Ultimate Guide To
Ultimate Guide To
Ultimate Guide To
Secure, Stable, Speedy Wireless Enterprise Networks
Your WLAN is a workhorse and the centerpiece of your IT infrastructure. It provides wireless connectivity to hundreds, if not thousands, of internal and external users, twenty-four hours a day, seven days a week. It's a big, complicated, expensive job to keep your WLAN secure, stable and speedy at all times.
In this Ultimate Guide To Your Enterprise WLAN you'll get insights to help you deliver a premium user experience for everyone on your network.
Table of Contents
What Are WLANs?
WLAN stands for Wireless Local Area Network. WLANs provide wireless network communication over short distances using radio or infrared signals instead of traditional network cabling. They're built using Wi-Fi or Bluetooth technologies and they can support a number of wireless devices including:
Laptops and tablets
Internet audio systems
Five Main Components of a WLAN Network Design
End DevicesDevices can be anything that connects to the network: a laptop, tablet, mobile phone, or peripheral device such as a printer.
Access Points (APs)Access Points or APs, function as the main radio transmitter for your WLAN. They translate network traffic into radio signals and transmit that signal to wireless enabled computers. Rolled in with APs are repeaters and antennae. Repeaters are used to extend the coverage area of your WiFi network. They receive the existing Wi-Fi signal and amplify and transmit the boosted signal. Antennae pick up incoming signals and radiate outgoing signals across the network.
EnvironmentYour environment is the physical place where the network is including buildings, and their physical make up (windows, walls, building materials, etc.).
Supporting InfrastructureYour supporting infrastructure includes cabling, firewall switches, computers --everything in your data closet.
PeopleBy people we mean your guests, your customers and your employees --any human on your network.
Who Needs a WLAN?
Every modern business needs a robust wireless network. Wi-fi for all is no longer a luxury, but an expectation. And lightning fast Wi-Fi, such as Wi-Fi 6? That's becoming an expectation too.
The modern workplace has been transformed by all this speed, connectivity and collaboration. Having a robust network will provide your business with:
- Greater workforce flexibility & more remote work options
- Higher worker productivity and satisfaction
- Improved customer experiences
- Scalability as your business grows
Growing Demand For Wireless Networks
A key driver for WLAN market growth is the rise in global internet traffic. Network admins will need to continually upgrade their WLANs to support an ever-increasing volume of data across a multitude of devices.
As enterprises everywhere continue their digital transformations and the demand for access to technology soars, the WLAN market will continue to see steady growth. Many industries, such as hospitality, manufacturing and retail are expected to help fuel that growth in the coming years. Supply chain optimization and other IoT-related initiatives are also driving up the need for robust, secure networks.
2019 First Quarter Growth by Region
Middle East & Africa
& Eastern Europe
Factors Influencing Wireless Enterprise Networks
The Expectation of Fast Wi-Fi
As we mentioned above, Wi-Fi is not a luxury, it's a necessity. Today's networks are being designed (or re-designed) around supporting optimum Wi-Fi performance. There is also an expectation of your customers/clients/visitors for a guest network.
This means that things like wireless site surveys and heat-mapping are a necessity at the front end, and even after deployment to confirm coverage.
Since speed and stability are also an expectation, upgrading to Wi-Fi 6, will be a given. It has a multitude of advantages over the previous generation --including better connectivity and speed across enterprise-level networks.
The Way We Work
Every day wireless networks are being used to support hundreds of users and devices --everything from video conferencing equipment to IoT devices like printers and scanners. Supporting all these devices, and keeping them safe has a massive influence on network configuration and monitoring.
BYOD, IoT, and Vulnerabilities
Modern networks face a host of threats, the latest of which includes hacking into IoT devices as a means to probe deeper into your network.
Also threatening network security is our BYOD culture. BYOD, or Bring Your Own Device, for better or worse, is pretty much standard at most companies. As more and more at-home devices worm their way onto the enterprise network, we're seeing a trend toward tightening security and drafting BYOD policies.
Modern WLAN Architecture
Today's wireless networks are more complicated than anyone could have imagined and they require IT teams with a "very particular set of skills" to design, deploy, protect and manage them. That's why companies that attempt to DYI their networks are asking for trouble.
Add to that the rising tide of security threats, emerging technologies and our BYOD culture and your IT team is now strapped for time and resources to keep it all running. Some of them may have wandered off to curl up in a fetal position in your old server room. But for those that stand ready to serve and protect their WLANs, there's a lot to consider.
Controller-Based vs. Cloud-Based Networks
The modern WLAN we know today evolved from an ancient (late 1990s) WLAN architecture that had APs as independently configured bridges providing access to the Ethernet network. This configuration of independent APs was a security and management nightmare for network engineers at the time.
There are many options available today when designing a wireless network. One of the most important things to consider, and typically the first decision, is whether to use a Cloud-Based Solution or an On-Premise/Controller-Based Solution. It’s important to understand where each makes the most sense and there are many use cases for either deployment method.
Cloud-Based Wireless Network
Cloud-based solutions bring benefits such as increased and simpler scalability, ease of deployment with multi-location businesses and businesses with remote staff. They also limit the need for a large in-house IT team that needs to spend their time managing your wireless network. A cloud-based solution eliminates the requirement of maintaining the controller of your network because the software is the responsibility of the supplier. This eliminates the need for your team to have to handle software patches and updates. You also won’t have to worry about upgrading your wireless network hardware when your device count increases because everything is cloud-based. And unlike an on-premise solution, your cloud-based solution will not be limited in the amount of access points it can support.
Lastly, deploying services to multiple buildings/states/regions is much simpler with a cloud-based solution as all of your network configuration lives in the cloud and typically is very easily replicated to additional devices and/or networks. These devices are plug-n-play!
Controller-Based Wireless Network
The biggest advantages you will see with an on-premise wireless controller is increased control and customization. A controller-based solution is preferred when you are not able to rely 100% on your Internet. Because cloud-based solutions require that the Internet be connected for the devices to communicate with their controller, internet reliability is a huge factor. Controller-based solutions are also preferable for most large Enterprise networks, as these will typically have more policies in place, require in-depth control of the entire network, and the hardware available for controller-based solutions still has more variety/options. Be sure to keep in mind that with a controller-based solution, you will need a properly scaled IT team as the management of these networks will take more time, skill, knowledge, and effort.
There is a third option, which is becoming more common, which is a hybrid of both.
Wireless Network Design Best Practices
1. Predictive Planning
This starts with looking at your physical environment. You'll need your building's blueprint and dimensions as well as information on building materials. Then you'll plot out your APs using software that mimics the pattern the Wi-Fi creates and simulates what the coverage areas.
Now it's time to engineer the WLAN including the configuration and deployment phases. Your IT team and their vendor/partners will run cable, put up APs, and set up hardware/software as needed.
You'll need to configure your network to meet the needs of everyone including guests, visitors, customers, and employees. IT teams will likely create a guest network and an internal network and grant physical access and construct it based on individual needs. They'll create SSIDs and passwords while keeping an eye on technological infrastructure points that may be vulnerable to threats.
4. Performance Assessment and Validation
Before you wrap up your deployment, you'll need to perform tests to validate including doing a dry run make sure everything is running. Finally, your team will need to perform ongoing monitoring and system management to keep your network secure and troubleshoot any performance issues.
Most modern network infrastructure is designed to be upgraded. When you're designing your enterprise WLAN you'll need to look ahead and think about necessary upgrades for hardware and software in the future, and make sure that the network you design today, can be easily upgraded for tomorrow.
Maintaining Your Wireless Enterprise Network
Managing the human element is one of the most challenging and dynamic aspects of keeping your WLAN stable and secure.
In a live network environment, this has to be a very hands-on approach. Network engineers need to make sure that they read system data, and respond accordingly. They need to set different levels of access for the various types of users, while still making sure that everyone gets what they need from the network.
Understanding Wi-Fi Network Performance
Once your network has been deployed, you will need to conduct constant monitoring to understand your performance. This includes signal coverage, device locations, and device connections.
Upgrades and Scaling
As your business grows, so too, should your network. Your performance monitoring should give you insights into the necessary upgrades you'll need to maintain and ultimately scale your network.
Security captures the imagination (and stirs up the worst fears) of network engineers more than any other topic orbiting the wireless network. And with good reason: a data breach could cost a company millions of dollars to mitigate, lost customers for life and ultimately, their reputation. And that responsibility falls solely on the IT department.
One of the challenges faced by IT professionals is the sheer volume of threats out there. While security protocols have evolved to combat these threats, no network is bulletproof.
Common threats and vulnerabilities to WLAN security include:
- Malicious Software
- Insecure Or Unmonitored Devices
- Spoofing, Rogue Servers, and Imposters
- Brute-forcing Passwords
- Dictionary attacks
You can, however, follow WLAN security best practices including:
- Stronger Passwords
- Updating Your Security
- Better Key Management
- Shutting Down APs Overnight
- Conducting Wireless Site Surveys
Welcome To WPA3
One of the best ways to protect your network is updating your security protocol. WPA3 is the latest Wi-Fi security protocol which provides improvements to the general Wi-Fi encryption. It does this by way of Simultaneous Authentication of Equals (SAE) replacing the Pre-Shared Key (PSK) authentication method used in prior WPA versions.
WPA3 Authenticates encryption Key derivation and confirms Key establishment and authentication with 192-bit security mode. WPA3-Enterprise establishes that the right combination of cryptographic tools are used and sets a consistent baseline of security within a WPA3 network.
Mistakes That Compromise Enterprise Networks
Most mistakes that eventually cause problems on your WLAN fall into two categories: design and security.
Three Network Design & Coverage Mistakes:
1. Designing for coverage only
When you design for coverage only you overlook a critical component: capacity. Your network has to support hundreds of users and their many devices. Think about the density on your network on design a solution that supports your volume.
2. Using the wrong antennae
Oh, antennae. You're often the least-understood component of a WLAN, and many times the biggest offender when it comes to negatively impacting the end-user experience. Antennae placement is a critical factor. WAPs (Wireless Access points) generally utilize either a Directional antenna, or an Omnidirectional (Omni) antenna. It's important to understand the physical layout of your network and anything within the network that could cause interference and affect connectivity. Knowing your central AP location, as well as the location of clients and interference points will help you to determine which type of antennae to choose. Conducting site surveys will help determine strength signals and interference levels at all of your APs before choosing or setting up equipment.
3. Poorly positioned APs or Not Enough of Them
Pretty basic, but having APs poorly positioned or not having enough APs to support good coverage is an often-made mistake. There are several inside-the-building variables that can interfere with Wi-Fi signals such as building materials (like sheet rock) or heavy office furniture (like those archaic file cabinets - honestly why do you still have them?). And there are outside factors, such as your neighbor's network signals, that can interfere as well.
Three Network Security Mistakes:
1. Poor password hygiene
As it is often said, passwords are like underwear. Change them often, don't share them and keep them private. Make sure that the factory-setting passwords that came with your printers and other peripherals have been changed.
2. Not having a BYOD policy
If you allow BYOD in the workplace then you need a BYOD policy to regulate them. A BYOD policy, clearly documented and communicated to all, will help set expectations and help you manage the many devices creepin' on your network.
3. Weak Authentication
Authenticate your network connections on a user-by-user basis. Having weak authentication protocols leaves you vulnerable to security breaches.
Never Stop Planning Your WLAN
Lastly, never stop planning your WLAN, think of it as a marathon-not-sprint-kind-of-thing. Because Wi-Fi technology is fluid, dynamic and constantly evolving with new technologies, applications, security protocols and threats, you need to work closely with an IT solutions partner to stay current.
If you need help designing, building, deploying or maintaining your enterprise network, contact us.