access are ad hoc mode and infrastructure
mode. These two modes can be broken down into the following three
different configuration sets:
Independent basic service set (IBSS)
Basic service set (BSS)
Extended service set (ESS)
Each of these configurations will be discussed in more detail in this chapter.
The application/deployment scenario for a WLAN is the determining factor
for the best mode to use. The IBSS configuration does not require the use of
an access point and, unless specifically justified, is not commonly used in
enterprise WLAN deployments. In addition, if not properly implemented, the
IBSS can introduce security vulnerabilities, such as potentially bridging the
wired network infrastructure to an unsecured wireless network. The most
common configuration for an IEEE 802.11 WLAN is infrastructure mode,
which uses at least one access point. Infrastructure mode requires a
minimum of one access point but can consist of up to thousands of access
points. The access points are connected by a common medium known as the
distribution system (DS). We will look at each of these modes and the details
of how they are configured.
The Independent Basic Service Set
It is important to understand what the independent basic service set (IBSS) is,
how it works, and its potential uses, advantages, and disadvantages. An IBSS
network is also known as an ad hoc or peer-to-peer network. This WLAN
operation mode uses no access points and consists of only wireless devices or
client computers. Communication occurs only among devices that are part of
the same IBSS. Unlike an access point, this mode has no centralized control
or manageable security or accounting features. Figure 6.1 shows devices in an
IBSS.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.1 Example of an independent basic service set (IBSS)
Certain parameters must be set on the devices that wish to participate in an
IBSS. These parameters must be the same on all the devices in order for them
to effectively communicate with one another. The following are three
common parameters set on devices that belong to the same IBSS:
Service set identifier (SSID)
Radio frequency (RF) channel
Security configuration
The Service Set Identifier
The service set identifier (SSID) is a common parameter used in all WLAN
operation configurations. Although it is discussed here, it also pertains to the
other configurations discussed later in this chapter, such as the basic service
set (BSS) and extended service set (ESS). The SSID is the logical name of the
service set used to identify the wireless network. The SSID is used by devices
to select a wireless network to join. This is accomplished through processes
that are known collectively as the discovery phase and include passive and
active scanning, both of which will be discussed later in this chapter.
In some cases, naming a wireless network can be a tough decision.
Organizations that deploy a wireless network may already have a naming
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
convention in place for such scenarios. If not, a decision will need to be made
regarding the wireless network names (SSIDs) used for access points and
other devices to identify the WLAN.
Every device that wishes to be part of the same WLAN IBSS, BSS, or ESS will
use a common network name, the SSID. (See Figure 6.2 for an IBSS example.)
For infrastructure devices such as access points, the SSID parameter is
manually set on the access point. From the client access side, the SSID is a
user-configurable parameter that can be set manually in the wireless client
software utility or received automatically from networks that broadcast this
information element.
FIGURE 6.2 IBSS, ad hoc, or peer-to-peer network using common
configuration parameters
The SSID name should be unique and should not divulge who you are or the
location of the WLAN devices, unless you are trying to create a wireless
hotspot or a public accessible IEEE 802.11 wireless network. For example, if a
fictitious bank by the name of ABC Bank used an SSID that included
ABC_Bank, it would tell an intruder where the wireless network is and could
be a potential security threat because a financial institution is a target. It is
important to understand if the proper WLAN security is enabled, the SSID
name should not be an issue, but there is no point in broadcasting certain
types of information. Rather than using the bank name in the SSID, consider
a unique name that does not describe the business or location.
The SSID is case sensitive, must consist of at least one ASCII character, and
||||||||||||||||||||
||||||||||||||||||||
has a maximum limit of 32 characters or, as specified in the IEEE 802.11
standard, 32 octets.
SSID Hiding
Most manufacturers of small office, home office (SOHO) and enterprisegrade access points allow the SSID to be hidden from view for devices
attempting to locate a wireless network. In this case, a client device would
need to know and specify the SSID in the client utility profile in order to
connect to the network. Even though this is not an effective way to secure
a wireless network and should not be used to do so, it is a practice some
choose to use for various reasons. Some disadvantages to not
broadcasting the SSID are that it may cause an increase in roaming times
in an enterprise deployment, and in a SOHO deployment cause neighbors
to deploy on the same channel that you are using because they are unable
to see your network. SSID hiding (also known as a closed network) will
be discussed in more detail in Chapter 8, “Security Fundamentals for
Wireless Networking.”
Figure 6.3 shows an example of entering the SSID in the Microsoft Windows
7 AutoConfig wireless configuration client utility for an ad hoc network. First
you select “Set up a wireless ad hoc (computer-to-computer) network” in the
Set Up A Connection Or Network dialog box; then you enter the SSID on the
“Give your network a name and choose security options” Properties page.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.3 Entering the SSID and other parameters in the Microsoft
Windows 7 wireless configuration client utility
Microsoft Windows operating systems after version 8.1 no longer
allow for an ad hoc network to be created from the graphical user
interface. However, there are some command-line settings that can be
used to allow wireless ad hoc connections from other devices.
The Radio Frequency Channel
The IBSS wireless network configuration requires a user to set the specific RF
channel that will be used by all devices that are part of the same IBSS
network. This is accomplished in the client utility software for the network
adapter. Some client software utilities set this automatically, in which case
the IBSS will use the channel automatically specified. You may also be able to
||||||||||||||||||||
||||||||||||||||||||
specify the RF channel in the advanced properties of the wireless network
adapter device driver properties.
It is important to understand that all wireless devices in any common IBSS
must be communicating on the same RF channel. If the client utility does
allow a channel to be set, the channel chosen is up to the user but based on
the local regulatory domain in which the network is used. Additional devices
wishing to join the IBSS must do so by scanning, either passively or by use of
active scanning. Figure 6.4 shows an example of setting the RF channel on a
notebook computer.
FIGURE 6.4 Setting the RF channel for an IBSS, ad hoc wireless network in
a wireless network adapter driver advanced settings page
IBSS Security
With IBSS networks, there is no centralized control and no security
management features. Security is left up to the individual user or wireless
device. If a user inadvertently shares a resource, it could expose sensitive
information and pose security threats. This can be a concern for many
enterprise installations, and therefore the use of an IBSS is against corporate
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
security policy in many organizations.
IBSS Terminology
The WLAN industry uses several different terms to identify an IBSS. The term
used is up to the manufacturer or a specific implementation. An IBSS is
usually identified by one of following three terms:
Independent basic service set (IBSS)
Ad hoc
Peer-to-peer
Regardless of the terminology used—IBSS, ad hoc, or peer-to-peer—it comes
down to WLAN devices connecting to each other without the use of an access
point or other wireless infrastructure device. All devices in an IBSS network
work independently of one another, and there is no centralized management
or administration capability. This type of connection may be useful in homes
or small offices for ease of installation but is rarely if at all used with
enterprise or corporate wireless networks.
Advantages and Disadvantages of an IBSS
The advantages and disadvantages of an IBSS network will vary depending on
the application.
Some of the advantages of IBSS are as follows:
Easy to Configure To create an IBSS, the user only needs to specify an
SSID, set the RF channel, and enable the security settings.
No Investment in Access Point Hardware An IBSS can be created with
the IEEE 802.11 WLAN adapter that is built into the wireless computer or
other device. No infrastructure device such as an access point is required to
connect the WLAN devices together.
Some disadvantages of IBSS are as follows:
Limited Radio Frequency Range and Interference Because radio
communications is two-way, all devices need to be in a mutual
communication range of one another in order to operate effectively.
Interference may also be an issue if the RF channel is not configured
correctly.
No Centralized Administration Capability In many large or enterprise
||||||||||||||||||||
||||||||||||||||||||
deployments, IBSS connectivity is against corporate security policy because it
is impossible to manage such networks centrally.
Not Scalable There is no set maximum number of devices that can be part
of an IBSS network, but the capacity of such networks is low compared to
other types of networks.
Difficult to Secure Some computer operating systems have made the setup
of an IBSS wireless network very easy for any type of user. These users may
inadvertently share or allow access to sensitive or proprietary information.
This security threat is worse if an IBSS wireless network is also physically
connected to a wired network and provides a connection from an unsecured
or unmanaged wireless network to a company’s wired network infrastructure.
A WLAN device such as a notebook computer configured as an
IBSS device can be a potential security threat if it is also connected to a
wired network infrastructure. It could provide a bridge for unsecured
wireless access to the company’s wired network. In this configuration,
potential intruders would have access to information from a corporate
network by connecting to the unsecured ad hoc network. For this reason,
this type of configuration is against written corporate security policies of
many organizations and is strictly enforced. Organizations may use
wireless intrusion prevention systems to detect and shut down wireless
ad hoc networks. It is important to inform visitors and contractors who
may be physically connected to the company’s infrastructure when ad hoc
networks are against the corporate security policy to prevent potential
security issues.
Setting up an IBSS network is similar to setting up a workgroup
for an operating system such as Microsoft Windows. All devices with the
same workgroup name will be able to communicate with each other
sharing resources such as files, printers, and so on.
The Basic Service Set
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The basic service set (BSS) is the foundation of the wireless network. This
mode consists of an access point connected to a network infrastructure and
its associated wireless devices. This is considered the foundation because it
may be one of many access points that form a wireless network. With a BSS
setup, each access point is connected to a network infrastructure, also known
as the distribution system (DS), which allows connected WLAN devices to
access network resources based on the appropriate permissions the wireless
device or user has access to. The RF area of coverage, known as the basic
service area (BSA), depends on several factors, such as the antenna gain and
RF output power settings. Any IEEE 802.11 wireless device in radio range and
part of the BSA with the correct configuration parameters, including the SSID
and security settings, will be able to connect to the access point. Figure 6.5
shows an example of a BSS.
FIGURE 6.5 Basic service set consisting of a single access point connected to
a distribution system and associated devices
Infrastructure mode consists of a wireless access point connected to a DS.
The BSS consisting of one access point is a common implementation in many
homes, SOHO, or small to medium businesses (SMBs). The decision to use a
single access point depends on several factors, among them the size of the
location, how the wireless network is used, and how many wireless devices
will be connected.
Just as in an IBSS configuration, several parameters need to be configured for
||||||||||||||||||||
||||||||||||||||||||
a BSS. These include the SSID or name of the network, the RF channel to be
used, and any security parameters that are set on the BSS. The access point
will broadcast these and other parameters about the wireless network to
devices that want to connect to the BSS, thus requiring minimal configuration
on the wireless client side. Unlike the IBSS, in a BSS the RF channel is set on
the access point and not on the wireless client device.
Advantages and Disadvantages of a BSS
A BSS has many benefits, advantages, and disadvantages. Some of the
advantages are as follows:
Uses intelligent devices with a large feature set to provide users with
consistent, reliable, and secure communications to a wireless network.
Useful in a variety of situations: homes, SOHO, and small to large
businesses.
Very scalable; you can increase the coverage and capacity of a BSS by
adding more access points.
Centralized administration and control.
Security parameters and specific access can be set centrally.
Some of the disadvantages of a BSS are as follows:
Incurs additional hardware costs compared to IBSS.
Usually will require a site survey to determine RF coverage and capacity
requirements.
Must be connected to a network infrastructure known as the distribution
system, either wired or wireless mesh.
Requires additional knowledge for configuration and deployment.
Figure 6.6 shows configuring the SSID on an access point.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.6 Graphical user interface for an Aruba Networks access point
configuring the SSID
The Extended Service Set
As stated in the IEEE 802.11-2016 standard, an extended service set (ESS) is
defined as a “set of one or more interconnected basic service sets (BSSs) that
appears as a single BSS to the Logical Link Control (LLC) layer at any station
(STA) associated with one of those BSSs.” In basic terms, this can be one or
more access points connected to a common wired or wireless DS. An ESS is a
common configuration in most WLAN deployments for small to medium
businesses as well as large enterprise organizations.
In most cases, an ESS would be used to provide consistent and complete
coverage across an entire organization. An ESS can be thought of as several
basic service sets (BSSs) that must have matching parameters, such as SSID
and security settings. If the SSIDs of two access points do not match, then
they are considered separate BSSs, even though they are connected by a
||||||||||||||||||||
||||||||||||||||||||
common network infrastructure. It is the DS connecting these together and a
common network name (SSID) that makes up the ESS. In most if not all
cases, the BSA for each BSS will overlap to allow transition (roaming) from
one BSS to another. Figure 6.7 shows an example of an ESS.
FIGURE 6.7 Two basic service sets connected by a common distribution
system, making an extended service set
Roaming between access points is a critical component of WLAN technology
in most modern wireless network deployments. This is because the WLAN is
now a major part of every corporate network. Many envision a complete
wireless network for all communications, including data, voice, and video.
Roaming is so important that the IEEE added the 802.11r amendment to
provide a standardized methodology for client station roaming and fast secure
transition within the WLAN. Recall that roaming within an IEEE 802.11
WLAN is always decided by the client device with the exception of single
channel architecture (SCA). IEEE 802.11r provides the fast secure transition
between access points. Keep in mind that IEEE 802.11k and IEEE 802,11v
work with IEEE 802.11r to provide more information to the wireless device so
it can make a more intelligent roaming decision based on the RF
environment.
The Basic Service Area
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The basic service area (BSA) is the area of RF coverage or the RF cell that
encompasses a wireless access point and its associated stations. A wireless
client device will be contained in the BSA as long as it has enough required
receive signal strength to maintain an association state with the wireless
access point.
Know Your Abbreviations: SSID vs. ESSID vs. BSSID
It is easy to confuse the abbreviations for several of the WLAN terms we
have learned. This sidebar summarizes the differences.
SSID (Service Set Identifier)
SSID (service set identifier) is the network name and provides some
segmentation of the wireless network.
ESSID (Extended Service Set Identifier)
Although not defined by the IEEE 802.11 standard or amendments,
extended service set identifier (ESSID) is a term that some manufacturers
use in place of SSID. For the most part, ESSID and SSID are synonymous
terms for the name or segmentation of a wireless network. The term used
will vary among manufacturers. The term ESSID was adopted by some
manufacturers because it implies more than one access point is using the
same SSID and security settings connected to a common DS.
BSSID (Basic Service Set Identifier)
It is sometimes easy to confuse the basic service set identifier (BSSID)
with the SSID or name of the network. The BSSID is defined as the
unique identifier, Media Access Control (MAC) address of the basic
service set. It is important to note that some manufacturers may allow for
several BSSIDs to be connected to a single access point radio or for a
single common BSSID to be shared among many access points.
To review, the MAC address is the unique identifier of a network adapter
or what is known as the hardware address. The radio in an access point is
also a network adapter. The difference between a wired and a wireless
network adapter is simply that no Ethernet jack is available on a wireless
||||||||||||||||||||
||||||||||||||||||||
adapter. Instead, a radio is used for Layer 1 communications.
The MAC address is a 48-bit, IEEE 802 format address that uniquely
identifies the network interface adapter—or, in this case, radio. The
format of the BSSID is XX:XX:XX:YY:YY:YY, where X is the number
assigned to a manufacturer, and Y is the unique hardware address of the
device.
Although the BSSID uniquely identifies the access point’s radio using a
MAC address, the SSID is broadcast as the name of the network in order
to allow devices to connect. Some devices allow for multiple SSIDs, which
use multiple BSSIDs for a single radio. This lets a single access point
connected to a wired infrastructure provide multiple WLANs.
In an ad hoc or IBSS network there is no access point for centralized
communication. Instead, WLAN devices communicate directly with each
other. Because there is no access point in this configuration, the BSSID is
a randomly generated number that has the same format as the 802 MAC
address and is generated by the first ad hoc wireless device at startup.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Connecting to an IEEE 802.11 Wireless Network
In order for a device to successfully connect to a wireless network, several
different frame exchanges must take place. Various frame types allow for
specific functions to occur. They include the authentication and association
process, reserving the medium, exchanging data, and power save functions.
The following section introduces some of the frame types and the roles they
play in wireless networking.
IEEE 802.11 Frame Types
As discussed in Chapter 4, “Radio Frequency Fundamentals for Wireless
Networking,” devices communicate by sending RF waves to each other
through the air. These RF waves carry the digital data from one device to
another. At this stage, the information traveling through the air is organized
into what are known as frames. These frame types play various roles
depending on the information being sent. WLANs use three different frame
types.
Management Frames
Management frames are used to manage the network. Management frames
assist WLAN devices in finding and connecting to a wireless network. This
includes advertising the capabilities of the WLAN and allowing connections
by the authentication and association process. Management frames are
exchanged only between immediate wireless devices, such as an access point
and client device, and never cross the Data Link layer (Layer 2) of the OSI
model. It is important to understand that management frames are always
transmitted at the lowest mandatory data rate of the service set so that all
stations on the same RF channel in the BSA can understand them. The
following are examples of common management frames:
Beacon
Probe request
Probe response
Authentication
Association request
Association response
||||||||||||||||||||
||||||||||||||||||||
Control Frames
Control frames are used to control access to the wireless medium by allowing
devices to reserve the medium and acknowledge data. In addition, some
control frames are used to request data from the access point after returning
from a power save state and with IEEE 802.11 protection mechanisms to
allow wireless device coexistence. Some examples of control frames are as
follows:
RTS
CTS
CTS to Self
PS-Poll
ACK
Data Frames
As their name implies, data frames are used to carry data payload or Layer 3
information between wireless devices.
A special type of data frame is the null data, or null function, frame, which
helps implement power save features and is not used to carry any data
payload. There is also a variant of the null frame called the QoS null frame,
which is used with quality of service power save mode. The following are
examples of data frames:
Data
QoS data
Null data
The details of the specific functions of each of these frame types are beyond
the scope of this book and the exam objectives; however, some of these
frames needed to be briefly introduced in order to explain upcoming topics.
These include a wireless device “listening” for a network to join, supplying the
appropriate credentials, and finally connecting to send data to the network
infrastructure.
Wireless Network Discovery
Wireless network discovery is the process of a client device scanning for
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
wireless networks and identifying the parameters of the network, including
the SSID, supported data rates, and security settings. The discovery phase
consists of the passive scanning and active scanning processes. Wireless
network discovery prepares a wireless client device to perform an IEEE
802.11 authentication and association, which will allow a device access to the
wireless network.
Passive Scanning
The first part of the discovery phase in IEEE 802.11 wireless networking is
known as passive scanning. This process allows WLAN devices to “listen” for
information about wireless networks in the radio receiving area of the
wireless network or the BSA. During the passive scanning process, WLAN
devices will listen for specific information to make them aware of networks in
the area. An analogy to this process would be using an FM radio tuner to scan
through the entire band listening for a station to tune in to. The radio will
scan through the band listening for different stations. Once a desired station
is heard, the person listening can stop on that specific radio station.
Management frames assist WLAN devices in finding and connecting to a
wireless network. An example of a management frame that works in the
discovery phase or passive scanning is a beacon frame. This frame, for the
most part, is an advertisement of the wireless network. It carries specific
information about the access point or basic service set such as the SSID, the
RF channel that it is operating on, the available data rates it is configured for,
the security parameters, and much more. During the passive scanning phase,
wireless devices listen for beacons advertising the details about the wireless
networks in the area or radio range of the client device. WLAN devices are
constantly listening for beacon frames. Figure 6.8 shows a WLAN client
passively scanning and listening for an access point to connect with.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.8 An example of passive scanning with a WLAN client listening
for access points in the BSA
By default, beacons for most access points broadcast at about 10 times a
second. This value is actually 1024 microseconds and is identified as the
target beacon transmission time (TBTT). Although this interval can be
changed, it is recommended to do so only if necessary or recommended by the
manufacturer. In some cases, manufacturers may suggest specific timing
intervals for such frames as beacons.
Figure 6.9 shows a protocol analyzer capturing beacon frames generated from
an access point.
FIGURE 6.9 Packet capture of beacon frames
Active Scanning
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Active scanning is the second part of the WLAN discovery phase. In active
scanning, WLAN devices wishing to connect to a network send out a
management frame known as a probe request. The function of this
management frame is to find a specific wireless access point to connect with.
Depending on the wireless client utility software used, if an SSID is specified
in the client utility software active profile, the device will join only a network
with the matching SSID that is specified. An exception to this is a probe
request that contains a “wildcard SSID” or a “null SSID.” The IEEE 802.11
standard requires all access points to respond to a broadcast probe request
that contains a null SSID value. This type of probe request frame will not
specify an SSID value and will rely on the access points to provide the SSID in
the probe response frame.
Access points constantly listen for probe request frames. Any access point
within hearing range of the wireless device and having a matching SSID sends
out a probe response frame to the wireless device. If more than one access
point responds, the device selects the “best” access point to connect with
based on certain factors, such as signal strength and signal quality. Figure
6.10 illustrates the active scanning process.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.10 Wireless client device sending a probe request frame to access
points in radio range
Frames Used for Active Scanning
During the active scanning process, two frames are exchanged between
the device and the access point.
1. The WLAN device sends a broadcast probe request frame to all
devices, including access points within radio range.
2. The access point(s) sends a probe response frame to the device so that
it can identify the parameters of the network before joining.
Figure 6.11 shows a protocol analyzer capturing frames of the active scanning
process.
FIGURE 6.11 Packet capture of probe request and probe response frames
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The IEEE 802.11 standard requires access points to respond to
devices that are sending a null or blank SSID. The standard refers to this
as a wildcard SSID. It is important not to confuse this with disabling the
SSID broadcast on an access point. Most wireless equipment
manufacturers provide the capability to set the access point not to
respond to a probe request with a null or wildcard SSID. If the AP is set
not to respond to such probe requests, the wireless device is required to
have the SSID specified in the client utility in order to connect to the BSS.
IEEE 802.11 Authentication
Authentication in general is defined as verifying or confirming an identity.
We use a variety of authentication mechanisms in our daily lives, such as
logging onto a computer or network at home or at the office, accessing secure
sites on the Internet, using an ATM machine, or showing an identification
badge to get access to a building.
IEEE 802.11 devices must use an “authentication process” in order to access
network resources. This IEEE 802.11 authentication process differs from
conventional authentication methods such as providing credentials, such as a
username and password, to gain access to a network. The authentication
discussed here is wireless device or IEEE 802.11 authentication, required in
order for the device to become part of the wireless network and participate in
exchanging data frames by creating a connection to the access point.
(Providing credentials such as a username and password or a preshared key is
a different type of authentication, to be discussed in Chapter 8.) The IEEE
802.11 standard addresses two types of IEEE 802.11 authentication methods:
open system and shared-key.
IEEE 802.11 Open System Authentication
This 802.11 authentication method is defined by the IEEE 802.11 standard as
a null authentication algorithm and is a two-step authentication process. Two
management frames are exchanged between the device and the access point
during open system authentication. For the most part, open system
authentication cannot fail unless other security measures such as MAC
address filtering are put in place that will prevent the device from accessing
||||||||||||||||||||
||||||||||||||||||||
the network. Keep in mind that IEEE 802.11 open system authentication
always exists, even with the most secure WLANs. It is used to allow the
wireless station to connect to the access point and then after association use
additional credentials such as a passphrase or username and password pair
for authentication. If the wireless station did not perform an open system
authentication and association first, there would be no way to use additional
security mechanisms. IEEE 802.11 open system authentication is the only
valid authentication process allowed with newer WLAN security amendments
and interoperability certifications for the network to be considered a robust
security network (RSN).
Open system authentication is a very simple process. A WLAN device will ask
an access point, “Can I be a part of this network?” and the access point will
respond, “Sure, come join the party.” So there really is no validation of
identity. Open system authentication is considered a two-way frame exchange
because two authentication frames are sent during this process. It is not a
request and response situation; it is authentication and success.
Figure 6.12 illustrates open system authentication.
FIGURE 6.12 A wireless client authenticating to an access point using open
system authentication
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Open system authentication does not provide any type of data
encryption. With open system authentication, optional security solutions
can be used for data encryption as required. Wireless security solutions
will be discussed in more detail in Chapter 8.
Two steps are used for open system authentication. One management frame
is sent in each step.
1. The WLAN device wanting to authenticate sends an authentication frame
to the access point. This frame is acknowledged by the access point.
2. The access point accepting the authentication sends a successful
authentication frame back to the device. This frame is acknowledged by
the authenticating device.
Figure 6.13 shows a packet capture of the two-way, open system
authentication frame exchange.
FIGURE 6.13 Packet capture of open system authentication
IEEE 802.11 Shared-Key Authentication
IEEE 802.11 shared-key is another authentication method defined by the 1997
release of the original IEEE 802.11 standard. It is a little more complex than
open system authentication. This IEEE 802.11 authentication method is a
four-way frame exchange. During shared-key authentication, four
management frames are sent between the wireless device wanting to join the
wireless network and the access point. Shared-key authentication differs from
open system authentication in that shared-key authentication is used for both
IEEE 802.11 authentication and data encryption.
||||||||||||||||||||
||||||||||||||||||||
It is important not to confuse the IEEE 802.11 standard sharedkey authentication described here with newer authentication and
encryption methods defined in the IEEE 802.11i amendment to the
standard, which includes passphrase/pre-shared key authentication. IEEE
802.11i, WPA/WPA2 pre-shared key authentication, will be discussed
further in Chapter 8.
IEEE 802.11 shared-key authentication is considered flawed because
information is sent across the air in cleartext that relates to the
authentication key and therefore the encryption key that is used and could be
captured by an intruder. If an intruder were to capture the four wireless
frames used during the IEEE 802.11 shared-key authentication process, they
would be able to use this information with the appropriate software and
extract the security (WEP) key. The original IEEE 802.11 shared-key
authentication requires the use of Wired Equivalent Privacy (WEP) for both
wireless device authentication and data encryption. Because WEP is
mandatory with IEEE 802.11 shared-key authentication, an intruder could
potentially identify the WEP key used for the network by capturing the
authentication process using a wireless protocol analyzer. Shared-key
authentication, therefore, should always be avoided and is not allowed when
using newer IEEE 802.11i, WPA, or WPA2 security methods.
Some manufacturers have removed the option to set IEEE 802.11
shared-key authentication, both in infrastructure devices such as access
points and bridges and in client software utilities. If legacy devices are in
use on the network and still use shared-key authentication as the only
authentication option, steps need to be taken to protect the integrity of
the network and also to identify an appropriate upgrade path for the
devices using this authentication.
Figure 6.14 illustrates the four frames exchanged during the shared-key
authentication process.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.14 Shared-key authentication uses a four-way frame exchange.
Because WEP is mandatory with IEEE 802.11 shared-key authentication, it
makes a system vulnerable to intrusion. Therefore, open system
authentication is considered more secure than shared-key authentication
when WEP was used with open system authentication. This is because WEP
was used to encrypt the data only and not used for the IEEE 802.11
authentication process. WEP was designed as a way to protect wireless
networking users from casual eavesdropping. The IEEE 802.11-2016 standard
states, “The use of WEP for confidentiality, authentication, or access control
is deprecated. The WEP algorithm is unsuitable for the purposes of this
standard.”
||||||||||||||||||||
||||||||||||||||||||
Frames Used for Shared-Key Authentication
An 802.11 wireless device must perform an IEEE 802.11 authentication to
the wireless network prior to associating according to the 802.11 standard.
The following steps show the four-way frame exchange used for sharedkey authentication. This method should not be used but is shown here to
illustrate the process.
1. The WLAN device wanting to authenticate sends an authentication
frame to the access point. This frame is acknowledged by the access
point.
2. The access point sends a frame back to the WLAN device that contains
a challenge text. This frame is acknowledged by the WLAN device.
3. The WLAN device sends a frame back to the access point containing
an encrypted response to the challenge text. The response is encrypted
using the device’s WEP key. This frame is acknowledged by the access
point.
4. After verifying the encrypted response, the access point accepts the
authentication and sends a “successful authentication” frame back to
the device. This final frame is acknowledged by the device.
Figure 6.15 shows the four authentication frames used in shared-key
authentication.
FIGURE 6.15 Packet capture of a four-frame exchange 802.11 shared-key
authentication
IEEE 802.11 Association
IEEE 802.11 association takes place after a wireless device has been
successfully 802.11 authenticated either by open system authentication or by
shared-key authentication. In the association state, the authenticated device
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
can pass traffic across the access point to the network infrastructure or other
associated wireless devices, allowing access to resources that the device or
user has permissions to access. After a device is authenticated and associated,
it is considered to be part of the BSS. A device must be 802.11 authenticated
before it can be associated. Figure 6.16 illustrates the association process, and
Figure 6.17 shows frames used during the association process.
FIGURE 6.16 IEEE 802.11 authentication and association
FIGURE 6.17 Packet capture of the IEEE 802.11 association request and
association response process
After successful association, the IEEE 802.11 authentication and association
process is complete. Keep in mind that this is very basic access to the network
using either open system authentication or WEP for authentication and
encryption. After this process is complete, more advanced authentication
mechanisms, such as IEEE 802.1X/EAP (which provides user-based
authentication) or preshared key (passphrase), can be used to secure the
wireless network. These and other security components will be discussed in
more detail in Chapter 8.
||||||||||||||||||||
||||||||||||||||||||
Frames Used for IEEE 802.11 Association
After a successful 802.11 authentication, the association process will
begin. Association allows a wireless device to send information across the
access point to the network infrastructure or other wireless devices
connected to the access point.
1. A WLAN device sends an association request frame to the access
point. This frame is acknowledged by the access point.
2. The access point sends an association response frame to the device.
This frame is acknowledged by the associating device.
IEEE 802.11 Deauthentication and Disassociation
It is worthwhile to understand that the opposite of authentication and
association can occur in a WLAN. These events are known as
deauthentication and disassociation. Deauthentication occurs when an
existing authentication is no longer valid. This can be caused by a WLAN
device logging off from the current connection or transitioning to a different
BSS. A disassociation occurs when an association to an access point is
terminated. This may occur when the associated WLAN device roams from
one BSS to another. Both deauthentication and disassociation are
notifications, not requests. Since neither can be refused by either side, they
are both considered automatically successful from the sender’s perspective.
Unless IEEE 802.11w (management frame protection) is implemented,
deauthentication can also be a security issue. These frames can be used for
denial of service (DoS) attacks or to hijack a wireless device. Both
deauthentication and disassociation frames are management frames. Figure
6.18 shows how disassociation and deauthentication frames would look on a
protocol analyzer.
FIGURE 6.18 Packet capture of disassociation and deauthentication frames
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Tools are available that will continuously send deauthentication
frames to a device. Use of this type of tool can be considered a DoS attack.
An intruder may also use a deauthentication frame to force a device to
reauthenticate to an access point, causing the device to be hijacked. This
as well as other possible intrusion techniques will be discussed in Chapter
8. The 802.11w amendment provides enhancements to the IEEE 802.11
standard that enables data integrity, data origin authenticity, replay
protection, and data confidentiality for selected IEEE 802.11 management
frames, including authentication and association.
||||||||||||||||||||
||||||||||||||||||||
The Distribution System
In WLAN technology, the distribution system (DS) is the common network
infrastructure to which wireless access points are connected; it can be wired
or wireless mesh. In most cases this would be an Ethernet segment. In this
capacity, the access point acts like a Layer 2 translational bridge. A
translational bridge is defined as a device used to connect two or more
dissimilar types of LANs together, such as wireless (IEEE 802.11) and
Ethernet (IEEE 802.3). From a receiver’s perspective, this allows an access
point to take information from the air (the communication medium in
wireless networking) and make a decision either to send it back out to the
same wireless radio or to forward it across to the DS. An access point can do
this because it has enough intelligence to determine if a data frame is
destined to be sent to the DS or if it should stay on the originating wireless
side of the network. This is possible because the access point knows whether
a device is part of the WLAN side through the authentication and association
methods mentioned earlier. Figure 6.19 shows an example of a DS.
FIGURE 6.19 Two access points connected to a common distribution system
—in this case, IEEE 802.3, Ethernet
The DS is a network segment that consists of one or more connected basic
service sets. According to the original IEEE 802.11 standard, one or more
interconnected basic service sets make up an ESS. The DS allows WLAN
devices to communicate with resources on a wired network infrastructure or
to communicate with each other through the wireless medium. Either way, all
wireless frame transmissions will traverse through an access point.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
In some cases it may be feasible and justified to use a wireless mesh
distribution system. Unlike the wired distribution system, a wireless mesh
will connect basic service sets together using WLAN technology. Typically the
best way to use a wireless mesh is to use two different radio technologies in
the same access point. For example, using the 2.4 GHz band for wireless
client device access and the 5 GHz band for the wireless mesh will limit
contention and provide associated devices a better experience because one
radio is used for device access and the other creates the mesh network. Figure
6.20 shows an example of a wireless DS.
FIGURE 6.20 Two dual-band access points used to create a wireless mesh
distribution system
||||||||||||||||||||
||||||||||||||||||||
Data Rates
The speed at which wireless devices are designed to exchange information is
known as the data rate. As you will see in Chapter 7, “Modulation Technology
for Wireless Networking,” these rates will differ depending on the wireless
standard, amendment, spread spectrum type, or Physical layer technology in
use. Table 6.1 shows data rates for various WLAN technologies. Data rates do
not accurately represent the amount of information that is actually being
transferred between devices and a wireless network. Figure 6.21 shows an
IEEE 802.11ac WLAN adapter in a notebook computer reading a data rate of
867 Mbps. To learn more about the actual amount of information transferred,
see the next section, “Throughput.”
TABLE 6.1 Data rates and modulation and coding schemes based on spread
spectrum type
Standard/Amendment Technology Data Rates
802.11
FHSS
1 and 2 Mbps
802.11
DSSS
1 and 2 Mbps
802.11b
HR/DSSS
5.5 and 11 Mbps; 1 and 2 Mbps from
DSSS
802.11a
OFDM
6, 9, 12, 18, 24, 36 and 48 Mbps
802.11g
ERP-OFDM
6, 9, 12, 18, 24, 36 and 48 Mbps
802.11n
HT-OFDM
Up to 600 Mbps
802.11ac
VHT-OFDM Up to 6.93 Gbps aggregate
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.21 Windows 10 wireless configuration utility showing a data rate
of 867 Mbps for an IEEE 802.11ac WLAN adapter
||||||||||||||||||||
||||||||||||||||||||
Throughput
Unlike data rate (the maximum amount of information theoretically capable
of being sent), throughput is the amount of information actually being
correctly received or transmitted. Many variables affect the throughput of
information being sent. Some of these include
Spread spectrum or Physical layer technology type in use
RF interference
Number of wireless devices connected to an access point
An 802.11a/g/n wireless access point, for example, has a theoretical
maximum signaling rate of 600 Mbps, depending on the data rate or
modulation and coding scheme in use. With one user connected to this access
point, chances are the best throughput that could be expected is less than 50
percent of the maximum advertised rate. If more users connect to the same
access point, the throughput for each user would be even less, because of the
contention between users sharing the same wireless medium. Figure 6.22
shows an example of actual throughput for an 802.11a/g/n WLAN adapter.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.22 Actual throughput of an IEEE 802.11a/g/n 300 Mbps WLAN
adapter
||||||||||||||||||||
||||||||||||||||||||
Packing and Shipping Data: A Throughput Analogy
Packing and shipping an item in a cardboard box is a way of looking at
data rate versus throughput. You have a cardboard box that is rated to
have a maximum capacity of two cubic feet. You want to send a fragile
item such as a vase to somebody else. The vase, if measured, would really
take only about one cubic foot of space. This is a very fragile item,
however, and you want to make sure it gets to the destination without any
damage. Rather than just put the vase by itself in a box with a capacity of
one cubic foot, you want to protect it with some packing material, such as
bubble wrap. Wrapping the vase in bubble wrap will take an additional
one cubic foot of space.
The data rate is analogous to the box capable of holding two cubic feet of
material. The one-cubic-foot vase is analogous to the actual data being
sent. The packing material is analogous to the contention management
and other overhead that causes the throughput to be less than the
theoretical capacity of the WLAN device.
In Exercise 6.1 you will measure the throughput of your own wireless
network.
EXERCISE 6.1
Measuring Throughput of a Wireless Network
In this activity, you will measure throughput of a wireless network. If you
have the proper equipment, it is not too difficult. If you already have an
existing wireless network set up with a computer connected to the wired
side or DS, you have a good part of the setup done. This exercise uses the
JPerf software program for Microsoft Windows. JPerf is a graphical frontend program for IPerf from SourceForge. JPerf does require that Java be
installed on the computer. The following step-by-step instructions
assume a wireless access point already configured with TCP/IP settings as
well as SSID. To perform this exercise, you will need the following
equipment:
Two computers, both with Java installed
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
One wireless access point
One Ethernet cable
One wireless network adapter
JPerf software (jperf-2.0.2.zip)
The JPerf software is available from code.google.com/p/xjperf. Click the
Downloads link to complete the download.
Complete the following steps to measure throughput:
1. Connect the required equipment as shown in the following graphic.
2. Create a folder named Jperf on the C:\ drive on both computers and
extract the contents of the jperf-2.0.2.zip file you downloaded to the
Jperf folder you created. This folder needs to be created at the root or
C:\ in order for the remaining steps to work as written.
3. On the computer connected to the wired DS, open a command prompt.
This will vary based on the operating system in use. For example, if
you are using Windows 7, select Start ➢ All Programs ➢ Accessories
➢ Command Prompt. If you are using Windows 10, press and hold the
Windows and X keys to open the Programs menu and then click
Command Prompt. Steps for other operating systems may vary
||||||||||||||||||||
||||||||||||||||||||
slightly.
4. In the command prompt window, type the command ipconfig at the
C:\ prompt and note the IP address of this computer.
5. This computer will act as the JPerf server. In the open command
window, type cd\Jperf at the C:\ prompt and press the Enter key. This
will put you in the proper location of the JPerf program you copied to
this computer in step 2.
6. Enter the following command to start the JPerf server: jperf.bat.
After a few seconds, the JPerf 2.0.2 - Network Performance
Measurement Graphical Tool window will appear.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
7. In the Application Layer Options section, click the Output Format
drop-down box and select the MBits option. This will show the results
in megabits per second.
8. Click the Server radio button.
9. Click the Run IPerf! button in the upper-right corner of the window.
||||||||||||||||||||
||||||||||||||||||||
10. The JPerf server is now ready for throughput testing.
11. On the computer with a wireless network adapter, connect to your
access point using the wireless network adapter. This computer will
act as the JPerf client for throughput testing.
12. On this same computer, open a command prompt.
13. In the command prompt window, type the command ipconfig at the
C:\ prompt and verify the IP address of this computer.
14. Verify connectivity to the JPerf server by typing the following
command: ping {IP address}.
You will need to replace {IP address} with the server address you
recorded in step 4. You should see several replies if you are correctly
connected to the server through the access point.
15. This computer will act as the JPerf client. In the open command
window, type the command cd\jperf at the C:\ prompt and press
Enter.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
This will put you in the proper location of the JPerf program you
copied to this computer in step 2.
16. In the command prompt window, type the following command to
launch the JPerf graphical program: jperf.bat.
After a few seconds the JPerf 2.0.2 - Network Performance
Measurement Graphical Tool window will appear.
17. In the Application Layer Options section, click the Output Format
drop-down box and select the MBits option. This will show the results
in megabits per second.
18. Click the Client radio button, and in the Server Address field enter the
IP address of the server that you recorded in step 4.
19. Click the Run IPerf! button in the upper-right corner.
||||||||||||||||||||
||||||||||||||||||||
20. After 10 seconds the test will be complete and in the program window
you will see the actual throughput recorded using the JPerf program.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
21. Close the JPerf program window on both computers.
When you are finished, you can delete the JPerf program and folder
you created in step 2.
||||||||||||||||||||
||||||||||||||||||||
Dynamic Rate Switching
When a wireless device moves through the BSA or as the distance from the
access point increases, the data rate will decrease. Conversely, as the wireless
device moves closer to the access point, the data rate can increase. This is
called dynamic rate switching (DRS), also known as dynamic rate shifting
and even dynamic rate selection. This process allows an associated wireless
device to adapt to the RF signal strength and signal quality in a particular
location of the BSA. DRS typically is accomplished through proprietary
mechanisms set by the manufacturer of the wireless device. The main goal of
DRS is to improve performance for the wireless device connected to an access
point. As a wireless device moves away from an access point, the amount of
received signal will decrease because of the free space path loss. When this
occurs, the modulation type will change because the RF signal quality is less,
and thus a lower data rate will be realized.
You will see in Chapter 7 that different data rates use different modulation
technologies. Using a less complex modulation type at a lower data rate will
provide better overall performance as the station moves away from the access
point. Figure 6.23 illustrates how DRS works. As the wireless device moves
away from the access point, the data rate will decrease. Keep in mind the
opposite is true as well. As a wireless device moves closer to an access point,
the data rate will increase.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.23 A graphical representation of dynamic rate switching
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Transitioning/Roaming
In WLAN technology, transitioning (also referred to as roaming) is the term
for what happens when a wireless device moves from one BSS or access point
to another. Standards-based transitioning was not addressed in the original
IEEE 802.11 standard but was specified in later amendments. This process is
typically accomplished in a proprietary manner based on how the
manufacturer chooses to implement it. Manufacturers use different criteria
to initiate roaming from one access point to another. There was an
amendment to the IEEE 802.11 standard (IEEE 802.11F, Inter-Access Point
Protocol) that was ratified in June 2003 as a recommended practice intended
to address multivendor access point interoperability. This recommended
practice was implemented by few if any manufacturers, however, and was
withdrawn by the IEEE 802 Executive Committee in February 2006. The next
attempt to standardize transitioning between access points was IEEE 802.11r,
which was ratified in 2008. The driving force behind this amendment to the
standard was to allow for fast secure transition with voice devices over a
wireless network. Keep in mind that IEEE 802.11r is used in conjunction with
IEEE 802.1X/EAP and requires CCMP/AES support for both the
infrastructure and client devices.
When a WLAN device moves through a BSA and receives a signal from
another access point, it needs to decide whether to stay associated with the
current access point or to reassociate with the new access point. This decision
when to roam is proprietary and based on specific manufacturer criteria.
Some of these criteria manufacturers use include
Signal strength
Signal-to-noise ratio
Error rate
Number of currently associated devices
The most common metric used is received signal strength. When a WLAN
device chooses to reassociate to a new access point, the original access point
will hand off the association to the new access point as requested from the
new access point. Keep in mind it is the wireless client device that initiates
the move to a new access point. This move is done over the wired network or
DS based on how the manufacturer implemented the roaming criteria. Figure
6.24 illustrates a notebook computer roaming from one access point to a new
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
access point.
FIGURE 6.24 The roaming process for a WLAN
Frames Used for Reassociation (Roaming)
When a device transitions or “roams” to a new access point, it needs to
associate to the new access point. Because the device is already
associated, in order to connect to the new access point it must complete a
reassociation process.
1. A WLAN device sends a reassociation request frame to the new access
point. This frame is acknowledged by the new access point.
2. The new access point sends a reassociation response frame to the
wireless device after handoff across the DS from the original access
point has occurred. This frame is acknowledged by the reassociating
wireless device.
Figure 6.25 shows reassociation request and response frames in a protocol
analyzer.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 6.25 Packet capture of the reassociation process
The 802.11r amendment to the standard was ratified in 2008 and
is now part of the IEEE 802.11-2016 standard. This amendment specifies
fast BSS transition (FT) and allows for fast secure roaming for devices
between basic service sets. The main objective of this amendment is to
support wireless voice over IP (VoIP) technology allowing for a consistent
secure connection to the wireless network.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 Power Save Operations
Many WLAN devices are portable and use DC battery power to some degree. A
wireless network adapter uses DC power to operate, and in some cases this
could be a significant drain on the battery in the device. This is especially true
with newer IEEE 802.11n/ac wireless adapters that support MIMO
technology. The original IEEE 802.11 standard addresses a power save
operation designed to allow a WLAN radio to enter a dozing state in order to
conserve DC power and extend battery life. If the WLAN device is plugged
into a consistent power source such as an AC outlet, there is no reason to
implement power save features. However, portable devices that are mobile
and may not have access to an AC power source should consider using power
save operations. The original IEEE 802.11 standard specified two different
power save modes: active mode (AM) and power save (PS) mode. The PS
mode is considered legacy because the IEEE 802.11e amendment for quality
of service addresses new, more efficient power save mechanisms. Although
the original PS mode may be considered legacy, it still may be used in some
devices. As mentioned earlier in this chapter, in the section “IEEE 802.11
Frame Types,” a data frame known as a null function frame is used with
power management and does not carry any data but is used to inform the
access point of a change in power state. This is a non-standard variant that is
more efficient than the original power save mode because it does not use a
PS-Poll frame to retrieve buffered data frames from an access point.
Active Mode
In active mode (AM) a WLAN device or station (STA) may receive frames at
any time and is always in an “awake” state. In this case, the WLAN device is
not relying on battery power; thus, there is no reason for the device to assume
a low power state, and it will never doze. Some manufacturers refer to active
mode as continuous aware mode (CAM).
Power Save Mode
In power save (PS) mode, the WLAN device or station (STA) will doze or
enter a low power state for very short periods of times. At specific time
intervals, the device will “listen” for selected beacons and determine if any
data is waiting for it (buffered) at the access point. The beacon frame contains
information for associated devices regarding power save. When a WLAN
||||||||||||||||||||
||||||||||||||||||||
device associates to an access point, the device receives what is known as an
association ID (AID). The AID is a value that will represent that device in
various functions, including PS mode. The beacon frame contains an indicator
for each AID associated device to let wireless devices know whether they have
data waiting for them or buffered at the access point. If it is determined that
the access point does have data buffered for a specific device, the device will
send a control frame message (PS-Poll frame) to the access point to request
the buffered data. Figure 6.26 shows where power save mode can be set in the
advanced settings of the wireless adapter device driver.
FIGURE 6.26 The driver settings for a wireless adapter in a laptop computer
and power save mode setting
Power save mode may cause some amount of overhead for the WLAN device,
and there is a trade-off in performance. With power save mode enabled, the
battery life will be extended; however, performance will suffer to some degree
because the device will not be available to receive data continuously. The
device will be able to receive buffered data only during the “awake” state.
Power save mode is common in applications where battery conservation is
important, such as barcode scanners, voice over Wi-Fi-enabled phones, and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
other handheld devices.
Use of Power Save Mode in Barcode Scanners
Organizations such as retail, manufacturing, and warehousing have been
using 802.11 WLAN technologies for many years. Many of these
businesses use WLAN devices such as barcode scanners in addition to
notebook computers and other portable devices. Barcode scanners are
used heavily for inventory and asset tracking purposes. These devices
must run for many hours at a time, typically in 8- or 10-hour shifts for
individuals who may be using them. Applications such as this greatly
benefit from using IEEE 802.11 power save features and extending
battery life of WLAN devices. This minimizes downtime because batteries
in these devices don’t have to be changed or recharged as often during a
work shift.
Automatic Power Save Delivery
The IEEE 802.11e Quality of Service amendment to the standard fueled the
need for more efficient power save mechanisms in wireless networking.
Depending on the implementation and requirements, legacy power save
modes may not be efficient enough to work with applications that use QoS,
such as voice and video. Automatic power save delivery (APSD) differs from
the original power save mode in that a trigger frame will wake a device in
order to receive data. APSD is a more efficient way of performing power save
functions. It works well with time-bound applications that are subject to
latency, such as voice and real-time video.
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 Protection Mechanisms
In order to allow newer, faster WLAN technology such as 802.11g and 802.11n
devices to communicate with older, slower wireless devices, technology called
protection mechanisms was designed to allow for backward compatibility.
The mechanisms available depend on which amendment to the standard is
used. Protection mechanisms will provide the backward compatibility needed
to allow different technologies to coexist in the same RF space.
There are two broad categories of protection mechanism:
Extended rate physical (ERP) protection mechanism for IEEE 802.11g
networks
High-throughput (HT) protection mechanism for IEEE 802.11n networks
Each category includes several modes for specific situations.
IEEE 802.11g Extended Rate Physical Protection Mechanisms
In order for IEEE 802.11g and IEEE 802.11b devices to coexist in the same
BSA, the wireless access point must use extended rate physical (ERP)
protection. Most manufacturers of IEEE 802.11 WLAN equipment will
provide options when it comes to coexistence. These options usually include
the capability to set an access point to one of three operation modes:
IEEE 802.11b-only mode: DSSS and HR/DSSS
IEEE 802.11g-only mode: ERP-OFDM
IEEE 802.11b/g/n mixed mode: DSSS, HR/DSSS, and ERP-OFDM
IEEE 802.11b-Only Mode
This operation mode requires setting an access point to operate in 802.11bonly mode. This involves disabling all the IEEE 802.11g ERP-OFDM data
rates of 6, 9, 12, 18, 24, 36, 48, and 54 Mbps and allowing only DSSS data rates
of 1 and 2 Mbps and HR/DSSS rates of 5.5 and 11 Mbps. Enabling this mode
limits the maximum data rate to 11 Mbps. Setting an access point to this
mode has limited applications, such as using legacy IEEE 802.11b-only
capable devices.
IEEE 802.11g-Only Mode
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
This operation mode is the opposite of 802.11b-only mode. It disables all of
the IEEE 802.11b DSSS and HR/DSSS data rates of 1, 2, 5.5, and 11 Mbps, and
it allows the IEEE 802.11g ERP-OFDM data rates of 6, 9, 12, 18, 24, 36, 48,
and 54 Mbps. This operation mode is useful in an environment where
backward compatibility to 802.11b is not required, such as an environment
where all devices connecting have IEEE 802.11g capability, and the
throughput needs to be maximized; thus, there are no IEEE 802.11b devices
in use.
IEEE 802.11b/g/n Mixed Mode
Most deployments in the 2.4 GHz ISM band use this mode for
communications. This allows devices that support the IEEE 802.11g/n
amendments and IEEE 802.11b devices to operate together in the same BSA
and be associated to the same access point. As mentioned in Chapter 2,
“Wireless Local Area Networking, Standards, and Certifications,” throughput
will decrease when IEEE 802.11b devices and IEEE 802.11g/n devices are
both associated to the same access point.
Extended Rate Physical (ERP) mixed mode uses control frames to reserve the
wireless medium. Two options are available:
Request to Send/Clear to Send (RTS/CTS) One option of control frames
that are used as a protection mechanism to reserve the RF medium.
Clear to Send (CTS) to Self A single frame used as a protection
mechanism. This is a common implementation used by WLAN equipment
manufacturers. A benefit of using this frame is less overhead than the
RTS/CTS process.
Both RTS/CTS and CTS-to-Self control frames allow wireless devices using
different Physical layer technologies to share the wireless medium and help
to avoid collisions. These control frames specify how much time is needed for
a frame exchange between the transmitter and a receiver to complete. This
time value is processed by all devices in the BSA that are not part of the frame
exchange. Once this time has expired, the wireless medium is considered
clear.
||||||||||||||||||||
||||||||||||||||||||
Although administrators of many wireless networks now disable
IEEE 802.11b functionality, it is important to note that in some industries
this operation mode is still required for legacy device support. This is
most common in warehousing, manufacturing, and retail environments.
IEEE 802.11n High-Throughput Protection Mechanisms
IEEE 802.11n devices operate in either the 2.4 GHz or the 5 GHz band.
Backward compatibility for IEEE 802.11a/b/g devices needs to be taken into
consideration. The IEEE 802.11n amendment identifies several different
modes for high-throughput (HT) protection mechanisms. These mechanisms,
known as HT protection modes, are a set of rules that devices and access
points will use for backward compatibility:
Mode 0–No protection mode
Mode 1–HT nonmember protection mode
Mode 2–HT 20 MHz protection mode
Mode 3–Non-HT mixed mode
These modes are constantly changing based on the RF environment and
associated wireless devices. The goal with IEEE 802.11n wireless networks is
to get to Mode 0 (no protection mode). With today’s wireless networks and
WLAN technology, we are more than likely at Mode 3 (non-HT mixed mode)
or possibly even one of the other two modes in most cases.
Mode 0–No Protection (AKA Greenfield) Mode
Mode 0, or no protection mode, allows for HT devices only. These HT devices
must also share operational functionality and they must match; for example,
they must all support 20 MHz or 20/40 MHz channels only. If an IEEE
802.11n (HT) access point is set to 20/40 MHz channel width and a client
capable of only 20 MHz wide channels associates, the connection is not
considered no protection mode. Mode 0 does not allow IEEE 802.11a/b/g
devices using the same RF channel. IEEE 802.11a/b/g devices will not be able
to communicate with an access point in Mode 0. Transmissions from these
devices will cause collisions at the access point, causing some degradation in
throughput because it is seen by the HT system as RF interference.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Mode 1–HT Nonmember Protection Mode
All devices in Mode 1, or HT nonmember protection mode, must be HTcapable. When a non-HT device—that is, an IEEE 802.11a/b/g access point or
wireless client device—is within the hearing range of the HT access point and
on the same 20 MHz channel or one of the 20/40 MHz wide channels, this
protection mode will be activated.
Mode 2–HT 20 MHz Protection Mode
All devices in Mode 2, or HT 20 MHz protection mode, must be HT-capable as
well. The operation of this protection mode is based on the fact that 802.11n
devices can use 20 MHz or 20/40 MHz wide channels. Mode 2 means that at
least one 20 MHz HT station is associated with the HT 20/40 MHz access
point and that the access point provides compatibility for 20 MHz devices.
Mode 3–Non-HT Mixed Mode
Mode 3, or non-HT mixed mode, is used if one or more non-HT stations are
associated in the BSS. This mode allows backward compatibility with non802.11n or IEEE 802.11a/b/g wireless devices. This is the likely the most
common mode for IEEE 802.11n HT networks today because of the need for
backward compatibility and the legacy IEEE 802.11 wireless devices that are
still in use on most wireless networks.
Additional HT Protection Modes
Two other HT protection modes are also available:
Dual CTS is a Layer 2 protection mechanism that is used for backward
compatibility between IEEE 802.11n HT and IEEE 802.11a/b/g devices.
Phased coexistence operation (PCO) is an optional BSS mode with
alternating 20 MHz and 20/40 MHz phases controlled by a PCO-capable
access point.
||||||||||||||||||||
||||||||||||||||||||
Summary
WLANs can operate in one of two methods: either ad hoc mode, which means
no access points are used, or infrastructure mode, where an access point
provides a central point of communication for the WLAN devices. In this
chapter, we looked at these modes of operation as well as the service sets
IEEE 802.11 networks use. We looked at the following three configurations
for WLANs:
Independent basic service set (IBSS)
Basic service set (BSS)
Extended service set (ESS)
We explained the configuration of each, along with some of the advantages
and disadvantages of each configuration—from an IBSS, which uses no access
points, to a BSS or ESS, which uses one or many access points. Some of the
configuration parameters, such as SSID and RF channel, and how they are
used were also explained. Some of these abbreviations are very close in
spelling and sound similar when spoken. It is important to understand the
differences among the following abbreviations:
Service set identifier (SSID)
Extended service set identifier (ESSID)
Basic service set identifier (BSSID)
Independent basic service set (IBSS)
Basic service set (BSS)
Extended service set (ESS)
Basic service area (BSA)
For example, SSID is the name of the wireless network, and the BSSID is the
unique identifier MAC address of the AP radio.
In addition to explaining the different configurations and terminology used,
we looked at the processes wireless devices use to connect to and become part
of a WLAN, including:
Wireless discovery
Passive scanning
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Active scanning
IEEE 802.11 authentication
IEEE 802.11 association
The discovery processes of passive scanning (listening for beacons) and active
scanning (joining a WLAN) are important parts of starting the connection
process. This continues with 802.11 authentication—in most cases open
system—and the 802.11 association process. Once these processes are
complete, the device finally becomes part of the wireless network, enabling it
to pass traffic across to the access point to the network infrastructure.
You also learned about the components and technology that play a role with
IEEE 802.11 wireless networks, such as:
Distribution system (DS)
Data rate (what is advertised)
Throughput (what is actual)
Both a wired DS, in most cases Ethernet, and a wireless DS using radios and
access points provide connectivity for wireless infrastructure. We looked at
the differences between data rate and throughput. It is important to
understand that an access point may have a data rate of 54 Mbps or even up
to 6933.3 Mbps, but throughput (the actual data transmission rate) is
typically less than half of the data rate. Because WLANs are contention based,
data throughput will be even less when more devices connect to the network.
Dynamic rate switching (DRS)—a client transferring more or less data
depending on the proximity from an access point as well as roaming or
moving through the BSAs and being able to maintain connectivity—was also
discussed in this chapter. Finally, the chapter covered the important topics of
power save mode and protection mechanisms. With power save mode, a
WLAN device is able to extend battery life by entering into a low-power state
or “doze” for very short periods of time. This permits the device to consume
less battery power, therefore allowing connectivity for longer periods of time
without changing or recharging the battery. The modes discussed were
Active mode
Power save mode (PS)
Automatic power save delivery (APSD)
||||||||||||||||||||
||||||||||||||||||||
It is beneficial to understand the differences in power save capabilities among
these modes.
Lastly, we discussed the following IEEE 802.11 protection mechanisms and
the importance of these methods to provide backward compatibility and
coexistence to older technology devices:
Extended rate physical (ERP) protection for IEEE 802.11g
High-throughput (HT) protection for IEEE 802.11n
We looked at some highlights of both protection mechanism technologies for
IEEE 802.11g and 802.11n networks.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Understand the different operation methods for IEEE 802.11
wireless networks. Know the difference between infrastructure and ad hoc
mode as well as the use of both.
Be familiar with the different service sets used with wireless
networking. Understand the differences among IBSS, BSS, BSA and ESS.
Identify the terminology used with IEEE 802.11 wireless
networking. Understand the differences among SSID, ESSID, and BSSID.
Know which one identifies the name of a network and which one identifies
the physical address of an access point.
Know the process that devices use to join a WLAN. Understand the
process and operation of discovery, passive scanning, active scanning, IEEE
802.11 authentication, and IEEE 802.11 association.
Understand the differences between distribution systems as well as
data transfer. Identify the differences as well as the function of a wired DS
and wireless DS and roaming between each. Know the differences between
data rate and throughput as well as DRS.
Identify the power-save capabilities of IEEE 802.11 wireless
networks. Know the various power save modes of both legacy and Wi-Fi
Multimedia (WMM), including active mode, power save mode, and APSD.
Know the various protection mechanisms available for both IEEE
802.11g and 802.11n wireless networks. Be familiar with the two
protection mechanisms: ERP protection mechanisms and HT protection
mechanisms. Understand that these mechanisms provide coexistence for
newer and legacy WLAN devices.
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. When a WLAN device listens for beacon frames, it is participating in
which phase?
A. Power save
B. Passive scanning
C. Active scanning
D. Authentication
2. You are a sales engineer connected to an IEEE 802.11ac access point with
a mobile computer. As you move away from the access point, the
connection speed slows to the next lowest supported data rate. The change
in data rate is described by which term?
A. Dynamic frequency selection
B. Transmit power control
C. Dynamic rate switching
D. Transmit save mode
3. An independent basic service set (IBSS) consists of how many access
points?
A. 0
B. 1
C. 2
D. 4
4. WLAN devices in an 802.11a peer-to-peer network will connect to which
device(s)?
A. An access point
B. 802.11g client devices
C. 802.11a client devices
D. A wireless switch
5. As a device moves away from an access point, which of the following is
true regarding dynamic rate switching?
||||||||||||||||||||
||||||||||||||||||||
A. Data rate decreases
B. Output power decreases
C. Data rate increases
D. Output power increases
6. A service set identifier (SSID) has a maximum limit of how many
characters or octets?
A. 8
B. 16
C. 32
D. 128
7. You are a technical support engineer and receive a call from a customer
regarding a problem with their wireless network connection. The building
has an ESS network with five 802.11ac access points. The customer claims
that when they move from their office to a conference room using the
802.11ac network they lose their connection and cannot connect to the
access point in the conference room. Which is the most likely cause for
this user to lose their connection when they roam on the wireless
network?
A. Different RF channel
B. Mismatched SSID
C. Different BSSID
D. Mismatched association
8. A beacon frame advertises information about the wireless network. A
beacon frame is what type of frame?
A. Data
B. Control
C. Management
D. Detail
9. In order for a wireless client to become completely part of the basic
service set, it must first ____________ and ____________ then .
Technet24.ir
||||||||||||||||||||
A. Associate, authenticate
B. Authenticate, associate
C. Deauthenticate, authenticate
D. Disassociate, authenticate
10. The process in which a WLAN client connection moves from one access
point to another is called ____________.
A. Reauthentication
B. Roaming
C. Rebuilding
D. Roving
11. In order to set up an ad hoc network, a user must know which two
parameters? (Choose two.)
A. SSID
B. BSSID
C. Channel
D. MAC address
E. Protection mode
12. The open system authentication process uses how many frames?
A. One
B. Two
C. Three
D. Four
13. You are a help desk support technician at a retail department store, and
you receive a call from a manager in the administrative offices. He
complains that the performance of his 802.11g/n notebook computer
decreases several times throughout the day. Upon visiting the customer,
you realize several people are performing inventory using 802.11b barcode
scanners in the adjacent room. What is most likely the cause of the poor
performance for the manager’s notebook computer?
||||||||||||||||||||
A. Association
||||||||||||||||||||
B. Authentication
C. ERP protection
D. HT protection
14. Which items describe a service set identifier (SSID)? (Choose two.)
A. 32 characters maximum
B. 64 characters maximum
C. Is case sensitive
D. Is not case sensitive
15. A basic service set identifier (BSSID) is the unique identifying MAC
address of the ____________.
A. AP radio
B. AP Ethernet port
C. Router
D. Client
16. When an IEEE 802.11g WLAN consists only of wireless client stations, the
network is operating as which type of basic service set?
A. Active
B. Independent
C. Passive
D. Infrastructure
17. You are a technical support engineer and provide help desk support for the
network in a manufacturing company. You receive a call from the sales
manager who wants to know how power save operations should be set up
on her notebook computer to optimize the system performance. The
notebook computer is plugged into an AC power source and rarely used on
battery. Which mode would you recommend her to set on the wireless
adapter?
||||||||||||||||||||
A. Power save mode
B. Association mode
Technet24.ir
||||||||||||||||||||
C. Active mode
D. Passive mode
18. According to the IEEE 802.11 standard, an extended service set (ESS)
consists of how many interconnected basic service sets?
A. One or more
B. Two or more
C. Three or more
D. Four or more
19. The IEEE 802.11 association process happens after which phase?
A. Authentication
B. Distribution
C. Deauthentication
D. Reauthentication
20. A basic service set (BSS) consists of how many access points?
||||||||||||||||||||
A. Zero
B. At least one
C. At least two
D. At least four
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 7
Modulation Technology for Wireless Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
3.4 Define and differentiate between Physical layer wireless
technologies
3.5 Define concepts that make up the functionality of RF and
spread-spectrum communication
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
3.1 Identify AP features and capabilities and understand
configuration options related to them
5.2 Troubleshoot performance problems
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
3.1 Identify AP features and capabilities
3.3 Determine capabilities of client devices
In computer networking it is important to understand how
digital data is sent from one device to another. Whether on a wired network
or a wireless network, an access method is used to transfer this type of
electronic information. Two common access methods are CSMA/CD and
CSMA/CA. The type of medium in use—wired or wireless—will determine
which of these two access methods is best suited for the application. You saw
in previous chapters that wireless LANs (WLANs) use radio frequencies (RFs)
with air as the communication medium. This chapter will discuss the various
techniques and methods used to get digital computer data from one device to
another using spread-spectrum and other Physical layer modulation
technologies.
||||||||||||||||||||
||||||||||||||||||||
It is important to understand that different WLAN spread-spectrum
technologies such as DSSS HR/DSSS will allow for various data rates. The
spread-spectrum or other Physical layer technology in use, such as orthogonal
frequency-division multiplexing (OFDM) or high throughput orthogonal
frequency division multiplexing HT-OFDM, will determine the maximum
amount of data transfer as well as the resilience to noise and other interfering
sources. We will look at the 802.11 channels, the number of channels
available, channel spacing, and frequencies of the unlicensed RF bands used
with wireless networking. We will also discuss the implications of
overlapping channels and interference. Finally, this chapter will discuss colocation of different technologies used in various amendments to the
standard as well as interference from WLANs and other sources, including
WPANs.
The IEEE 802.11-2016 standard has been officially released. This
standard includes all communication amendments that were outstanding
or part of the IEEE 802.11-2012 standard, including IEEE
802.11a/b/g/n/ac. Even though these amendments are incorporated into
the newest version of the standard, we will discuss the technology using
the original amendment names, 802.11b, 802.11a, and so on, because
these names are still commonly used in the industry.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Network Access Methods
Network access methods enable devices connected to a common
infrastructure to communicate and transmit data across a network medium
from one device to another. Several different types of network access
methods are used in computer networks. The following two types are
discussed in this chapter:
Carrier Sense Multiple Access/Collision Detection (CSMA/CD)
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
Because Ethernet networks use a bounded wired medium and have the
capability to detect collisions, 802.3 Ethernet networks use CSMA/CD as the
access method. Devices on a WLAN do not have the capability to detect
collisions due to the use of an unbounded medium; therefore, 802.11 WLANs
use CSMA/CA for the access method. Since multiple wireless devices can use
an access point at the same time, wireless devices that connect to an access
point are competing to share the medium; therefore, it is important to control
the medium in order to minimize collisions. The CSMA/CA process provides
this control.
Detecting Network Traffic Collisions with CSMA/CD
802.3 Ethernet networks use CSMA/CD to share the medium. The name of
this access method describes how it functions.
The abbreviation CSMA/CD is broken down as follows:
Carrier Sense—Devices sense the medium (in this case, Ethernet cable)
to see if it is clear (no data being transmitted).
Multiple Access—Many devices accessing the medium at the same time.
Collision Detection—Detecting collisions that occur on the medium
during the transmission of data.
CSMA/CD is a contention-based media access control method that Ethernet
devices use to share the medium. This method allows only one device to
transmit at any one time.
In computing terminology, contention is defined as multiple devices
competing for a chance to send data on the network. CSMA/CD functions like
this:
||||||||||||||||||||
||||||||||||||||||||
1. A device with data to transmit checks whether any data is being
transmitted on the Ethernet cable (sensing).
2. If the device senses that the medium is clear and no data is being
transmitted, it transmits its own data.
3. If more than one device transmits simultaneously, a collision occurs and
the data is lost. The devices detect the collision and each will back off for a
random amount of time.
4. After the random amount of time expires, the device checks the cable and
attempts to send the data again.
This contention of the Ethernet segment is one reason for decreased data
throughput of the transmitting devices. Figure 7.1 demonstrates CSMA/CD
with desktop computers connected to an Ethernet segment.
FIGURE 7.1 Computers connected to Ethernet cable using CSMA/CD
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Conversation as a Form of CSMA/CD
An analogy for CSMA/CD is a conversation among a group of people in
which all the individuals in the group would like a chance to speak.
Everyone is listening to each other (sensing the medium). Only one
person at a time gets a chance to say something. This is an example of a
multiple access (MA) shared medium. If there is a pause in the
conversation, two or more people listening may notice the opportunity
and may say something at the exact same time, in which case neither may
be heard by the rest of the group. This is an example of a collision. At this
point, the collision is detected (CD), and those involved in the failed
communication wait a few seconds and attempt to speak again later—
hence, CSMA/CD.
Avoiding Network Traffic Collisions with CSMA/CA
WLANs use CSMA/CA to share the medium. The main difference from
CSMA/CD is the CA—collision avoidance. Just as in CSMA/CD, the
abbreviation CSMA/CA gives an idea of how it functions:
Carrier Sense—Sensing the medium, in this case the air
Multiple Access—Many devices accessing the medium at the same time
Collision Avoidance—Avoiding collisions that may occur on the
medium during transmission
Because WLAN devices have no way to detect collisions, the CSMA/CD access
method is not an adequate solution for WLAN communications. If WLANs
were to use CSMA/CD, collisions would occur at the wireless access point,
and all data would be lost. At this point, a transmitting device would not know
that it should retransmit the information, because the receiving device would
be unaware that a collision occurred; the result would be very poor
performance.
Instead of detecting transmission collisions, CSMA/CA uses mechanisms that
attempt to avoid collisions. Although these mechanisms impose some
overhead, the overall benefit is better data throughput because data collisions
are minimized. This overhead occurs because devices use “countdown timers”
that require them to wait for periods of time before they are able to transmit
||||||||||||||||||||
||||||||||||||||||||
again. This helps to avoid data collisions.
Lecture Q&A as a Form of CSMA/CA
An analogy for CSMA/CA is the question-and-answer period following a
lecture. The lecture hall is filled with many people (multiple access). A
presenter has finished giving a speech, and it is now question-and-answer
time. The presenter shouts out, “Does anyone have a question?” An
attendee named Marvin listens (sensing the carrier). He does not hear
anyone speaking, so he yells out a question. Although many people are in
the room (again, multiple access), they can hear that Marvin has the floor
and this time is dedicated to him. So they defer and do not ask their
question until Marvin’s question has been answered by the speaker
(collision avoidance); hence, CSMA/CA.
Reserving Time for Data Transmission Using Distributed
Coordination Function
One of the access methods WLAN devices use to communicate is known as
distributed coordination function (DCF). This method of access employs a
contention period for devices competing to send data on the network. This
collision avoidance mechanism is part of a detailed process requiring certain
criteria to be met in order for a frame (a Layer 2 digital transmission unit) to
be transmitted across the medium. In the case of WLAN technology, this
medium is the air, using RFs. The IEEE 802.11 standard requires all service
set types to support the DCF mode of operation.
To avoid collisions, the devices are required to
Detect the RF energy of other devices transmitting, a technique known as
Clear Channel Assessment (CCA), which is the physical carrier sense.
Announce how much time is required for the frame exchange to occur,
allowing other stations to read the duration field and set their Network
Allocation Vector (NAV), which is the virtual carrier sense.
Wait for a predetermined period of time between frames, a technique
known as interframe spacing.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Back off and retry if the medium is busy, a technique known as the
random backoff timer via the contention window.
In short, these devices are reserving the medium so that transmissions can
take place and avoid collisions. Figure 7.2 illustrates WLAN devices using
CSMA/CA for an access method.
FIGURE 7.2 Wireless LAN devices using CSMA/CA and DCF
The 802.11 standard also specifies two other access methods used
with wireless networking. Point coordination function (PCF) mode is a
contention-free mode that works by polling stations and giving them an
opportunity to send information without contending with other devices.
PCF mode was optional and never implemented by any manufacturers.
The IEEE 802.11-2016 standard states, “The PCF mechanism is obsolete.
Consequently, this subclause might be removed in a later revision of the
standard.” Another access method, Hybrid coordination function (HCF)
mode, was introduced with 802.11e for quality of service (QoS)
technology.
Effects of Half-Duplex on Wireless Throughput
||||||||||||||||||||
||||||||||||||||||||
As discussed in Chapter 3, “Infrastructure and Client Devices Used with
Wireless Networking,” WLANs use half-duplex communication. To review,
half-duplex in computer terminology is defined as two-way communication
that occurs in only one direction at a time. Communication only one way at a
time means less data throughput for the connected device(s). Half-duplex
communication is part of the reason why in WLANs the amount of data being
transferred is sometimes less than half of the advertised data rate; collisions
and additional overhead are other factors to consider. An 802.11b/g/n device
may only get 95 Mbps or less data transfer even though this technology is
rated at 195 Mbps, assuming a 3×3:3 multiple input/multiple output (MIMO)
802.11n access point using a 20 MHz–wide channel. On a good day, devices
will also average less than half of the advertised data rates due to the
associated overhead and the use of half-duplex shared medium technology.
Figure 7.3 shows the half-duplex communication method and some of the
effect it has on throughput. The data rate in this example is 450 Mbps, but the
throughput is less than half of that, about 225 Mbps. The newest IEEE
standards-based technology, 802.11ac, uses MIMO technology and has a
potential maximum signaling rate of up to 6933.3 Mbps. However, many of
the client devices available today are capable of a maximum of about 450–
866.7 Mbps. The actual throughput can be much less than the advertised
signaling rate.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.3 Half-duplex operation has some effect on overall data
throughput.
Narrowband vs. Spread-Spectrum Communication
Narrowband and spread-spectrum are two examples of how devices can
communicate using RF.
One example of narrowband communication is an FM radio station. FM radio
stations use licensed frequency ranges that are tuned to a specific RF in the
FM band. A radio station can transmit a signal at a high power of tens of
thousands of watts in a very narrow frequency. Depending on the conditions,
a receiver can hear the station for tens or even possibly hundreds of miles.
Figure 7.4 shows the high amount of output power over a narrowband
frequency of a potential FM radio station.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.4 Narrowband frequency—high power, narrow frequency
In contrast, spread-spectrum technology uses low power over a wider range of
frequency. Figure 7.5 illustrates how a spread spectrum–capable access point
uses low power over a wide frequency range.
FIGURE 7.5 Spread-spectrum technology—low power, wide frequency
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Lecturer vs. Breakout Discussions
Narrowband communication is similar to a lecture presented in a large
room filled with several hundred attendees. The presenter may have a
microphone connected to an amplifier or PA system to address the large
audience. All attendees at this event will pay attention to the presenter,
who will get the message across to the entire audience in this very large
venue.
Spread-spectrum communication is similar to what happens when the
same audience breaks out into small groups in which each member is
communicating only with other members of that group. These groups of
individuals will be speaking at a much lower volume without the help of a
high-power microphone, and the conversation volume will not exceed the
area in which this group is contained.
||||||||||||||||||||
||||||||||||||||||||
Spread-Spectrum Technology
Two types of spread-spectrum technology were specified in the original IEEE
802.11 WLAN standard ratified in 1997:
Frequency-hopping spread spectrum (FHSS)
Direct-sequence spread spectrum (DSSS)
These spread-spectrum technologies communicate in the 2.4 GHz industrial,
scientific, and medical (ISM) frequency range. There are advantages and
disadvantages to each of these spread-spectrum types.
Spread-spectrum technologies take the digital information generated by a
computer (ones and zeros) and, through the use of modulation technologies,
send it across the air between devices using RF.
In order for devices to communicate effectively and understand one another,
they must be using the same spread-spectrum and modulation technology.
This would be analogous to two people trying to talk with each other. If the
two people don’t know the same language, they will not be able to understand
each other and a conversation could not take place.
Frequency-Hopping Spread Spectrum
Frequency-hopping spread spectrum (FHSS) is used in a variety of devices in
computer technology and communications. FHSS was used by many early
adopters of wireless networking, including computers, barcode scanners, and
other handheld or portable devices. Although defined in the original IEEE
802.11 standard, this technology is considered obsolete in IEEE 802.11
wireless networking. However, FHSS is still used in devices such as cordless
telephones and IEEE 802.15 wireless personal area networks (WPANs),
including Bluetooth mice, cameras, phones, and wireless headsets.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FHSS is now considered obsolete with respect to 802.11 wireless
networking and has formally been removed from the newest version of
the standard (IEEE 802.11-2016). However, it is important to understand
that some other wireless technologies still use FHSS as a communication
mechanism and may cause interference with WLAN devices that use the
same 2.4–2.5 GHz ISM frequency band.
802.11 Direct-Sequence Spread Spectrum
Direct-sequence spread spectrum (DSSS) is a spread-spectrum technology
used with WLANs and defined by the original IEEE 802.11 standard. DSSS
supports data rates of 1 and 2 Mbps and is considered very slow by today’s
computer networking requirements.
DSSS uses special techniques to transmit digital data (ones and zeros) across
the air using RF. This is accomplished by modulating or modifying the RF
characteristics, such as phase, amplitude, and frequency (see Chapter 4,
“Radio Frequency Fundamentals for Wireless Networking”).
In addition to modulation, DSSS uses technology known as a spreading code
to provide redundancy of the digital data as it traverses through the air. The
spreading code transmits information on multiple subcarriers, and the
redundancy helps the receiver detect transmission errors due to interference.
Subcarriers are smaller segments of the RF channel that is in use. This
spreading of information across the 22 MHz–wide RF channel is what helps
makes DSSS resilient to interference. This spreading code technology allows
the receiver to determine if a single bit of digital data (symbol) received is a
binary 0 or binary 1. Depending on the data rate, the transmitter and receiver
understand the spreading code in use and therefore are able to communicate.
An example of a coding technique is Barker code. Barker code is used as the
spreading code for DSSS at the data rates of 1 and 2 Mbps. IEEE 802.11
WLANs can use this 11 “chip” spreading code for communications. Each
digital data bit (binary 1 or 0) is combined with the set Barker code through
what is called an exclusive OR (XOR) process. XOR is a way of combining
binary data bits in digital electronics. The result then spreads the binary 0 or 1
over a 22 MHz–wide channel, helping to make it resilient to RF interference.
Since both the transmitter and receiver understand the same code, they
||||||||||||||||||||
||||||||||||||||||||
would be able to determine the information that was sent across the air.
DSSS operates within a range of RF frequency also known as a channel. The
channel is defined by its center frequency; that is, Channel 1 is 2.412 GHz on
center, Channel 2 is 2.417 GHz on center, and so on. Each channel in the 2.4
GHz ISM band is separated by 5 MHz on center. Unlike narrowband
communication, which operates on a single narrow frequency, a DSSS
channel is 22 MHz wide and is one of 14 channels in the 2.4 GHz to 2.5 GHz
ISM band. The country and location of the device will determine which of the
14 channels are available for use in that specific area.
Figure 7.6 shows that channel 6 is 22 MHz wide in the ISM unlicensed RF
band.
FIGURE 7.6 DSSS is limited to a 22 MHz–wide channel in the 2.4 GHz ISM
band. Each channel for DSSS is 5 MHz on center.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FHSS and DSSS both operate in the same frequency range. If
devices that use both technologies are occupying the same physical area,
the devices may encounter some interference. Therefore, RF interference
may occur from either IEEE 802.11 WLAN devices using the same
channel or non-IEEE 802.11 WLAN devices that are using the same RF
channel. This includes anything wireless that does not adhere to the IEEE
802.11 protocol rules but is operating in the same frequency range, such
as 2.4 GHz wireless cameras, 2-way radios or radio monitors, and even
microwave ovens.
802.11b High Rate/Direct-Sequence Spread Spectrum
High rate/direct-sequence spread spectrum (HR/DSSS) was defined in the
IEEE 802.11b amendment to the IEEE 802.11 standard. HR/DSSS (802.11b)
introduced higher data rates of 5.5 and 11 Mbps. At the time the amendment
was released, because of the higher data rates this technology helped fuel the
acceleration of IEEE standards based on WLAN technology. The desire for
802.11 technology grew as the availability became greater and the cost
decreased.
Like DSSS, HR/DSSS uses one of fourteen 22 MHz–wide channels to
transmit and receive digital computer data. The main difference between
these two technologies is that HR/DSSS supports higher data rates of 5.5
Mbps and 11 Mbps.
HR/DSSS (802.11b) also uses a different spreading code or an encoding
technique from DSSS. HR/DSSS uses complementary code keying (CCK) for
transmitting data at 5.5 and 11 Mbps. The detailed operation of CCK is beyond
the scope of this book.
IEEE 802.11 DSSS and HR/DSSS Channels
DSSS and HR/DSSS operate in the 2.4 GHz industrial, scientific, and medical
(ISM) license free band. This band has 14 available channels. Depending on
the country and location, all 14 channels may not be available. Table 7.1
shows the 14 available channels in the 2.4 GHz ISM band for a few different
countries.
||||||||||||||||||||
||||||||||||||||||||
TABLE 7.1 14 available channels in 2.4 GHz ISM band
Channel Frequency (GHz) Americas EMEA Israel China Japan
1
2.412
✓
✓
✓
✓
✓
2
2.417
✓
✓
✓
✓
✓
3
2.422
✓
✓
✓
✓
✓
4
2.427
✓
✓
✓
✓
✓
5
2.432
✓
✓
✓
✓
✓
6
2.437
✓
✓
✓
✓
✓
7
2.442
✓
✓
✓
✓
✓
8
2.447
✓
✓
✓
✓
✓
9
2.452
✓
✓
✓
✓
✓
10
2.457
✓
✓
✓
✓
✓
11
2.462
✓
✓
✓
✓
✓
12
2.467
✓
✓
✓
13
2.472
✓
✓
✓
14
2.484
✓
Figure 7.7 shows the 14 available channels and the amount of overlap in the
2.4 GHz ISM band.
FIGURE 7.7 The 2.4 GHz ISM band allows 14 channels.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Of these 14 channels, mathematically there are only 3 adjacent
nonoverlapping channels, with the exception of channel 14. According to the
IEEE 802.11-2016 standard, “Channel 14 shall be designated specifically for
operation in Japan.” Channel 14 is separated by 12 MHz on center from
Channel 13, whereas Channels 1–13 are separated by 5 MHz on center of each
channel. There are 3 MHz of separation where the RF of one channel ends
and the next adjacent nonoverlapping channel begins. For example, Channel 1
and Channel 6 are adjacent nonoverlapping channels. Channel 1 ends at 2.423
GHz, and Channel 6 begins at 2.426 GHz. Mathematically this is a separation
of 3 MHz. This means that three access points can be co-located in the same
physical space without overlapping channel interference. However, there is
still theoretically a small amount of overlapping RF or harmonics between
these two channels. This small level of overlap is not large enough to cause
any real interference issues because the signal becomes weaker as it spreads
further away from the channel’s center frequency. Figure 7.8 illustrates 3 of
the first 14 channels that do not overlap in the 2.4 GHz ISM band.
FIGURE 7.8 3 nonoverlapping channels possible in the 2.4 GHz ISM band
Each DSSS channel is 22 MHz wide. Using spread-spectrum technology, a 22
MHz–wide channel helps add resiliency to interference for data
transmissions and gives the capability to move large amounts of data with a
small amount of RF power. Some early IEEE 802.11 devices included barcode
scanners, and they worked with limited battery life. Using a spreading
technology instead of narrowband technology (which would be higher RF
transmit power) helped to conserve battery life and increased the use of IEEE
802.11 devices as a whole.
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11g Extended Rate Physical
The IEEE 802.11g amendment was released in 2003 and introduced
technology that allowed for higher data rates for devices and operation in the
2.4 GHz ISM band. The objective of this amendment was to allow for these
higher data rates (up to 54 Mbps) using orthogonal frequency-division
multiplexing (OFDM) and still maintain backward compatibility with existing
802.11b technology and devices. This technology, known as Extended Rate
Physical (ERP), builds on the data rates of 1, 2 Mbps DSSS (802.11) and 5.5,
11 Mbps HR/DSSS (802.11b). The 802.11g amendment introduced several
compatibility operation modes:
ERP-DSSS
ERP-CCK
ERP-DSSS/CCK
ERP-OFDM
The 802.11g amendment required support for ERP-DSSS/CCK and ERPOFDM. This allowed for both the 802.11b data rates of 1, 2, 5.5, and 11 Mbps
and the newer OFDM data rates of 6, 9,12, 18, 24, 36, 48, and 54 Mbps.
Manufacturers of WLAN equipment implement this in various ways. In a
graphical user interface, there may be a drop-down menu that allows a user to
select a specific operation mode, such as mixed mode, b/g mode, b-only
mode, and so on. Another possibility is to select the individual data rates
using radio buttons. For manufacturers that provide a command-line
interface (CLI) option, the appropriate commands would need to be executed
in order to enable or disable the desired data rates. Figure 7.9 illustrates an
example of how manufacturers allow a user to select the ERP operation mode
on an access point.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.9 Selecting an operation mode on a dual-band IEEE
802.11a/b/g/n SOHO access point
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11n High Throughput
The IEEE 802.11n amendment was ratified in September 2009. This high
throughput (HT) Physical layer (PHY) technology is based on the OFDM
(PHY) in Clause 17 (802.11a) PHY. 802.11n HT allows extensibility of up to
four spatial streams, using a channel width of 20 MHz. Also, transmission
using one to four spatial streams is defined for operation in 20/40 MHz
channel width mode. This technology is capable of supporting data rates up to
600 Mbps using four spatial streams with a 20/40 MHz channel. IEEE
802.11n HT provides features that can support a throughput of 100 Mbps and
greater. Other optional features on both the transmit and receive sides
include but are not limited to the following:
HT No Protection (also known as greenfield mode)
Optional short guard interval (GI), 400 ns
Transmit beamforming (TxBF)
Space-time block coding (STBC)
The 802.11n amendment allows for operation in both the 2.4 GHz ISM and 5
GHz Unlicensed National Information Infrastructure (UNII) bands with
either 20 MHz– or 40 MHz–wide channels. Although 40 MHz–wide channels
are allowed in the 2.4 GHz ISM band, best practices recommend against it.
Using a 40 MHz channel in this band would only equate to a single channel
without any channel overlap.
It is important to understand the difference between data rate
and throughput. Data rates are what a station is capable of exchanging
information, whereas throughput is the rate at which the information is
actually moving. Data rate and throughput are compared in more detail in
Chapter 6, “Communication for Wireless Networking.”
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11a, 802.11g, 802.11n, and 802.11ac OFDM
Orthogonal frequency-division multiplexing (OFDM) is used by the IEEE
802.11a (OFDM), IEEE 802.11g Extended Rate Physical Orthogonal
Frequency-Division Multiplexing (ERP-OFDM), IEEE 802.11n High
Throughput (HT-OFDM), and IEEE 802.11ac Very High Throughput (VHT)
amendments to the IEEE 802.11 standard. OFDM allows for much higher
data rate transfers than DSSS and HR/DSSS, up to 54 Mbps for 802.11a and
802.11g, potentially up to 600 Mbps for 802.11n, and theoretically up to 6.933
Gbps for 802.11ac.
OFDM is a technology designed to transmit many signals simultaneously
over one transmission path in a shared medium and is used in wireless and
other transmission systems. Every signal travels within its own unique
frequency subcarrier (a separate signal carried on a main RF transmission).
IEEE 802.11a and 802.11g OFDM distribute computer data over 52
subcarriers equally spaced apart, and 4 of the 52 subcarriers do not carry data
and are used as pilot channels. IEEE 802.11n/ac allows for 56 subcarriers of
which 52 are usable for data with a 20 MHz–wide channel, and 114
subcarriers of which 108 are usable for data with a 40 MHz–wide channel.
Having many subcarriers allows for high data rates in WLAN IEEE 802.11a
and IEEE 802.11g devices. 802.11n/ac devices (HT-OFDM) may use a MIMO
technology known as spatial multiplexing (SM), which uses several radio
chains to transmit different pieces of the same information simultaneously,
greatly increasing throughput. In addition to high data rates, OFDM helps
provide resiliency to interference from other wireless devices.
IEEE 802.11a, 802.11g, 802.11n, and 802.11ac OFDM Channels
OFDM functions in either the 2.4 GHz ISM or the 5 GHz UNII bands. The
channel width is smaller than DSSS or HR/DSSS. The width of an OFDM
channel is only 20 MHz compared to 22 MHz for DSSS. Figure 7.10 shows a
representation of a 20 MHz–wide OFDM channel.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.10 OFDM transmit spectral mask for 20 MHz transmission
Like DSSS, when OFDM is used in the 2.4 GHz ISM band there are at most, in
the same physical area, only three non-overlapping adjacent channels for use.
This will limit the use of “bonded” channels (20/40 MHz–wide channels) in
IEEE 802.11n (HT-OFDM) deployments that are located in the same RF
physical area. In the 5 GHz UNII bands, the channel spacing is such that
there is no overlap. The frequency range used will determine how many
nonoverlapping channels are available for use. In the lower UNII band, 4 nonoverlapping channels are available. With the ratification of IEEE 802.11ac, the
middle UNII band now has a possible16 nonoverlapping channels available.
The upper UNII band now provides a possible 5 non-overlapping channels. All
UNII band channels are 20 MHz wide and separated by 20 MHz from the
center frequencies of each channel. Certain regulatory domains, including the
United States Federal Communication Commission (FCC) and the European
Telecommunications Standards Institute (ETSI), require the use of dynamic
frequency selection (DFS) support for wireless devices such as access points
that operate in the middle 5 GHz (5.250 GHz–5.725 GHz) UNII band. DFS
will allow an access point to change the RF channel it is operating on in order
to avoid interfering with certain type of radar systems. Table 7.2 shows the 25
available channels, center frequency, and channel number in the 5 GHz UNII
band. Also displayed is a single 5 GHz ISM channel that is available by some
regulatory agencies for use with wireless networking.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 7.2 5 GHz UNII band channels
Regulatory
Domain
Frequency Band
(GHz)
Frequency Center Channel
(GHz)
Number
4 channels
5.150–5.250
5.180
5.200
5.220
5.240
36
40
44
48
4 channels
5.250–5.350
5.260
5.280
5.300
5.320
52
56
60
64
12 channels
5.470–5.725
5.500
5.520
5.540
5.560
5.580
5.600
5.620
5.640
5.660
5.680
5.700
5.720
100
104
108
112
116
120
124
128
132
136
140
144
5 channels
5.725–5.825
5.745
5.765
5.785
5.805
5.825
149
153
157
161
165
||||||||||||||||||||
||||||||||||||||||||
Some regulatory agencies allow the use of the 5.725–5.850 GHz
band for wireless networking, including but not limited to the United
States, Europe, Singapore, and China. This frequency range is specified in
the IEEE 802.11-2016 standard for use with WLAN technology. The use of
this frequency range is regulated separately with some similarities to the
2.4 GHz ISM band and allows for the use of more devices such as
cordless telephones.
IEEE 802.11n/ac Multiple Input/Multiple Output Technology
Multiple input/multiple output (MIMO) is a technology used by IEEE
802.11n and 802.11ac devices. MIMO technology is capable of signaling rates
up to 600 Mbps for 802.11n devices and 6,933.3 Mbps (6.93 Gbps) for
802.11ac devices. MIMO provides users with a better overall experience for
data, voice, and video communications with throughput faster than 802.11
a/g, single input/single output (SISO) networks.
SISO is the most basic wireless antenna technology used in a WLAN system.
One antenna is used at the transmitter to transmit data, and one antenna is
used at the receiver to receive the data. Some SISO systems support a
technology known as diversity, which uses two antennas with a single radio.
Diversity technology will help to lessen the effects of multipath, which is
caused by reflections. Diversity and multipath are discussed in more detail in
Chapter 5, “Antenna Technology for Wireless Networking.” Coverage is more
predictable and consistent with MIMO networks because devices using this
technology are able to utilize reflected signals, which are a problem for
wireless networks using other WLAN technologies.
MIMO also allows 802.11n/ac networks better throughput than DSSS or
OFDM-based networks at the same distance. IEEE 802.11n MIMO-based
networks offer backward compatibility with 802.11a/b/g networks and
devices in both the 2.4 GHz ISM and the 5 GHz UNII bands, allowing for
deployments to continue using their existing hardware. IEEE 802.11ac
MIMO-based networks offer backward compatibility with 802.11a/n networks
and devices because 802.11ac technology is designed to operate only in the
5 GHz UNII band.
Some of the benefits of 802.11n/ac MIMO networks include throughput,
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
reliability, and predictability:
More throughput than SISO technology
Enhanced file transfer and download speeds for large files
More reliable performance than SISO technology
Lower latency for mobile communications
More predictable coverage compared to SISO technology
More consistent coverage and throughput for mobile applications
compared to SISO technology
Unlike IEEE 802.11b (HR/DSSS) and IEEE 802.11a/g (OFDM) access points,
MIMO access points use multiple radios with multiple antennas. The
multiple radio chains and some additional intelligence are what give
802.11n/ac MIMO access points the capability to process reflected signals.
Since 802.11n MIMO works with both the 2.4 GHz ISM and the 5 GHZ UNII
bands, a dual-band IEEE 802.11n MIMO access point will have up to eight
radio chains (four for 2.4 GHz and four for 5 GHz) and eight antennas (one
for each radio) for data rates of up to 600 Mbps. Keep in mind that 802.11n
MIMO technology is capable of up to four radio chains in a single band;
however, until the release of 802.11ac technology, no enterprise equipment
manufacturer produced such a device. Dual-band 802.11n/ac devices may
provide 4×4:4 technologies in the 2.4 GHz ISM band. 802.11ac devices are
capable of up to eight radio chains in the 5 GHz band, but current devices
support up to four radio chains. Figure 7.11 shows that MIMO uses multiple
radio chains and multiple antennas to transmit and receive data.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.11 MIMO hardware uses separate radio chains for each band and
one antenna for each radio.
802.11n/ac systems use MIMO technology. They have more receivers and are
much more sensitive than the average 802.11a or 802.11g radio. The following
techniques are what allow for better performance and much higher data rates
up to 450 Mbps with 3×3:3 IEEE 802.11n MIMO and up to 600 Mbps with
4×4:4 IEEE 802.11ac MIMO:
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Maximal ratio combining (MRC)
Transmit beamforming (TxBF)
Spatial multiplexing (SM)
Multi-user MIMO (MU-MIMO)
802.11a/b/g networks are known as single input/single output (SISO)
systems, which means that performance can degrade as a result of multipath,
poor reception because of obstacles, and RF interference sources. 802.11n/ac
MIMO networks can take advantage of multipath to help increase throughput
at a given range, providing much higher throughput at the same range.
IEEE 802.11n/ac MIMO Channels
IEEE 802.11n MIMO networks can operate in both the 2.4 GHz ISM and 5
GHz UNII bands and are capable of either 20 or 20/40 MHz–wide channels.
Even while 802.11n MIMO networks are operating in 20/40 MHz channel
width mode, many frames such as beacon management frames are still
transmitted with a 20 MHz channel width. The 20 and 20/40 MHz channel
widths are defined by the IEEE for the transmission of OFDM modulated
data. As you would expect, wider channels mean more data can be
transmitted over the RF medium simultaneously. Therefore, wider channels
allow higher data throughput. Think of this like cars traveling on a two-lane
or a four-lane highway. A 20 MHz–wide channel can be looked at as the twolane highway, and a 40 MHz–wide channel as the four-lane highway. More
cars can pass through four lanes in the same amount of time than can pass
through two lanes. Figure 7.12 illustrates this point.
FIGURE 7.12 More lanes, more cars—wider channels, more data
The 20 MHz or 20/40 MHz channels can be used in either the 2.4 GHz or 5
GHz frequency ranges. Because of the limited amount of frequency space in
the 2.4 GHz ISM band, there is only one 20/40 MHz–wide channel without
||||||||||||||||||||
||||||||||||||||||||
any adjacent-channel overlap. Figure 7.13 shows a 40 MHz–wide channel as
specified in the 802.11 standard.
Although most enterprise-grade access points support bonded
(20/40 MHz–wide) channels, there are still some wireless client devices,
both new and legacy, that do not support this technology. To achieve the
higher data rates that IEEE 802.11n offers, both the client and the access
point must support the newer technologies. If the wireless client device
does not support the bonded channels, the access point will be able to
adapt, allowing for coexistence.
FIGURE 7.13 OFDM transmit spectral mask for 40 MHz transmission
In addition to the 20 MHz or 20/40 MHz channel widths that are available
with 802.11n MIMO, 802.11ac allows for additional channel widths, 80 MHz–
and 160 MHz–wide channels in the 5 GHZ UNII band. Although using wider
channels will allow for much higher data rates and throughput, the use of
such channels should be carefully considered. Using wider channels will
lessen the number of available non-overlapping channels and will limit the
types of networks that will be able to utilize the wider channel plan
deployments. In many cases, higher-density deployment scenarios such as
stadium venues will benefit from more channels with smaller 20 MHz
channel widths. Home and small office deployments may benefit from using
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
the wider 80 MHz or 160 MHz channel widths.
Co-location of IEEE 802.11b HR/DSSS and IEEE 802.11a/g/n
OFDM Systems
Now we will look at the co-location of different 802.11a/b/g/n/ac devices.
One thing to understand is that many consider 802.11b systems to be legacy
devices that are on the verge of becoming obsolete. However, this may not be
the case in all installations. Mostly because of legacy hardware and depending
on the type of WLAN installation (typically public guest networks and the
retail environment), support for 802.11b networks may still be required.
Additionally, the latest revision of the 802.11 standard (IEEE 802.11-2016)
still addresses this technology, and therefore it is important to understand the
implications of co-location of 802.11b devices.
All IEEE-based WLANs can be co-located—that is, they can function in the
same RF space. The technologies that the devices use determine how well
they work together. Both HR/DSSS (802.11b) and ERP-OFDM (802.11g/n)
networks operate in the 2.4 GHz frequency range ISM band. 802.11gcompliant devices are backward compatible with 802.11b-compliant devices.
However, this backward compatibility comes at a price: reduced data
throughput. Because of protection mechanisms, ERP-OFDM devices used in
802.11g/n will suffer in performance when an HR/DSSS device is in the same
radio or hearing range of the ERP-OFDM device.
HR/DSSS and ERP-OFDM systems have many common features:
Both operate in the 2.4 GHz ISM band.
Both have three nonoverlapping channels.
Both are subject to interference from other devices operating in the same
frequency range.
HR/DSSS and ERP-OFDM (802.11b-compliant and 802.11g/n-compliant)
devices are backward compatible. ERP-OFDM is rated at 6, 9, 12, 18, 24, 36,
48, and 54 Mbps. Actual throughput in an environment relatively free of
interference will be about 15 to 24 Mbps. If a DSSS or HR/DSSS device is
introduced in the radio range of the ERP-OFDM device, the throughput will
decrease significantly because of protection mechanisms. How much of an
impact this makes depends on many factors in the environment. Typically,
the decrease in throughput is about 25 percent to 30 percent. It is important
||||||||||||||||||||
||||||||||||||||||||
to understand that this is not just limited to a single wireless access point or
the basic service area. If an 802.11g/n access point can “hear” another
802.11g/n access point on the same RF channel that is in ERP protection
mode, then that access point will also enter a protection mode state. This is
known as what some call the ripple effect. The same holds true for access
points that support 802.11n technology in the 2.4 GHz ISM band. With the
higher data rates of potentially up to 600 Mbps using a 4×4:4 MIMO system,
any 802.11b device introduced into the basic service set will have an adverse
effect on the amount of data throughput for the 802.11n network.
Just as co-location of 802.11b/g/n EPR-OFDM systems needs to be taken into
consideration, the same holds true with 802.11a/n/ac OFDM systems. The
real difference is the frequency band that 802.11a/n/ac systems operate in.
IEEE 802.11 devices operate in the 5 GHz UNII band. The IEEE 802.11n High
Throughput (HT) amendment to the standard addresses different protection
mechanisms. This is because 802.11n devices can operate in both the 2.4 GHz
ISM and 5 GHZ UNII bands. Therefore, an 802.11n/ac access point will need
to allow 802.11a/n devices to utilize the network along with 802.11ac devices,
both types in the 5 GHz UNII band.
802.11a OFDM, 802.11n HT-OFDM, and 802.11ac VHT systems have several
common features:
All operate in the 5 GHz UNII band.
They have up to 25 nonoverlapping channels (depending on the regulatory
agency and whether 802.11ac is supported).
All are subject to interference from other devices operating in the same
frequency range.
802.11n HT networks offer various protection mechanisms to ensure
interoperability and co-location.
OFDM, HT-OFDM, and VHT (802.11n/ac-compliant and 802.11a-compliant)
devices are backward compatible. OFDM is rated at 6, 9, 12, 18, 24, 36, 48, and
54 Mbps. Actual throughput in an environment relatively free of interference
may be a little higher than an 802.11g/n environment, about 18 to 26 Mbps.
Networks that operate in the 5 GHz UNII band are not subject to co-location
issues with DSSS or HR/DSSS, because they operate in different frequency
ranges. The 802.11n amendment introduced a new concept called the
modulation and coding scheme (MCS). This is a different way to represent
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
the data rates that are available with 802.11n technology. Previously, the
IEEE 802.11 standard and amendments specified data rates as individual
values—1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps in IEEE 802.11b technology,
for example. The IEEE 802.11n amendment to the standard refers to this as
the modulation and coding scheme (MCS). This is because depending on the
technology enabled or used, a single MCS may support multiple data rates.
For example, an MCS Index 7 will support either 65.0 Mbps or 72.2 Mbps,
depending on whether short guard interval is enabled. The same is true with
802.11 ac devices.
802.11n devices have a maximum data rate or MCS of up to 600 Mbps. Just as
devices that operate in the 2.4 GHz ISM band must be able to coexist, devices
that operate in the 5 GHz band must be able to coexist as well. Co-location of
802.11a/n/ac devices is possible through the use of additional protection
mechanisms. (ERP and HT protection mechanisms will be discussed in more
detail in Chapter 6.) Figure 7.14 illustrates co-location of various 802.11
technologies.
FIGURE 7.14 Co-location of various IEEE 802.11 devices/technologies
Adjacent-Channel and Co-channel Interference
Adjacent-channel and co-channel interference (two or more RF signals
interacting with each other and causing a degradation of performance) are
||||||||||||||||||||
||||||||||||||||||||
concerns in the design, development, and deployment of IEEE 802.11-based
wireless networks. This is because the wireless devices are contending to use
the medium rather than just being seen as RF noise to each other. These
types of interference will have an impact on the amount of actual throughput
between devices over a wireless network. The definition of adjacent-channel
interference is when two or more access point radios are providing RF
coverage to the same physical area using overlapping frequencies, such as
Channel 1 and Channel 3. Co-channel interference is when two or more
independently coordinated access point radios are providing RF coverage to
the same physical area using the same 802.11 channel, such as Channel 1 and
Channel 1. The 2.4 GHz ISM band has only three nonoverlapping channels.
Careful channel planning is required when designing or implementing a
wireless network. This type of planning will minimize issues such as poor
throughput as a result of adjacent-channel and co-channel interference.
Channel planning involves designing wireless networks so that overlapping
RF cells are on different (nonoverlapping) channels—for example, channels 1,
6, and 11 in the 2.4 GHz ISM band. This will help optimize performance and
minimize degradation of throughput because of adjacent-channel and cochannel interference.
With the advancements in 802.11 technologies, channel planning is more
“automated” by the use of spectrum management technology and the IEEE
802.11 standard. It is still important, however, to understand the concept of
channel planning. RF energy propagates in several directions simultaneously.
A well-designed wireless network will account for a three-dimensional
propagation. In other words, in a three-story building, the RF from an access
point on the second floor building may pass through to the first and third
floors; therefore, interference could be an issue if the network is not planned
properly. Figure 7.15 illustrates overlapping channel interference with two
access points in the 2.4 GHz ISM band.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 7.15 Two access points on overlapping channels as seen in
MetaGeek’s Chanalyzer. The “Data” access point is on channel 1, and the
“Guest” access point is on channel 3 in the 2.4 GHz ISM band.
WLAN/WPAN Coexistence
Wireless personal networks (WPANs) typically consist of portable devices
such as personal digital assistants (PDAs), cell phones, headsets, computer
keyboards, mice, and now tablet devices. In Chapter 4, you saw how the
performance of IEEE 802.11 WLANs can be affected when co-located with
WPAN devices. The IEEE 802.15 standard addresses WPANs and includes
Bluetooth and Zigbee networks. Bluetooth is one of the most popular WPAN
network technologies and operates in the 2.4 GHz ISM band using FHSS
technology.
Early Bluetooth devices could cause significant interference while operating
in close proximity to IEEE 802.11 WLANs. Bluetooth was designed to hop at a
||||||||||||||||||||
||||||||||||||||||||
rate of 1,600 times per second across the entire 2.4 GHz band, potentially
causing significant interference with 802.11 wireless networks. Bluetoothcapable devices now use adaptive frequency hopping (AFH) and thus are less
likely to interfere with IEEE 802.11 wireless networks, even though they still
operate in the 2.4 GHz ISM band. Devices that use AFH will try to avoid using
the same frequencies, decreasing the chance of interference. Since these
devices operate at low power, most WPANs communicate in small, closerange, peer-to-peer networks.
Taking Adjacent-Channel and Co-Channel Interference
into Consideration When Planning a New Wireless Network
As a wireless network engineer, you are tasked with deploying a new
wireless network in a multitenant building. The area to be covered is
approximately 50,000 square feet.
Your first task, prior to the procurement and deployment of the wireless
network, should be to perform a spectrum analysis and site survey. This
will help determine the best frequency and channels to be used in the
new deployment.
A survey reveals that tenants on the floors above and below where the
new deployment is to be installed are also using IEEE 802.11b/g/n
networks, with many access points on channels across the entire 2.4 GHz
ISM band. A situation such as this may make the deployment difficult.
There is an increased possibility of adjacent-channel and co-channel
interference.
Upon further evaluation, it is determined that the lower band of the 5
GHz UNII band is not being utilized to any large extent. Since this is a
new deployment, you have the opportunity to purchase equipment that
will utilize the 5 GHz UNII band as well as the 2.4 GHz ISM band. The
following are some of the questions that need to be evaluated:
Are any devices limited to 802.11b/g/n capability only?
Does the network require backward compatibility to 802.11b/g/n?
Does the network need to support guest access?
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
What impact would a network using only 5 GHz 802.11a/n/ac have on
the business?
Is it possible to utilize both frequency bands in this deployment to
maximize throughput while limiting interference? Is a single channel
architecture (SCA) technology system that will allow for backward
compatibility to existing wireless client devices a possible solution?
These are just some questions that need to be considered prior to making
any final decisions on the network to be installed and the equipment to be
purchased.
||||||||||||||||||||
||||||||||||||||||||
Summary
In this chapter, we looked at access methods used to get data from one device
to another when multiple users share the medium. These access methods
consist of collision avoidance and collision detection:
CSMA/CD—Carrier Sense Multiple Access/Collision Detection
CSMA/CA—Carrier Sense Multiple Access/Collision Avoidance
WLANs have no way of detecting collisions, so they must use collision
avoidance (CSMA/CA). WLANs use half-duplex communication, which limits
the communication for a data transfer.
This chapter also looked at the spread-spectrum and Physical layer (PHY)
technologies used with WLANs and the differences among them. The IEEE
standard and various amendments use different spread-spectrum and PHY
technologies and unlicensed radio spectrum allowing for data rates up to
6,933.3 Mbps. These Physical layer (PHY) technologies include:
DSSS—For data rates of 1 and 2 Mbps
HR/DSSS—For data rates of 5.5 and 11 Mbps
OFDM—For data rates up to 54 Mbps
HT-OFDM—For data rates of up to 600 Mbps
VHT-OFDM—For a theoretical maximum of up to 6,933.3 Mbps
Even though FHSS is now an obsolete technology for WLANs, it is still
important to understand some of the basics of this technology since it is still
in use today in many industries in various types of wireless technologies,
including IEEE 802.15 personal area networking (PAN), Bluetooth, and
cordless telephones.
We looked at the different channel sets used with 802.11 wireless networks
and some of the co-location considerations.
Some of the Physical layer technologies discussed in this chapter are more
susceptible to interference than others. This can make installations in some
industries challenging. We also looked at co-location of HR/DSSS and ERPOFDM systems and some of the challenges it can pose. Finally, this chapter
discussed the coexistence of WPANs and WLANs and the various devices and
technology that can cause interference when working in the same RF space.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Exam Essentials
Know the frequencies and channels HR/DSSS and OFDM use.
Understand that HR/DSSS operates in the 2.4 GHz ISM band and can use 14
channels depending on the country/location used. Know that ERP-OFDM is
used for the 2.4 GHz band; OFDM is used for the 5 GHz band; and HT-OFDM
is used in either band. Know the four UNII bands OFDM uses for the 802.11a
and 802.11n amendments. Understand that MIMO systems may use HTOFDM and can operate in either the 2.4 GHz ISM band or the 5 GHz UNII
band.
Understand the difference between CSMA/CD and CSMA/CA. Know
the differences between access methods and that they can either detect or
attempt to avoid collisions. Also understand that IEEE 802.11 wireless
networks use distributed coordination function (DCF) mode as a contention
method to send data.
Know the differences among various Physical layer wireless
technologies, such as DSSS, HR/DSSS, OFDM, ERP-OFDM, and
MIMO. The uses of Physical layer technologies vary depending on RF,
applications, and desired data rates. Understand the standard or amendment
each Physical layer technology uses as well as advantages and disadvantages
of each, including co-location and interference.
Understand that co-location of WPAN and WLAN devices may
cause interference and affect performance. WPAN and WLAN devices
might be co-located in the same RF space. Know the potential impact of colocation on performance and other factors. Some WPAN and WLAN devices
use the same frequency and spread-spectrum technology. Understand that
this can cause interference.
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Review Questions
1. IEEE 802.11a/b/g/n/ac devices use what type of communication?
A. Half-diplex
B. Full-diplex
C. Half-duplex
D. Full-duplex
2. HR/DSSS devices operate in which frequency range?
A. 2.400 GHz ISM
B. 5.250 GHz UNII
C. 5.350 GHz UNII
D. 5.750 GHz UNII
E. 5.725 GHz ISM
3. How many access points can be co-located without channel reuse in the
same RF area to maximize total system throughput while minimizing RF
interference in an IEEE 802.11g/n network?
A. Two
B. Three
C. Four
D. Six
4. Devices compliant with which two amendments to the IEEE standard use
multiple radio chains and multiple antennas? (Choose two.)
A. 802.11a
B. 802.11b
C. 802.11g
D. 802.11n
E. 802.11/ac
5. What technology is used to send WLAN data over a wireless medium
using many subcarrier frequencies?
||||||||||||||||||||
||||||||||||||||||||
A. Wireless broadband
B. Narrowband
C. Spread-spectrum
D. Spectral masking
E. Wideband
6. Which two channels could be used so that the access points do not
interfere with each other in an 802.11g/n wireless network? (Choose
three.)
A. Channel 1 and channel 5
B. Channel 3 and channel 9
C. Channel 6 and channel 11
D. Channel 2 and channel 8
E. Channel 4 and channel 7
7. Which network access method attempts to avoid collisions?
A. CSMA/CA
B. CSMA/CD
C. CSMA/CR
D. CSMA/DSSS
8. DSSS uses which spreading code at 1 Mbps?
A. Barker
B. CCK
C. DBPSK
D. DQPSK
9. FM radio stations use what type of RF communication?
A. High power, narrow bandwidth
B. High power, wide bandwidth
C. Low power, narrow bandwidth
D. Low power, wide bandwidth
Technet24.ir
||||||||||||||||||||
10. An HR/DSSS channel is how wide?
A. 1 MHz
B. 5 MHz
C. 20 MHz
D. 22 MHz
E. 40 MHz
11. Bluetooth devices use ___________, which can potentially cause
interference with WLANs.
A. Bluetooth spread spectrum (BTSS)
B. Orthogonal frequency division multiplexing (OFDM)
C. Direct-sequence spread spectrum (DSSS)
D. Frequency-hopping spread spectrum (FHSS)
12. OFDM that is used with 802.11a and 802.11g stations (STA) supports a
maximum data rate of ___________Mbps.
A. 11
B. 22
C. 33
D. 54
13. Which WLAN technology can be used to obtain the highest data transfer
rate possible?
A. DSSS
B. Ethernet
C. HT-OFDM
D. OFDM
14. Which frequency ranges are used in an IEEE 802.11a-compliant WLAN?
(Choose two.)
||||||||||||||||||||
A. 900 MHz ISM range
B. 2.40 GHz ISM range
||||||||||||||||||||
C. 5.25 GHz UNII range
D. 5.35 GHz UNII range
15. Stations (STA) operating in which two IEEE 802.11 amendments are
interoperable?
A. 802.11 and 802.11a
B. 802.11a and 802.11b
C. 802.11a and 802.11g
D. 802.11b and 802.11g
16. Without any regulatory domain taken into consideration, the 2.4 GHz
frequency range allows for how many channels using 802.11b/g/n?
A. 3
B. 6
C. 11
D. 14
17. OFDM uses which communication channel width to exchange data?
A. 1 MHz–wide channel
B. 20 MHz–wide channel
C. 22 MHz–wide channel
D. 80 MHz–wide channel
18. What is the maximum data rate of HR/DSSS 802.11b devices?
A. 5.5 Mbps
B. 11 Mbps
C. 24 Mbps
D. 54 Mbps
19. Which IEEE 802.11 PHY technology specifies an 80 MHz–wide channel
for transmitting and receiving data?
||||||||||||||||||||
A. DSSS
B. OFDM
Technet24.ir
||||||||||||||||||||
C. VHT-OFDM
D. ERP-OFDM
20. Which WLAN technology in wireless networking uses the effects of
multipath to provide data rates of 600 Mbps in the 2.4 GHz ISM band?
||||||||||||||||||||
A. OFDM
B. HR/DSSS
C. HT/DSSS
D. MIMO
||||||||||||||||||||
||||||||||||||||||||
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Chapter 8
Security Fundamentals for Wireless Networking
THE FOLLOWING CWTS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
6.1 Identify and describe legacy WLAN security technologies
6.2 Understand the basic operation of and implementation best
practices for WLAN security technologies
6.3 Understand the basic functions and implementation best
practices for WLAN security technologies
THE FOLLOWING CWS EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.5 Explain the basic differences between WPA and WPA2
security
3.1 Identify AP features and capabilities
4.8 Match organizational goals to WLAN features and
functions
THE FOLLOWING CWT EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
2.3 Describe the basic steps required in the WLAN connection
process
4.1 Understand the basics of 802.11 standard security solutions
4.2 Identify legacy security technologies that should not be
used
4.3 Configure security parameters in an AP
4.4 Configure security parameters in a client device
Security in many ways means defining your level of
||||||||||||||||||||
||||||||||||||||||||
acceptable risk and protecting yourself to at least that level. This can vary
greatly based on industry, budget, and the types and ages of devices
supported. Security is a very important part of wireless networking, just as it
is in any other type of computer networking or information technology. When
the IEEE 802.11 standard was first ratified back in 1997, it addressed a basic
security concept called Wired Equivalent Privacy (WEP). However, this
security solution was considered weak and was easily compromised early on.
In this chapter, we will look at some of what are considered legacy wireless
LAN (WLAN) security technologies used with standards-based wireless
networking, including the following:
Service set identifier (SSID) hiding
Media access control (MAC) address filtering
Wired Equivalent Privacy (WEP)
We will also take a look at some of the vulnerabilities of these legacy
technologies and why they should not be used for securing a WLAN. You will
learn about some of the newer security methods available based on the IEEE
802.11i amendment and included in the IEEE 802.11-2016 standard. These
security methods are also part of the Wi-Fi Alliance certifications, WPA and
WPA 2.0. We will explore small office/home office (SOHO) security solutions
and enterprise-level security solutions. These include the following:
Preshared key/passphrase
User-based authentication
IEEE 802.1X/EAP
Remote Access Dial-In User Service (RADIUS)
Authentication, authorization, and accounting (AAA)
In Chapter 2, “Wireless Local Area Networking, Standards, and
Certifications,” we discussed some of the certifications available from the WiFi Alliance that pertain to WLAN security. This chapter will explore further
some of the concepts of passphrase, preshared key, and 802.1X/EAP. Also
explained will be encryption methods such as Temporal Key Integrity
Protocol (TKIP) and Cipher-Block Chaining Message Authentication Code
Protocol (CCMP), which are ways to scramble computer data and are used
with WLANs. One thing that is often overlooked is security from a remote
location, such as a wireless hotspot. In this chapter, you will learn about
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
virtual private networking (VPN) solutions and how they can be used to
secure wireless connections for users connecting to the corporate network
from a remote wireless network. Wireless intrusion prevention systems
(WIPS) are also part of the technology used in today’s WLAN world. If a
WIPS is implemented correctly, it can provide a wealth of information as well
as protection for your network infrastructure and wireless devices. Finally, we
will look at basic functions and implementation best practices for role-based
access control (RBAC), captive portals, and network management and
monitoring systems.
||||||||||||||||||||
||||||||||||||||||||
Introducing IEEE 802.11 Wireless LAN Security
The importance of computer network security is often underestimated, and
WLAN security is no different. “I don’t understand why I need to secure my
access point.” “I don’t have anything on my computer that would be of
interest to anyone else.” “I tried to enable security on my wireless but
couldn’t get it to work, so I just turned it off.” These are some of the common
excuses many technical support engineers or consultants heard from people
when it came to wireless security. In the early days of IEEE 802.11 wireless
networking, security was weak. This led to much vulnerability, which in turn
made wireless networking not a very attractive solution for many enterprise
deployments, especially those concerned about security.
With the improvements in standards-based WLAN security, partly thanks to
the Wi-Fi Alliance certifications as well as the IEEE 802.11i amendment to
the standard, WLANs have become a major part of many enterprise networks
in all industries and businesses. Because wireless networks are inherently
unbounded, it is possible to have more security protecting wireless
communication than what is used to secure most wired LANs. This is the case
in many WLAN implementations.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Wireless LAN Threats and Intrusion
Computer networks have always been the target of various types of intrusion
techniques. Wireless networks are no different—in fact, wireless networks are
more vulnerable to intrusion because the communication is not bounded by
any physical media, such as an Ethernet cable. This key vulnerability in
wireless networking is the use of the air, a shared unbounded medium. The
level of security applied to a wireless network will depend on the following
factors:
What are you trying to protect?
What are you trying to prevent?
There are many security concerns related to wireless networking. Some of
these concerns arise because WLANs use radio frequency (RF) for
communication and the open air as the medium. Others are a threat to either
wired or wireless networks. The following list identifies some of these
concerns and threats:
Eavesdropping
RF denial-of-service (DoS) attacks
Media access control (MAC) address spoofing
Hijacking
Man-in-the-middle attacks
Peer-to-peer attacks
Encryption cracking
Although many of these threats or methods of intrusion are common,
advanced security solutions such as wireless intrusion prevention systems
(WIPS) are available to help discover and mitigate some of them. Figure 8.1
illustrates some of the vulnerabilities with wireless networking.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.1 WLANs are subject to many potential security threats.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Locking the Door of Your Automobile
Let’s take a quick look at an analogy that may make network security
easier to understand. You need to run some errands on a Saturday
afternoon and decide to go to the market to pick up some supplies. When
you arrive at your destination, you leave your automobile but do not lock
the door. Who could potentially enter your vehicle? The answer is
anybody who attempts to open the door. Locking the door of your vehicle
will prevent the casual intruder from being able to enter through the
door. Therefore, the lock on your door is one layer of security that could
be used to prevent a potential intruder from entering your vehicle.
So, with the door locked, now who could potentially get into your vehicle?
The answer is two different individuals: first, you (because you have the
key to the door); second, a potential intruder who could compromise the
lock on the door. As you can see, locking the door provides a layer of
security and will prevent the casual intruder from entering your vehicle,
but it will not prevent a determined intruder.
Now let’s add a second layer of security. In addition to locking the door
you set an alarm on your vehicle. You now have two layers of security: the
door lock and the alarm. For an intruder to gain access to your vehicle,
they would now need to have the knowledge and the ability to overcome
two layers of security. First, they would need the ability to compromise
the lock on the door, and then they would need the knowledge to disable
the alarm, both without being noticed. The number of potential intruders
has decreased significantly, from those who can just open the unlocked
door to those who have the knowledge to not only compromise the door
lock but also disable the alarm.
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 Standard Security
Even though WLAN security has greatly increased over the years, it is
important to understand the original IEEE 802.11 standard as it relates to
WLAN security. It is important to be aware of some of the basics or building
blocks prior to getting into more sophisticated areas of security. From a
security viewpoint, the original standard addressed two areas of security:
authentication and data privacy. Both of these are common components of
computer network security. In computer networking, authentication is
defined as a way of confirming an identity; basically, it determines that you
are who you say you are. Data privacy is ensuring that information or data is
understandable only by the individuals or groups it is intended for, the sender
and the intended receiver.
One way many people may think of authentication is to supply a username
and password in order to log onto a computer. Another would be to supply the
appropriate logon before performing an activity like Internet banking. To
review from Chapter 6, “Communication for Wireless Networking,” the
original IEEE 802.11 standard addresses two types of authentication: IEEE
802.11 open system authentication and IEEE 802.11 shared-key
authentication. IEEE 802.11 authentication is performed by the WLAN
protocol and, except for IEEE 802.11 shared-key authentication, does not
require user intervention. It is important not to confuse IEEE 802.11 sharedkey authentication with preshared-key authentication, as defined in the IEEE
802.11i amendment to the standard.
IEEE 802.11 Open System Authentication
To review from Chapter 6, open system authentication is a two-step process, a
two-frame exchange, and is one of the simplest ways to provide an
authentication process. IEEE 802.11 open system authentication cannot fail
except for circumstances such as a network adapter having a bad device
driver. This authentication is what is known as a null authentication, which
for the most part means it doesn’t really authenticate anything at all. For
example, if a wireless client device such as a notebook computer wants to join
the wireless network, it will “ask” the access point if it can authenticate, and
the access point will always accept.
IEEE 802.11 Shared-Key Authentication
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Also discussed in Chapter 6, IEEE 802.11 shared-key authentication is a fourstep process, not to be confused with IEEE 802.11i, WPA, or WPA2 personal
mode, which uses a 256-bit preshared key for authentication. The main
difference between IEEE 802.11 open system and IEEE 802.11 shared-key
authentication is that with shared-key authentication, WEP is required in
order for it to function correctly. This is because IEEE 802.11 shared-key
authentication uses WEP for both 802.11 authentication and for data payload
encryption. But WEP is not secure, so it makes shared-key authentication
weak and vulnerable to intrusion. WEP was intended only to protect wireless
network users against casual eavesdropping and for authentication that is
used with shared key.
||||||||||||||||||||
||||||||||||||||||||
Early Wireless LAN Security Methods
Because of the way security was defined in the original IEEE 802.11 standard,
manufacturers of WLAN equipment were able to design different ways a user
could secure a WLAN. But even though these methods looked good on paper,
they did not do much to provide a good security solution. This section
discusses the following common WLAN security methods and legacy security
solutions:
Service set identifier (SSID) hiding (closed network)
Media access control (MAC) address filtering
Wired Equivalent Privacy (WEP)
If some of these are considered legacy WLAN security methods, why is it
important to discuss them? You need to understand these solutions because
there are still some wireless network implementations that may use some or
all of them as part of a wireless security solution. Because standards-based
WLAN technology has been around for two decades, many early adopters had
no choice but to use these security techniques. Over the years, WLAN security
has improved tremendously; however, it is a fact that some of these early
adopters still have legacy wireless devices that will not support the latest and
greatest security technology, such as WPA2. Therefore, these solutions may
still currently play a role in the wireless network infrastructure.
The Service Set Identifier
As you’ll recall from Chapter 6, the service set identifier (SSID) is a logical
name for the wireless network and was designed to be used for wireless
device segmentation. The SSID allows WLAN-capable devices to identify and
connect to a WLAN using the discovery phase, which includes the passive and
active scanning processes. There are a couple of ways this connection can be
accomplished. Passive scanning occurs when the wireless client device listens
for beacons frames. The SSID is specified in a beacon frame in the SSID
information element. As discussed in Chapter 6, the beacon frame is an
advertisement of the wireless network. The beacon frame by default is set to
broadcast at about 10 times a second. The beacon frame will advertise the
SSID of the wireless network during this interval.
You can specify that the SSID of the WLAN be joined in the wireless client
software utility of the connecting wireless device. In this case, a wireless
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
client will send a probe request frame with the intent of joining that
particular network. The IEEE 802.11 standard requires access points to
respond to all probe requests that have a matching SSID or what is known as
a wildcard SSID (an SSID with a value of 0), also referred to as a null SSID. A
wildcard SSID is used when a client device does not specify the SSID in the
wireless client software utility. If a wireless client device is scanning or
looking for a wireless network to join, it will see the wireless network because
the beacon frame is broadcasting the SSID. Most manufacturers of SOHO and
enterprise access points provide the option not to broadcast the SSID in
beacon frames. This is commonly known as disabling the SSID broadcast,
SSID hiding, or a closed network, and is discussed in the next section.
SSID Hiding
Manufacturers of IEEE 802.11 WLAN equipment provide the capability to
disable SSID broadcasting, as shown in Figure 8.2. Another term for this
process is SSID hiding. SSID hiding allows a user to remove the SSID that
would normally appear in broadcast beacon frames. If the SSID is not being
broadcast, the wireless network will not be seen by the wireless client devices
that do not have that wireless network’s SSID specified in their client
software utility. If somebody knows the SSID, they would be able to enter it
into their wireless client device software and then be able to connect to the
wireless network.
In the early days of wireless networking, people would hide the SSID,
believing that would secure the network because it was not visible to devices
passively scanning for a network to join. This was a misconception, because
even though the SSID is not being broadcast in these beacon frames, it can
still be identified in other wireless frames, such as the probe request frames,
probe response frames, association request frames, and re-association
request frames. This means that anyone with a wireless scanning utility, such
as a packet analyzer, would be able to determine the SSID of a wireless
network by monitoring the frames that are sent through the air. Therefore,
hiding the SSID should not be used as a way to secure a wireless network.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.2 A WLAN controller allowing you to disable SSID broadcast
Hiding the SSID is sometimes used to prevent the wireless network from
being seen by those who should not be connecting to it. Many organizations
will hide the SSIDs of all the wireless networks except for the open guest
network. This is sometimes done to help reduce unnecessary technical
support calls from someone who may try to connect to a WLAN that they do
not have access to. However, this method is not intended to secure the
wireless network.
The Media Access Control Address
To review, the media access control (MAC) address is a unique hardware
identifier of a computer network device. This 6-byte address is the Layer 2
address that allows frames to be sent to and received from a device. Figure 8.3
shows the MAC address of a wireless network adapter viewed with
ipconfig.exe. An important point here is that the MAC address is unique, and
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
no two network devices should ever have the same Layer 2 MAC address. In a
wireless network, MAC addresses are easily visible to anyone using a wireless
packet analyzer or wireless network scanning software utility. These
addresses are required for a network device to send and receive information;
therefore, they cannot be encrypted and are visible to anyone with the
knowledge to view them.
FIGURE 8.3 The Windows command-line utility ipconfig.exe will display
MAC addresses.
||||||||||||||||||||
||||||||||||||||||||
MAC Address Filtering
Since IEEE 802.11 WLAN device technology operates at the lowest two layers
of the OSI model, the Physical layer and the Data Link layer, the MAC address
plays a big role in wireless networking. Manufacturers of WLAN equipment
provide a feature known as MAC address filtering. Its purpose is to either
allow or disallow access to the wireless network by restricting which MAC
addresses can IEEE 802.11 authenticate and associate to a wireless network.
Figure 8.4 is an example of how to apply a MAC address filter on an access
point.
FIGURE 8.4 A MAC address filter table on a SOHO access point
This looks great on paper but is a weak security feature, because it can be
easily compromised. Remember, wireless networks use the air as their access
medium to communicate, and RF is what exchanges the information between
devices. So if someone were to monitor the air with a tool such as a wireless
packet analyzer or wireless scanning utility software program, they would be
able to see all the wireless traffic within hearing range of their wireless
device. Because WLAN devices communicate with each other using MAC
addressing, all of these addresses would be visible to whoever wants to see
them.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
MAC Address Spoofing
Because MAC addresses are visible to anyone who wants to take the time to
see them by using the correct software utility, they create a potential problem
for those who implemented MAC address filtering. An intruder can easily
perform a task called MAC address spoofing. This involves tricking the
wireless device into thinking its unique MAC address is something other than
what is encoded in the actual network card.
There are several ways for an intruder to accomplish MAC address spoofing.
It can be done with software programs, such as SMAC, or within the
computer operating system—for example, in the Microsoft Windows Registry.
All options and configuration settings in the Windows operating system are
stored in this hierarchical database known as the Windows Registry. If
someone wanted to spoof the MAC address of a wireless network adapter
using this database, they might (depending on the adapter) be able to enter a
new MAC address value in the device driver’s configuration, which would
then be stored in the Windows Registry. Another option is to change the
Windows Registry value directly using the Registry Editor tool built into
Windows. This would be considered a modifiable MAC address. MAC
addresses may also be stored in a configuration file, and in nonvolatile
memory. Keep in mind that changing the MAC address in the Registry or in a
configuration file changes only the software reference that the operating
system sees and uses. It does not change what is known as the burned-in
address (BIA) or the hard-coded address, which is unmodifiable.
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 Authentication and Data Encryption
Authentication is defined as validating an identity. Authentication also gives
the capability to control access to a system. In the original IEEE 802.11
standard, this is accomplished by using either IEEE 802.11 open system or
shared-key authentication. Since open system authentication is a null
authentication method and, except for special circumstances, cannot fail, the
wireless device will always authenticate. IEEE 802.11 shared-key
authentication, on the other hand, uses WEP for wireless device
authentication as well as for data payload encryption. Encryption is the
process of modifying information from its original form to make it
unreadable except by those who know the technique or the method in which
the data was modified. In the original IEEE 802.11 standard, data encryption
was accomplished by using WEP. In order for a device to pass information
across an access point, it must first IEEE 802.11 authenticate and then
associate.
About Wired Equivalent Privacy
From a security perspective, one major drawback to any wireless network is
the fact that all information, including data payload, travels through the air
from one device to another. This makes WLANs vulnerable to eavesdropping
and inherently less secure than bounded networking using other networking
technology, such as Ethernet. With IEEE 802.11 open system authentication,
all information is broadcast through the air in plain text after a connection to
the wireless access point is created. This means that anyone with knowledge
of how to use a wireless packet analyzer or other wireless scanning software
program can easily see all the information that is passing between devices
through the air.
WEP was designed as a way to protect wireless networking from casual
eavesdropping. The original IEEE 802.11 standard states that the use of WEP
is optional. The manufacturer supplies the capability, but it was up to the user
of the wireless device to implement it.
In WLANs, WEP can be used in one of two ways: with IEEE 802.11 open
system authentication to encrypt the data only or with shared-key
authentication, which is used for wireless device authentication and for data
encryption. The original standard specified only 64-bit WEP, which consists
of a 40-bit key plus 24-bit WEP initialization vector (IV).
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
How Wired Equivalent Privacy Was Used
WEP was fairly simple to implement. It requires all wireless devices to have
the same WEP key. The WEP key can be either 64-bit or 128-bit; however, the
standard required only 64-bit WEP. One disadvantage to WEP is that it uses
static keys, which means all wireless devices—access points, bridges, and
client stations—must have the same key and the key must be manually
entered into them. Any time the key is changed, it must be changed on all the
wireless devices that are on the same SSID. No matter which you use, 64-bit
WEP or 128-bit WEP, you are still only using a 24-bit IV. 64-bit WEP uses a
40-bit secret key and a 24-bit IV. 128-bit WEP uses a 104-bit secret key but
still only the 24-bit IV, making both vulnerable to the same attacks. Gathering
a number of these IVs allows an attacker to crack your key in very little time.
Some governing bodies no longer allow the use of WEP. Payment
Card Industry (PCI), for example, no longer allows the use of WEP for
securing wireless networks. If you are still using WEP, it should be a high
priority to move away from this legacy security technology as quickly as
possible.
Table 8.1 describes the characteristics of the two types of WEP keys.
TABLE 8.1 Characteristics of the two types of WEP keys
Key
Length
Number of ASCII
Characters
Number of Hex
Characters
64-bit
5
13
128-bit
10
26
One major disadvantage of using WEP is that it was compromised early on
and is therefore not secure. It is easy to capture data using a wireless packet
analyzer; with a little knowledge and correct software utilities, cracking a
WEP key is a simple feat. This made WEP a weak security solution, but it was
pretty much the only solution available at the time of early IEEE 802.11
wireless networking.
With today’s newer and more sophisticated software tools and technology,
||||||||||||||||||||
||||||||||||||||||||
WEP can be cracked easily and quickly. WEP will be discussed in more detail
in the section “IEEE 802.11 Encryption Methods” later in this chapter.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 SOHO and Enterprise Security
Technologies
The IEEE 802.11i amendment to the standard provided much improvement in
the ways WLANs can be secured. Enterprise-based WLANs are now capable of
the most up-to-date security solutions available in the industry. This
amendment to the standard introduced what is known as the Robust Security
Network (RSN). In order for WLAN equipment to create an RSN, it must be
RSN capable or 802.11i compliant, which means it will optionally support
Temporal Key Integrity Protocol (TKIP) and it must also support Counter
Mode with Cipher-Block Chaining Message Authentication Code Protocol
(CCMP). The Wi-Fi Alliance released several certifications that pertain to
wireless networking: WPA and WPA 2.0 for SOHO and enterprise
deployments, and WPS for the home user.
The following section discusses Wi-Fi Protected Setup (WPS).
This topic is not included in the exam objectives but is explained here for
your reference.
Wi-Fi Protected Setup PIN-Based or Push-Button
Configuration Wireless Security
Many manufacturers of SOHO-grade WLAN equipment have adopted either
PIN-based or push-button wireless security. Both of these solutions simplify
the process of securing a wireless network either for the SOHO environment
or for home-based users. As discussed in Chapter 2, the Wi-Fi Alliance has
branded a certification for push-button and PIN-based security called Wi-Fi
Protected Setup. The Wi-Fi Protected Setup certification (WPS) addresses
both of these solutions.
||||||||||||||||||||
||||||||||||||||||||
In December 2011 a security flaw was reported with WPS. This
allegedly allowed an intruder to recover the personal identification
number (PIN) used to create the 256-bit preshared key. Disabling certain
features or a firmware update may be available to provide adequate
protection. Keep in mind that these solutions to the issue may only be
possible with newer-model wireless routers. You should check with the
manufacturer to determine if a solution (either a software setting or
firmware upgrade) is available for a specific device.
PIN-Based Security
Personal identification number functionality is required in order for a
wireless device to be WPS certified. PIN-based security requires a unique PIN
to be entered on all devices that will be part of the same secure wireless
network. A PIN will come as either a fixed label or sticker on a device, or it
can be dynamically generated in the setup utility and shown on the computer
screen. It is important to understand the difference between a PIN and a
passphrase, password, shared key, or preshared key. A PIN is a number; the
acronym spelled out means “personal identification number.” Therefore, a
PIN will consist only of numbers. Passphrases and the others may contain
combinations of numbers, letters, and special characters. The registrar device
in the case of a WLAN is the access point. The access point will detect when a
new wireless device that supports WPS is in radio range. When this device
tries to join the network, the registrar will prompt the user to enter the
unique PIN. Once the PIN is entered, the process authenticates the device and
encrypts the network data sent to and from the device. Figure 8.5 shows an
example of PIN-based wireless security.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.5 SOHO wireless access point with PIN-based security
Push-Button Configuration Security
Push-button security or push-button configuration (PBC) allows users to
configure WLAN security with “the push of a button,” making setting up
wireless security a simple process. When a user pushes a hardware button on
the wireless router and clicks a software button in the software utility for the
network adapter installed in the client device wanting to associate, pushbutton security creates a connection between the devices, configures the
network’s SSID, and turns on security. This allows a secure connection
among all devices that are part of the wireless network. Figure 8.6 shows an
example of WPS push-button security.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.6 D-Link wireless router with push-button security
In order to use push-button security, all devices—including the wireless
router and the wireless client adapters—must support the feature. First a
button is pushed on the wireless router; then a button (a software setting in
the wireless client utility) is clicked on the wireless device(s). Usually in less
than a minute the process is complete and all devices have a secure
connection. Only those devices that are within RF hearing range and are
participating in the process will become part of the secure network.
Support for both PIN and PBC configurations is required for access points;
client devices at a minimum must support PIN. A third, optional method,
near field communication (NFC) tokens, is also supported. A USB flash drive
(memory card or solid-state storage drive with a USB interface) may be used
to store and transfer credentials. Many SOHO equipment manufacturers have
WPS-certified devices on the market today. Some include the following:
Belkin
Broadcom
D-Link
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Linksys
Netgear
TRENDnet
ZyXEL
For these and other manufacturers that support WPS, visit the WiFi Alliance website at www.wi-fi.org.
||||||||||||||||||||
||||||||||||||||||||
Wi-Fi Protected Access and WPA2 Personal
Security
Passphrase-based security was designed with the SOHO or home-based user
in mind. This type of security allows a user to create a very secure WLAN
solution without the experience or knowledge necessary to configure
enterprise-level components such as an 802.1X/EAP and a RADIUS server.
Passphrase-based security requires all wireless devices that are part of the
same wireless network to have the same 256-bit preshared key (PSK) in order
to securely communicate. The capability to derive a secure key of this length
would be a daunting task; to ease the burden of having to create a long secure
key, the passphrase was introduced. This works by requiring the user to enter
a strong passphrase on all wireless devices that are part of the same WLAN to
be secured. The benefit of a passphrase is it can be a sequence of words or
other text that is memorable only to the user who created it. After the
passphrase is entered into the device, with the help of an electronic algorithm
from the IEEE 802.11i amendment, it will create a 256-bit preshared key.
Passphrase Characteristics
The characteristics of the passphrase are as follows:
It consists of 8 to 63 ASCII (case sensitive) or 64 hexadecimal characters.
It creates a 256-bit preshared key.
The longer and more random the passphrase, the more secure it will be.
Weak passphrases can be compromised.
Several software programs and websites have random password
generators to aid in the generation of strong passphrases. One such
website is Gibson Research Corporation. Their Ultra High Security
Password Generator can be found at www.grc.com/passwords.htm.
Figure 8.7 shows how to configure a passphrase on a SOHO access point.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.7 D-Link wireless access point preshared key passphrase settings
||||||||||||||||||||
||||||||||||||||||||
WPA and WPA2 Enterprise Security
Concerned about problems connected with MAC address filtering and WEP,
the industry drove the development of additional, improved wireless security
solutions. One of these solutions also operates at Layer 2 and is an IEEE
standard. This advanced enterprise-level solution is known as IEEE 802.1X
(also called user-based security). User-based security allows an administrator
to restrict access to a wireless network and its resources by creating users in a
centralized database. Anyone trying to join the network will be required to
authenticate as one of the users by supplying a valid username and password.
After successful authentication, the user will be able to gain access to
resources for which they have permissions. This type of mutual
authentication is more secure than the previously mentioned passphrase
security method.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.1X/EAP
IEEE 802.1X/EAP consists of two different components used together to
form an enterprise computer network security solution. IEEE 802.1X/EAP is
defined in the IEEE 802.11-2016 standard but was originally part of the IEEE
802.11i amendment. We’ll first discuss the IEEE 802.1X standard and then
Extensible Authentication Protocol (EAP). Then we’ll combine the technology
and terms to form IEEE 802.1X/EAP.
IEEE 802.1X
IEEE 802.1X is a port-based access control method designed to work with
IEEE 802.3 Ethernet wired networks. However, this standard was adapted
into the wireless world as an alternative, more powerful solution to legacy
802.11 WLAN security technologies. Wireless devices that use 802.1X
technology are identified using different terminology from that used in IEEE
802.11 standards-based wireless networking:
Supplicant (wireless client device)
Authenticator (wireless access point)
Authentication server (RADIUS or AAA)
Figure 8.8 illustrates the 802.1X/EAP process for a WLAN.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.8 WLAN client authenticating to a RADIUS server using IEEE
802.1X/EAP
Supplicant The supplicant is another name for the wireless client device
attempting to connect to the wireless network. This typically is the software
security component of the wireless client device and the IEEE 802.1X
terminology.
Authenticator The authenticator is the IEEE 802.1X term for the wireless
access point or WLAN controller. The authenticator acts as a middleman
between the wireless supplicant and the authentication server. When the
supplicant requests to join the wireless network, the authenticator passes the
authentication information between the two devices.
Authentication Server The term “authentication server” is used by the
IEEE 802.1X standard to identify the server that will authenticate the
wireless supplicant. The authentication server receives all information from
the authenticator. The authentication server may be an AAA or a RADIUS
server; both are explained later in this chapter.
Extensible Authentication Protocol
IEEE 802.1X is a framework that allows for an authentication process. The
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
authentication process used with IEEE 802.1X is Extensible Authentication
Protocol (EAP). The IEEE 802.1X standard will employ some EAP type to
complete this process. Many types of EAP that can be used with IEEE 802.11
WLANs are available in the industry. These vary from proprietary solutions to
very secure standard solutions. Following are some popular examples of EAP
types:
EAP-TLS
TTLS (EAP-MSCHAPv2)
PEAP (EAP-MSCHAPv2)
EAP-FAST
These and other EAP types allow a user to authenticate to a wireless network
in several ways, including credentials such as username/password or
certificate-based authentication.
The details of EAP and how it works are beyond the scope of the
exam objectives. For more information, refer to other CWNP materials.
IEEE 802.1X and EAP Together: IEEE 802.1X/EAP
Now it is time to put these two parts together to form the IEEE 802.1X/EAP
authentication process. This authentication process is typically used for
enterprise-level security but can be and is sometimes used in smaller wireless
installations. A variety of EAP types that work very well with IEEE 802.11
WLAN deployments are available. The EAP type chosen will depend on the
environment in which the WLAN is used. EAP types vary in specifications,
costs, and complexity. Figure 8.9 shows IEEE 802.1X/EAP configuration on a
cloud-based wireless network management system.
Remote Authentication Dial-In User Service
Remote Authentication Dial-In User Service (RADIUS) is a networking
service that provides centralized authentication and administration of users.
RADIUS started as a way to authenticate and authorize dial-up networking
users. A remote user would dial up to a network using the public switched
||||||||||||||||||||
||||||||||||||||||||
telephone network (PSTN) and a modem. A modem from a modem pool on
the receiver side would answer the call. The user would then be prompted by
a remote access server to enter a username and password in order to
authenticate. Once the credentials were validated, the user would then have
access to any resources for which they had permissions. Figure 8.10
illustrates the remote access service authentication mechanism.
FIGURE 8.9 Aerohive HiveManager Online cloud-based IEEE 802.1X/EAP
configuration screen
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.10 Remote user authenticating to a remote access server
In this example, the remote access client would be the computer dialing into
the network, and the remote access server would be the one performing the
authentication for the dial-up user. As computer networks grew in size and
complexity and remote access technology improved, there was a need to
optimize the process on the remote access server side. This is where RADIUS
provides a solution. RADIUS combined decentralized remote access services
databases into one central location, allowing for centralized user
administration and centralized management. It eased the burden of having to
manage several databases and optimized administration of remote access
services.
A company does not need a large number of RADIUS servers. For a small to
medium-sized company, one RADIUS server should be sufficient (with a
backup, if possible). Larger enterprise organizations may need several
RADIUS servers across the entire wide area network. In wireless networking,
the wireless access point can act as a RADIUS client, which means it will have
the capability to accept requests from wireless client devices and forward
them to the RADIUS server for authentication. Figure 8.11 shows this
configuration.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.11 Wireless access point configured as a RADIUS client device
As Figure 8.11 shows, the remote access client is now the wireless access
point. The wireless client device is authorized as a user in the database of the
RADIUS server. The RADIUS server is the authenticating server or database.
A RADIUS server may also be known as an authentication, authorization, and
accounting (AAA) server. In this configuration, it will authenticate users and
provide access to the resources for which they have permissions. In addition,
it will keep track of all transactions by accounting.
Authentication, Authorization, and Accounting
The Authentication, Authorization, and Accounting (AAA) protocol provides
a framework to allow secure access and authorization as well as keep track of
the user’s activities on a computer network including wireless networks. AAA
is commonly part of a RADIUS server’s functionality. The three components
that work together in the AAA protocol are:
Authentication
Authorization
Accounting
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
The First Part of AAA—Authentication Authentication is defined as a
way of confirming or validating an identity. Basically, it validates that you are
who you say you are. Enterprise IEEE 802.11 wireless networks commonly
use IEEE 802.1X/EAP or user-based authentication technology. In addition to
username and passwords, wireless networks may also use other
authentication methods, including digital certificates and smart cards, to
name a few.
The Second Part of AAA—Authorization For wireless networking,
authorization provides access to network resources that a wireless device or
user has the appropriate permissions or rights to use. These permissions
could be tied to an individual user object but can also be tied to a group
object. After a user authenticates, the AAA protocol will then allow for the
authorization process. Authorization can be on a per-user or per-group basis.
In IEEE wireless networking technology, authorization is commonly used for
WLAN functionality, including bandwidth controls, time
restrictions/controls, and quality of service (QoS) policies.
The Third Part of AAA—Accounting Accounting is the last part or third
“A” in the AAA protocol. Accounting will keep track of every place on the
network a user visits or everything done on the network. Basically, it
monitors all network activity. This can be used for something as simple as
tracking resource usage for software or hardware upgrade purposes or for
technology budgeting purposes. Accounting can be used to determine what
technology different areas of the organization are using and how they will be
able to contribute to the cost of this technology.
||||||||||||||||||||
||||||||||||||||||||
IEEE 802.11 Encryption Methods
In the most basic sense, encryption consists of taking information and
scrambling it so only the sender and intended recipient that know the
encryption method are able to decipher the encrypted information. In
addition to authenticating and verifying an identity, encryption also needs to
be considered for wireless networking. In the IEEE 802.11 standard, the
following three encryption mechanisms could be used on a wireless network
to protect data traffic:
Wired Equivalent Privacy (WEP)
Temporal Key Integrity Protocol (TKIP)
Counter Mode with Cipher Block Chaining Message Authentication Code
Protocol (CCMP)
Wired Equivalent Privacy
Wired Equivalent Privacy (WEP) was an optional encryption method
specified in the original IEEE 802.11 standard. WEP was only intended to
protect wireless network users against casual eavesdropping and for IEEE
802.11 shared-key authentication. As discussed previously, this encryption
method is considered legacy and was compromised early on, making it a weak
solution to use with modern wireless networks. With early deployments of
standards-based wireless networking, WEP was the only solution available,
which made it very popular. At that time, the capability to crack WEP was
available, but that did not mean anyone could do it. Initially, cracking WEP
required a large amount of data, some knowledge of the process, and usually
a software program to extract the WEP key. Newer technology has made
cracking WEP a simple process. WEP can be cracked in minutes rather than
hours, days, or weeks, and almost anyone can do it. The fact that WEP is
available in two key lengths—64-bit or 128-bit—makes no difference to the
experienced intruder. WEP uses the RC4 stream cipher for bit-level
encryption. The problem with WEP does not lie in RC4 but in how it was used
in the encryption process. One reason WEP is vulnerable to intrusion is
because of something called an initialization vector (IV). The 24-bit IV is
broadcast in the clear or unencrypted. This being the case, it exposes a
weakness in the way WEP was designed, thereby allowing it to be
compromised.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Is WEP Still Used?
WEP is weak and its vulnerabilities can be cracked, so it is not a
recommended solution to secure wireless computer data. Many countries
have not fallen under PCI’s scrutiny yet and still use WEP to protect
wireless networks. Older voice over Wi-Fi phones and barcode scanners
may still use WEP.
As a general rule, it is best not to use WEP as a security measure for
protection of a wireless network and its users. However, there are still
some deployments that use devices with wireless networking that have
limited capabilities when it comes to security. WEP may be the only
security option they have. If upgrading the devices to something that
supports higher-level security is not an option, the organization may have
no choice but to use WEP. If this is the case, it is important for the
network administrator to use appropriate device segmentation for the
WEP-enabled devices in order to not compromise the entire network
infrastructure. One way to do this is to consider the use of a virtual local
area network (VLAN). This enables the administrator to separate wireless
devices that may be potentially compromised because of WEP from other
devices that are capable of more advanced security solutions.
Many software programs are available to allow someone with limited
knowledge to be able to crack WEP. Newer, more sophisticated tools allow
WEP to be cracked in minutes. If a wireless network has the capability of
more advanced security, such as 802.11i or WPA 2.0, one of those should be
used instead of WEP. An appropriate device upgrade path should be evaluated
in order to eliminate the use of WEP in any capacity on the wireless network.
Temporal Key Integrity Protocol
Temporal Key Integrity Protocol (TKIP) was designed as a firmware upgrade
to WEP. TKIP added several enhancements to the WEP algorithm and was
the foundation for the Wi-Fi Protected Access (WPA) certification from the
Wi-Fi Alliance. These enhancements include the following:
Per-packet key mixing of the IV to separate IVs from weak keys
||||||||||||||||||||
||||||||||||||||||||
A dynamic rekeying mechanism to change encryption and integrity keys
48-bit IV and IV sequence counter to prevent replay attacks
Message Integrity Check (MIC) to prevent forgery attacks
Use of the RC4 stream cipher, thereby allowing backward compatibility
with WEP
Configuring a wireless network to use TKIP was a fairly straightforward
process. It can be accomplished either by using the web interface available on
most SOHO access points or by using the web interface or command-line
interface for enterprise-level access points. For the wireless client devices,
TKIP will be configured through the client software utility. Some older
wireless hardware devices may not support TKIP. If this is the case,
replacement of the hardware will be necessary in order to take advantage of
newer security solutions. Figure 8.12 shows how to configure TKIP using
WPA on a WLAN controller.
FIGURE 8.12 WLAN controller security configuration screen
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TKIP/RC4 uses a 48-bit IV and can be compromised in the same
way as WEP if a weak key is used. Using a stronger technique such as
CCMP/AES is a better solution. It is also important to note that if TKIP is
implemented, IEEE 802.11n/ac MCS rates will not be utilized. In other
words, the highest data rate achievable will be only 54 Mbps if TKIP is in
use.
Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol
Counter Mode with Cipher Block Chaining Message Authentication Code
Protocol (CCMP) is a mandatory part of the IEEE 801.11i amendment and is
in the IEEE 802.11-2016 standard and part of Wi-Fi Protected Access 2.0
(WPA2) certification from the Wi-Fi Alliance. CCMP uses the Advanced
Encryption Standard (AES) algorithm block cipher. CCMP is mandatory for
RSN compliance. If an RSN is required to comply with an industry or
governmental regulation, CCMP must be used. CCMP is also intended as a
replacement to TKIP. Because of the strong encryption CCMP provides, it
may require replacement of legacy hardware. In some cases, it may use a
separate chip to perform computation-intensive AES ciphering.
Configuration of CCMP is similar to that of TKIP, discussed earlier. The main
difference with CCMP is that older hardware may not support it and it is a
stronger encryption solution. Figure 8.13 shows configuring the CCMP
method using WPA2.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.13 Wireless access point security configuration selection
Upgrading the Firmware on Wireless LAN Devices
In some cases, it may be necessary to upgrade the device firmware in
order to get either TKIP or CCMP capability. It is important to follow the
manufacturer’s instructions when upgrading firmware to prevent damage
to the device. Improper firmware upgrades or a loss of power during the
upgrade process may render the device unusable or require the device to
be sent back to the manufacturer for repair.
Some of the security technologies we just discussed are part of the Wi-Fi
Alliance interoperability testing for standards-based WLAN equipment. As
mentioned in Chapter 2, equipment certified for both WPA and WPA2 can
function in either personal or enterprise modes. Table 8.2 shows the details
of both WPA and WPA 2 certifications.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
TABLE 8.2 Details of the Wi-Fi Alliance WPA and WPA 2 certifications
Wi-Fi Alliance Security Authentication
Method
Method
Encryption/Cipher
Method
WPA - Personal
Passphrase
TKIP/RC4
WPA - Enterprise
IEEE 802.1X/EAP
TKIP/RC4
WPA 2 - Personal
Passphrase
CCMP/AES or TKIP/RC4
(optional)
WPA 2 - Enterprise
IEEE 802.1X/EAP
CCMP/AES or TKIP/RC4
(optional)
||||||||||||||||||||
||||||||||||||||||||
Role-Based Access Control
Role-based access control (RBAC) is a way of restricting access to only
authorized users. This access is from authentication based on specific roles
rather than user identities. It was designed to ease the task of security
administration on large networks. RBAC has characteristics similar to those
of a common network administration practice: the creation of users and
groups. RBAC may also fit well under the authorization part of AAA because it
has very similar characteristics.
To give a user on a computer network access to a network resource, best
practices recommend creating a group object, assigning the group
permissions to the resource, and then adding the user object to the group.
This method allows any user who is a member of the group to be granted
access to the resource. RBAC can be used for various activities users may
perform while connected to a WLAN, including limiting the amount of
throughput, enforcing time restrictions, or controlling access to specific
resources such as the Internet.
Let’s look at an example. Your organization consists of several departments
that use resources available on the wireless network. The departments are
sales, engineering, and accounting. Each department has specific
requirements for what and when they need to access from the WLAN. This is
where RBAC would be a great fit. If the network administrator wanted to
restrict access to the WLAN for the sales department from 8 a.m. to 5 p.m.,
she could create a role using this feature. If the engineering department was
using too much bandwidth, a role could be created to restrict throughput for
that department. These are a couple of examples where RBAC can work with a
WLAN.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Virtual Private Networking
Virtual private networking (VPN) is the capability to create private
communications over a public network infrastructure such as the Internet.
The security solutions discussed earlier in this chapter are Layer 2 security
solutions—that is, all such solutions work at Layer 2 of the OSI model. By
contrast, VPNs are Internet Protocol-based; they typically operate at Layer 3
of the OSI model but some will work at Layer 2. Figure 8.14 illustrates VPN
technology in relationship to the OSI model.
FIGURE 8.14 OSI model representation of a Layer 3 VPN security solution
Prior to the ratification of the IEEE 802.11i amendment to the standard, VPN
technology was prevalent in enterprise deployments as well as in remote
access security. Since Layer 2 security solutions have become stronger
(mostly thanks to the 802.11i amendment and the Wi-Fi Alliance WPA and
WPA2 certifications), VPN technology is not as widely used within enterprise
LANs. However, VPN still remains a powerful security solution for remote
access in both wired and wireless networking.
VPNs consist of two parts: tunneling and encryption. Figure 8.15 illustrates a
VPN tunnel using the Internet. A standalone VPN tunnel does not provide
data encryption, and VPN tunnels are created across IP networks. In a very
basic sense, VPNs use encapsulation methods where one IP frame is
encapsulated within a second IP frame. The encryption of VPNs is performed
as a separate function.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.15 Representation of a VPN tunnel
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Shipping a Crate Using VPN Technology
An analogy for the VPN process is shipping a locked crate from one
location to another. You are a technical support engineer for the
headquarters office of a company that has five offices in different
locations around the world. You get a telephone call from a co-worker at
one of the remote offices. She needs to replace an access point with a
newer model at the remote office. You need to ship the preconfigured
replacement access point to her using a common carrier. You want to
ensure that the access point arrives at the destination location without
coming into physical contact with anybody other than the intended
recipient.
The access point is analogous to the IP frame. You put the access point
into a crate that has a combination lock to secure it. This crate containing
the access point is analogous to the second IP frame, or the one that
encapsulates the original IP frame.
You ship the crate to the destination using a common carrier, which
would be analogous to the public infrastructure over which the encrypted
data is sent. Many other packages are shipped by this common carrier, but
no one will be able to see the contents of the crate because they do not
know the combination to the lock (the encryption method).
When the access point arrives at the destination, the recipient (the
technical support engineer for the remote office) must know the
combination of the lock on the crate in order to open it to retrieve the
access point. So you tell her the combination over the telephone. This is
analogous to the encryption method. Over a secure telephone line, only
you (the sender) and she (the recipient) know the combination to the
lock. The tech support engineer will be able to unlock the crate using the
combination you supplied her, and she will be able to retrieve the access
point.
The following are two common types of VPN protocols:
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
||||||||||||||||||||
||||||||||||||||||||
Point-to-Point Tunneling Protocol
Developed by a vendor consortium that included Microsoft, Point-to-Point
Tunneling Protocol (PPTP) was very popular because of its ease of
configuration and was included in all Microsoft Windows operating systems
starting with Windows 95. PPTP uses Microsoft Point-to-Point Encryption
(MPPE-128) Protocol for encryption. This process provides both tunneling
and encryption capabilities for the user’s data.
If the PPTP configuration uses MS-CHAP version 2 for user
authentication on a wireless network, it can be a security issue. This
authentication process can be captured using a wireless protocol analyzer
or other scanning software program and potentially allow someone to
perform a dictionary attack, enabling them to acquire a user’s credentials
and eventually giving them the capability to log on to the network. A
dictionary attack is performed by software that challenges the encrypted
password against common words or phrases in a text file (dictionary).
Therefore, using PPTP on a wireless network should be avoided. Keep in
mind that the security vulnerability is not PPTP itself; it is that the
authentication frames on a WLAN can be captured by an intruder, who
can then acquire user credentials (username and password) and be able to
gain access to the VPN.
Layer 2 Tunneling Protocol
Layer 2 Tunneling Protocol (L2TP) is the combination of two different
tunneling protocols: Cisco’s Layer 2 Forwarding (L2F) and Microsoft’s Pointto-Point Tunneling Protocol (PPTP). L2TP defines the tunneling process,
which requires some level of encryption in order to function. With L2TP, a
popular choice of encryption is Internet Protocol Security (IPSec), which
provides authentication and encryption for each IP packet in a data stream.
Since L2TP was published in 1999 as a proposed standard and because it is
more secure than PPTP, L2TP has gained much popularity and for the most
part is a replacement for PPTP. L2TP/IPSec is a very common VPN solution in
use today. PPTP should not be used when L2TP is available.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
Components of a VPN Solution
A VPN solution consists of the following three components:
Client side (endpoint)
Network infrastructure (public or private)
Server side (endpoint)
In many cases, both the client side and server side are known as VPN
endpoints. The infrastructure often is a public access network, such as the
Internet. Some firewall manufacturers’ security solutions allow the
application of advanced security policies, such as web content filtering, antivirus, botnet detection, and other security features to be applied directly to
wireless traffic. This enables VPNs to secure various types of network traffic
very easily for both wireless client devices and access points to wireless
controller connections. The client-side endpoint typically consists of software,
allowing it to be configured for the VPN. This software is available at a
nominal cost from a variety of manufacturers. Newer Microsoft Windows
operating systems include VPN client software for both PPTP and L2TP.
Figure 8.16 shows a VPN client configuration screen.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.16 Microsoft Windows 7 Professional built-in VPN client utility
configuration
WLAN client devices have the capability to be a VPN client endpoint. The VPN
can terminate either at an access point or across the Internet to the corporate
network. Figure 8.17 shows a common example of a wireless client device
connecting to a wireless hotspot to access the corporate network.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.17 WLAN client using a wireless hotspot to connect to a
corporate office using VPN technology
In Exercise 8.1, you will explore the built-in VPN client software utility in
Microsoft Windows 7 Professional. Exercise 8.2 is another way to create a
VPN connection using the built-in VPN client software utility in Microsoft
Windows 10 Professional.
EXERCISE 8.1
Setting Up a VPN
In this exercise, you will set up a VPN connection using the built-in VPN
client utility in Microsoft Windows 7 Professional.
1. Click Start ➢ Control Panel. The Control Panel window appears.
2. Click the View Network Status And Tasks link under the Network And
Internet heading in the Control Panel window. The Network and
Sharing Center window appears.
||||||||||||||||||||
||||||||||||||||||||
3. In the Change Your Network Settings menu, click the Set Up A New
Connection Or Network link. The Set Up A Connection Or Network Choose A Connection screen appears.
4. Select Connect To A Workplace - Set Up A Dial-Up Or VPN Connection
To Your Workplace, and click Next. The Connect To A Workplace How Do You Want To Connect? screen appears.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
5. Click Use My Internet Connection (VPN). The Connect To A
Workplace - Do You Want To Set Up An Internet Connection Before
Continuing? screen appears. Click I’ll Set Up An Internet Connection
Later. The Connect To A Workplace - Type The Internet Address To
Connect To screen appears.
||||||||||||||||||||
||||||||||||||||||||
6. In the Internet Address text box, type the IP address or hostname of
the remote VPN server you want to connect to. In the Destination
Name text box, type your selected name for the VPN connection, and
click Next. The Connect To A Workplace - Type Your User Name And
Password screen appears.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
7. In the User Name and Password text boxes, enter a valid username
and password, and click Create.
8. The Connect To A Workplace - The Connection Is Ready To Use screen
appears; click Close. The Network and Sharing Center appears.
9. To use your VPN connection, click the Connect To A Network link. The
Currently Connected To screen appears. Click the name of the VPN
connection you created in step 6. The Connect VPN Connection dialog
box appears, prompting for a username and password.
||||||||||||||||||||
||||||||||||||||||||
10. Enter a valid username and password (and also domain, if required),
and click Connect to connect to your VPN server. Once your
credentials have been validated by the VPN server, you will have
access to the network through the VPN you created.
In Exercise 8.2, you will explore the built-in VPN client software utility in
Microsoft Windows 10 Professional.
EXERCISE 8.2
Setting Up a VPN
In this exercise, you will set up a VPN connection using the built-in VPN
client utility in Microsoft Windows 10 Professional.
1. Click Start ➢ Settings (the gear symbol). The Windows Settings dialog
box appears.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
2. Click the Network and Internet Wi-Fi, airplane mode, VPN icon in the
Windows Settings page. The Network status home page appears.
||||||||||||||||||||
||||||||||||||||||||
3. Click VPN under the Network & Internet column, and then click the
Add a VPN connection under VPN on the right side of the dialog box.
The Add a VPN Connection dialog box appears.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
4. Click the drop-down arrow under VPN Provider and select the
Windows (built-in) option. Enter the additional information, including
Connection Name and Server Name or Address.
5. Click the drop-down arrow under the VPN Type box. Leave the default
Automatic or select the appropriate option. Fill in the remaining fields
as required.
6. Click the Save button. A dialog box with the VPN profiles will appear.
||||||||||||||||||||
||||||||||||||||||||
7. Click the profile you created, enter your credentials, and test the VPN
connection. You can also click the Advanced Options button to edit the
profile and view additional details about the profile you created.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
||||||||||||||||||||
The Wireless Intrusion Prevention System
In wireless networking, a wireless intrusion prevention system (WIPS) is a
software/ hardware solution that monitors the radio waves and, using a
wireless hardware sensor, can report captured information to software to be
recorded in a server database. (This differs from other network monitoring
and management systems discussed later in this chapter.) The WIPS solution
will then be able to take the appropriate countermeasures to prevent wireless
network intrusions. These countermeasures are based on identifying the
intrusion by comparing the captured information to an intrusion signature
database within the WIPS server. Figure 8.18 shows a WIPS dashboard that
displays a Layer 1 RF jamming DoS attack that was recorded.
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.18 A WIPS dashboard
There are many advantages to using a WIPS. Some of them include:
Captures information by 24×7 monitoring
Detects threats to the wireless infrastructure, such as DoS attacks and
rogue access points
Notifies you about threats through a variety of mechanisms
Supports integrated spectrum analysis
Includes elaborate reporting systems
Ensures compliance with corporate security policy and legislative
||||||||||||||||||||
||||||||||||||||||||
compliance
Retains data for forensic investigation
Uses hardware sensors for monitoring
Let’s look at these in a little more detail.
24/7/365 Monitoring With a WIPS, monitoring of the wireless network
can be accomplished 24 hours a day, seven days a week, to help identify
potential attacks, including DoS, either from Layer 1 RF or from Layer 2
software such as a deauthentication storm. A WIPS also finds rogue
(unauthorized) access points and misconfigured wireless devices.
Detection and Mitigation Unlike many wireless intrusion detection
systems (WIDS), WIPS has the capability to detect and react. WIPS solutions
will automatically respond to threats against a WLAN by stopping the device
or process that contains the threat before it has a chance to cause any damage
to the wireless network.
Notification of Threats WIPS solutions have the capability to provide
notifications to network administrators based on alerts and alarms of
potential threats that the WIPS encounters during monitoring. These
notifications can be provided in a variety of ways, such as email or pager.
Integrated Spectrum Analysis This feature allows an administrator to
view the state of a remote radio environment at a branch office or remote
location. This allows the accurate diagnosis of radio spectrum problems,
including Layer 1 DoS attacks.
Elaborate Reporting Systems In addition to standard reports, most WIPS
solutions allow network administrators to create their own customized
reports in a short period of time. These reports will enable an organization to
meet the specific requirements of audit groups, either internal or external to
the organization.
Regulatory Policy Compliance A WIPS will have the capability to help
ensure that an organization maintains the necessary legislative compliance.
Compliance requirements include Health Insurance Portability and
Accountability Act (HIPAA) and Payment Card Industry (PCI).
Retains Data for Forensics Many WIPS solutions can retain data that may
be used in forensics investigations. The WIPS will provide the documented
proof an organization may require to take the appropriate action based on
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
events recorded. WIPS solutions will require fine-tuning to some degree to
eliminate misrepresentation of the threat signatures the system will detect.
This starts with a baseline of the environment, allowing the administrator to
gauge the levels of detection and reaction.
Uses Hardware Sensors for Monitoring WIPS solutions will use either
dedicated hardware sensors or share the sensor functionality with access
points. These sensors will collect data by monitoring the air 24×7 and
allowing information to be reported to a server database.
WIPS Configuration and Maintenance
Although a WIPS solution is a valuable tool to use for WLAN monitoring and
detection/mitigation of wireless intrusions, it needs to be set up, configured,
and maintained correctly. Installing a WIPS system without setting the
appropriate thresholds and baselines may result in unreliable or unusable
collections of information. For example, if an organization is concerned about
deauthentication attacks, such as forcing a “deauthentication storm” (sending
many consecutive deauthentication frames), this setting will need to be
enabled on the WIPS system with the appropriate threshold setting in order
to be detected. Remember from Chapter 6 that deauthentication occurs when
an existing authentication is no longer valid, and it can be caused by a WLAN
device logging off from the current connection or roaming to a different basic
service set (BSS). If an intruder sends just a couple of deauthentication
frames to a wireless device in an attempt to force them to reauthenticate, and
thus perform a hijack attack, the activity may fall under the threshold set for
the deauthentication frames that are monitored and could be missed. The
bottom line is that proper setup, configuration, and maintenance of a WIPS
system all need to be carefully considered. Figure 8.19 shows the policy setup
screen for a WIPS.
||||||||||||||||||||
||||||||||||||||||||
FIGURE 8.19 WIPS policy configuration
Overlay and Integrated WIPS Technology
A WIPS requires hardware sensors for monitoring and sending the data to the
WIPS server. These sensors can be dedicated devices (only used for
monitoring) or they can share functionality with the wireless access points.
The terminology used for these WIPS sensors is
Overlay WIPS sensors
Integrated WIPS sensors
Overlay WIPS Sensors
Overlay WIPS sensors are dedicated wireless devices that have physical
characteristics similar to those of wireless access points but are only used for
scanning the air and sending data to a WIPS server. These devices are passive
Technet24.ir
||||||||||||||||||||
||||||||||||||||||||
and will not interfere with other WLAN devices such as access points. This
type of sensor does not need to be implemented on a 1:1 deployment. In other
words, you do not need one WIPS sensor with every access point. WIPS
sensors are commonly installed in a 1:3 or 1:4 ratio. Figure 8.20 shows how a
WIPS overlay solution uses dedicated sensors.
FIGURE 8.20 The WIPS overlay installation uses separate devices.
It is best to check with the WIPS manufacturer to determine the
recommended number of dedicated sensors. Some wireless site survey
software tools will specify the number and locations of the sensors required,
based on the wireless network design. One disadvantage to the overlay
solution is the extra cost for the dedicated sensors. Some manufacturers
allow a wireless access point to run as a dedicated sensor; for these, the cost
would be the same as the wireless access point.
Integrated WIPS Sensors
Integrated WIPS sensors are part of a wireless access point’s functionality. An
integrated sensor may have a dedicated radio for full-time WIPS monitoring,
or it may share a radio with the access point for part-time WIPS monitoring.
A dedicated WIPS radio that is built into the wireless access point will be able
to monitor the air and send data directly to the WIPS server full time. This
would be the radio’s only function. One benefit to this type of sensor is that
th
Download PDF
Similar pages