Articles
recent

Standard Wireless SSID's in enterprise networks

Today I am going to talk about the basics and the standard wireless SSID's used in the enterprise networks. There are different environments in different enterprise networks. Some create the SSID's as per the policies defined in their network but here in this article I am just taking an example of a standard scenario with the various SSIDs named as Data, Voice and Guest users.

Let's talk about SSID first, In simple words, SSID is not considered a security feature. By itself, it allows separation between WLAN networks if they share the same physical area or are in close RF proximity to each other. This type of situation may occur in offices located in metropolitan areas. SSID helps Cisco users stay within their RF management area. 

Fig 1.1- Wireless SSID's
Regulations are country-specific, so the number of available channels may vary. Different channel numbers do not guarantee total separation of two devices. Generally, the three non-overlapping channels used are channels 1, 6 and 11. As WLAN technology becomes more popular, it is necessary to check channel availability by doing site surveys prior to installations. Choice of specific antenna types is up to the local theatre’s support team. However, the 2-dBi Standard Dipole (AIR-ANT4941) antenna is suitable for most locations. 

Here in this article I will talk about the Cisco Security feature for Wireless network. Cisco uses 802.1x-based EAP for authentication of its wireless networks. The Cisco versions of TKIP and MIC are used to enhance security and help ensure the confidentiality and integrity of wireless communications. Cisco IT also uses security techniques like dynamic key and broadcast key rotation to increase the security in wireless networks. 

A standard best practice followed by enterprise networks recommended by Cisco systems is to use the same set of VLAN numbers for data, voice, and guest in all theatres. Following the standards across the globe helps maintain consistency and simplifies troubleshooting and management. 

Cisco IT supports a one-VLAN architecture, meaning that each building at a campus site is associated with a single VLAN. For small FSOs, wireless can be integrated into the existing office subnet or VLAN; this assumes that all access points in the office can be placed in the same VLAN. In most cases, the wireless VLAN is no bigger than a /23. Local networking teams decide on the exact sizing of the IP subnet. 

Let's talk about the Site survey, Performance other factors a little bit. 
Site Survey: Site surveys are performed based on 11 Mbps (the maximum throughput for all users) per cell, with a cell size of –75 dBm signal strength, full coverage on every floor, and use of non-overlapping channels. 

Performance: When a radio has to transmit at a lower data rate, for example at 2 Mbps instead of 11 Mbps, it uses significantly longer radio time to push the packet into the air space. This results in significantly reduced performance (throughput), especially if a lower speed client needs to transmit a lot of data. Keeping them at 11 Mbps provides maximum performance for everyone. 

Standards: Standardising on 11 Mbps per cell allows for easy troubleshooting and support. Users physically located in one floor of a multi-storeyed building are associated to an access point in the same floor. Providing better location identification for E911 requirements with voice over wireless is another consideration. 

Site survey concerns: the ability to control cell size based on using one adjustment factor, the power. No significant RF exists outside the building: this limits the area of RF coverage within the building. 

To combat low S/N APs power can be increased or more APs installed if necessary (to cover any dead spots identified). Switching down to 5.5 will defeat the purpose of WLAN optimization to offer maximum possible access. 

Popular Posts

Powered by Blogger.