Wireless LAN
Deployment at Arizona State University
Wireless Ethernet technology is one of the fastest growing areas of
data communications today, which can provide a versatile supplement to existing
wired networks. Wireless Ethernet
networks (which are shared) are still no match for the speed of a wired
Ethernet switched infrastructure. But
wireless Ethernet networks have their own virtues, and ASU is implementing
specific building and department wireless Ethernet applications with the
expectation that the networks will enhance teaching, learning, and research at
ASU.
NOTE: ASU Information Technology emphasizes that the current wireless
Ethernet technology is being implemented at ASU as a Convenience for the
Casual user and is Complimentary to the switched 10/100 wired
campus network - in other words, the three C’s of wireless
Ethernet. Telecommunication Services
has always maintained that the wired Ethernet network infrastructure provides
no security. The wireless Ethernet
network introduces many additional security vulnerabilities, not just to the
wireless network itself, but also to the wired network to which it is
connected.
During the wireless Ethernet pilot, in cooperation with
Cisco Systems Engineers and other Wireless Ethernet experts, Data
Communications Operations gained valuable insight and practical knowledge of
the 802.11b wireless Ethernet networking technology and general wireless issues
and problems. This experience
allows DCO to cost-effectively design wireless applications per specific
customer requirements within the framework of a total campus wireless Ethernet
service.
This document provides an overview of wireless technology,
outlines the goals and scope of wireless Ethernet implementation at ASU,
identifies security and technology issues involved, and explores potential
solutions to these issues. This
document also alerts members of the ASU campus community to the potential
problems that could result from wireless devices that are not part of the
approved university network infrastructure, (e.g. devices using a conflicting
radio frequency, devices that introduce security holes and devices that hamper
the ability to track unacceptable use incidents to their source). In addition, this document recommends a
systems approach for the acquisition, installation/integration, testing,
operation, and maintenance of a campus wireless Ethernet system. Finally, this document will address future
wireless technologies as standards are ratified and products become
available.
A
Wireless LAN is usually an extension to a wired LAN in a building or
campus. WLANs provide most of the
functionality of wired LANs, but without the physical constraints or costs of
physically installing the wire. Packets
of data are converted into radio waves or infrared® (IR) light pulses that are
sent to other wireless devices or to a wireless access point - a device that
bridges wireless traffic to a wired network.
WLANs
use one of four different basic transmission technologies. IR transmission technology is based on light
waves; the other three, Direct Sequence Spread Spectrum (DSSS), Frequency
Hopping Spread Spectrum (FHSS), and low-power Narrowband (NB) are based on
radio waves. IR-based WLANs can be a
viable solution for specific applications, but do not scale well in general
use. The main limitation of IR-based
WLANs is that coverage is confined to one room and limited to indoors - the IR
signals cannot penetrate walls and disperse during rainy weather. Technologies based on Radio Frequency (RF),
on the other hand, use radio waves that can penetrate walls and travel well
outdoors. RF signals typically provide
less capacity than IR-based WLANs and are more susceptible to interference from
other RF-based devices. Despite these
limitations, RF-based WLANs are better suited for the typical office space or
campus WLAN applications and are therefore much more prevalent than their
IR-based counterparts.
The
majority of RF-based WLANs operate in the Industrial, Scientific, and Medical
(ISM) frequency bands, that are located in frequency ranges from 902 to 928
MHz, 2.4 to 2.483 GHz, and 5.725 to 5.85 GHz.
The ISM bands allow for unlicensed operation with the caveat that
unlicensed users must not interfere with licensed users. To minimize interference, the FCC requires
that unlicensed WLAN users utilize spread spectrum technology (now the industry
standard transmission technology for RF-based WLANs--per IEEE 802.11) and to
limit their transmissions to one watt of power.
Note: Currently, the production standard for which
vendor products are available is IEEE 802.11b DSSS. Other standards in development
include 802.11a, HomeRF, Bluetooth (can interfere with 802.11b), hyperlanII and
infrared.
ASU Data Communications
has followed the evolution of Wireless LAN technology for several years
and has implemented several projects to evaluate their applicability to
university users. As a result of
successful testing in the early stages of the research, a RadioLAN® WLAN was
installed in an IT training room CC 422 in Computing Commons in fall of 1998. The WLAN technology used in this lab was
produced prior to the 802.11 wireless standards.
Since
the ratification of the 802.11b standard in 1999, products using WLAN
technology have become widespread and interoperable across equipment offered by
different vendors.
Telecommunication
Services has tested WLAN access point products from most of the major wireless
vendors including Lucent Orinocco, 3Com AirConnect, RadioLAN® and Cisco
AiroNet. Of these, the AiroNet Access
Point by AiroNet (purchased by Cisco Systems, Inc. in March 2000) has proven to
be the most robust product with the greatest coverage area and ease of
configuration and support.
The
next phase of WLAN testing at ASU involved installing pilot projects in areas
around the Tempe campus that are particularly suited to WLAN technology (e.g.
lab areas, lounge areas, meeting rooms and other areas which are difficult to
reach with conventional Ethernet wiring).
The first pilot was in the
Law College Library. Additional pilots
included sections of the Student Services Building, the College of Business,
and the Computing Commons Building.
One of the key lessons
learned has been the importance of coordination of frequencies used within a
given area. The ability of the radio
waves to penetrate walls that make them ideal for large area network use create
overlapping areas among the networks and equipment where conflicts and
interference occur. For example, wireless computer mice and other accessories in areas
of the Fine Arts and Architecture buildings are inoperable due to RF interference
from other 2.4 GHz equipment. Similar problems have occurred with wireless
microphones,A DA equipment, and controls in adjacent rooms
in buildings throughout the campus. The need for careful planning and
coordination of equipment and frequencies is one of the most important
lessons learned from the pilot projects.
The increasing commercial
availability of low cost, but powerful wireless network peripherals has led
departments to begin to experiment with wireless applications. Doing so without careful planning and coordination of frequencies, coverage areas,
authentication, security and other management issues will result
in “wireless anarchy”, and the resulting interference will make reliable
wireless networking within the university campus extremely
difficult.
Successful phased implementation requires central planning, industry adherance standards,
funding, frequency management, security and authentication, and coordinated
implementation. The ideal solution is
to coordinate planning and investment in wireless networks in a manner that
encourages individual colleges and departments to participate rather than
attempting to implement their own systems.
The following Universities’ wireless Ethernet progress was reviewed prior to the development of the wireless LAN initiative at ASU. This included their pilot projects, hardware selection, policies, issues, and recommendations:
·
University of Arizona
·
University of California at Berkeley
·
Carnegie Mellon University
·
Drexel University
·
Duke University
·
University of Maryland
·
University of Pittsburgh
·
Wake Forest
·
West Virginia University
The
following list identifies initial ASU wireless Ethernet pilots, including both
wireless Ethernet LAN extensions (for flexible, mobile laptop access) and
wireless Ethernet Bridge (point-to-point) applications.
Ethernet Bridges provide 10 Mbps connectivity to fringe campus buildings in
lieu of slower speed public carrier Leased Line and Frame Relay services.
· Wireless LAN - IEEE 802.11b Direct Sequence Spread Spectrum (DSSS) Pilot Locations (2001 Pilot)
·
Law Library
·
Student Services Building
·
Computing Commons
·
College of Business
o BAC/BA
Courtyard/patio
o BA 2nd floor
north for MBA
·
Memorial
Union
·
Wireless Bridge Network Extensions
o Tower Center
o Centerpoint
o Material
Services Building
Telecommunication Services
has designed and is in the process of implementing a campus-wide wireless Ethernet
service. This wireless Ethernet service
is being deployed by Telecommunication Services on the Tempe campus and at ASU
East. Wireless Ethernet service is also
being deployed at the ASU West campus in cooperation with ASU West Information
Technology. This wireless Ethernet
service is intended to allow campus users to access university computing
facilities and wide-area Internet locations from mobile or portable computers
on the ASU campuses.
The
successful, effective, and efficient implementation of a campus-wide wireless
Ethernet service requires central management of the radio “air space” and all
wireless Ethernet equipment. This
includes inventory management, capacity management,
performance management, problem resolution, network topology documentation and
technology upgrades.
Telecommunication Services actively monitors use of the airspace
for wireless devices that can interfere with the existing wireless network
performance, present additional security risks or reduce the ability to trace
unacceptable use incidents to the source.
Telecommunication Services will seek out these devices and resolve the
situation per the ASU Computer, Internet, and Electronic Communications Policy.
Telecommunication Services has always maintained that the wired Ethernet network infrastructure provides no security. Therefore, security measures must be provided for servers and workstations appropriate to the departmental requirements.
The wireless Ethernet network introduces many additional security vulnerabilities, not just to the wireless network itself, but also to the wired network to which it is connected. Telecommunication Services connects all wireless devices to Ethernet switch ports and provides a network path separate from the wired network. Although this does not provide any additional privacy to the wireless portion of the network, it helps isolate the wireless security problems from the wired network.
The current industry standard for addressing privacy on
wireless LANs is called Wireless Equivalent Privacy (WEP). There are known industry shortcomings with
this method. Therefore, future
Telecommunications Services plans are to provide a Virtual Private Network (VPN)
option for wireless users, which would allow data encryption between the user
client and a VPN concentrator. When
implemented, this option will improve the privacy level on the wireless
network.
As stated previously, the current wireless Ethernet standard uses the
FCC unlicensed 2.4GHz Industrial/Scientific/Medical (ISM) band. Wireless transmissions within that band
conform to the IEEE 802.11 DSSS (Direct Sequence Spread Spectrum) wireless LAN
specification. Certain other “wireless”
devices exist that also employ the same 2.4 GHz frequency band and can cause
interference to users of the wireless service.
These devices include, but are not limited to other IEEE 802.11 wireless LAN devices,
cordless telephones, wireless PC cameras, and wireless audio speakers. In order to assure an effective level of
service to the users of the wireless Ethernet system, use of all other 2.4 GHz
devices may need to be restricted in university-owned buildings and ASU campus
air space. In that the wireless
Ethernet network is an extension of the wired ASU Ethernet data network,
Telecommunication Services will approach the management of the 2.4 GHz radio
frequency the same way that it manages the wired ASU Ethernet data
network. In cases where a conflicting
device is being used for a specific teaching or research application,
Telecommunication Services will work with the responsible individuals to
determine whether there are circumstances under which use of the device may
still be accommodated without causing interference to the wireless Ethernet
users.
Like any new technology, wireless Ethernet networks appear
to solve some problems, but create other challenges. Providing appropriate coverage, providing maintenance, monitoring
and management, and addressing additional security concerns are challenges to
be addressed by network infrastructure designers.
Telecommunication
Services staff are fully trained and experienced in wireless Ethernet
technologies. Any department interested
in operationally deploying wireless Ethernet service should contact Data
Communications.
If
you think you have an existing system that may use 2.4 GHz or 5.4 GHz radios
for transmission, or you are planning to purchase wireless Ethernet equipment
and you are uncertain what frequency is used, it is important that you contact
Data Communications at 965-5911 or send email to DataComm-q@asu.edu.
Last updated 3
DEC 2001
Back to Communications Support Back to Data Communications