1 / 110

Welcome to Fluke Network’s Wireless Networking Workshop!

Welcome to Fluke Network’s Wireless Networking Workshop!. Who are you? Who is Fluke Networks? Why bother with this stuff at all ?. Your Presenter. Name: Dan Hernandez, Fluke Network Systems Engineer Office: 973.948.7386 Cell: 973.222.8151 Email: Dan.Hernandez@flukenetworks.com

fergus
Télécharger la présentation

Welcome to Fluke Network’s Wireless Networking Workshop!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to Fluke Network’s Wireless Networking Workshop!

  2. Who are you? Who is Fluke Networks? Why bother with this stuff at all ?

  3. Your Presenter • Name: Dan Hernandez, Fluke Network Systems Engineer • Office: 973.948.7386 • Cell: 973.222.8151 • Email: Dan.Hernandez@flukenetworks.com • Located in Hampton Twp, New Jersey

  4. Your Fluke Networks Account Manager • Name: Perry Romano (White Plains Workshop Contact) • Office: +1 203 452 8386 • Cell: 203 5201702 • Email: Perry.Romano@flukenetworks.com • Located in Trumbull, CT

  5. FTP Link to Download Presentation

  6. Survey and Prize Drawing • Fill out customer information survey • How did you find out about the workshop? • What were your expectations? • Help us improve our workshops! • Comments? • We’ll pick these up at the end for the drawing!

  7. Wireless Growth - Where are YOU headed? Wireless- The Standards 802 Standards, Terminology, Frequencies A look at 802.11a, b, g Wireless- The A, B, C’s Choose a PHY Layer Choose a Topology Choose a Security Method Wireless- Site Survey with InterpretAir Wireless- Troubleshooting with Etherscope Agenda

  8. Why Even Listen to us? Partnerships, products and best practices that lead to high-performance networks – and enterprises

  9. Installation Verification Wireless Life Cycle – All phases, all users Pre-Deployment and Expansion Planning Interpret Air Management / Optimization • OptiView and Wireless ES find rouges, test performance, and verify security configs. • InterpretAir can visualize rogues on floorplan Troubleshooting • OptiView and Wireless ES standard tools • InterpretAir has “spot check” feature

  10. Growing Excellence and Innovation 2005 - $261M In the last 12 years, Fluke Networks products have won more awards for excellence than any other company in the industry—launching key industry firsts and leading the way in every category we serve. 2000 - $178M Fluke Networks becomes a stand-alone company within the Danaher Corporation. 1998 - $109M Danaher Corporation, a $5 billion company with headquarters in Washington, D.C purchases Fluke Corporation. 1993 Fluke Networks was founded as a division of Fluke Corporation, the world’s leading name in industrial test and measurement solutions.

  11. Fluke Networks Today • Part of a $7B premiere global enterprise • Continuously profitable company since its inception • Over 500 associates worldwideEverett, WA: Worldwide Headquarters, Infrastructure Design CenterColorado Springs: Enterprise Networks Design CenterSales Offices & Associates: Worldwide

  12. Wireless- Growth “Where are YOU headed?”

  13. Market Trends / Dynamics - Number of Units UP 20% in Q1 O5’ –infonetics) - Equipment Spending UP 31.8 percent in 2004 to $4.35 billion. - Equipment Spending Expected to total $7 billion in 2008! (12.6% Compound Annual Increase!)

  14. Market Trends / Dynamics (contd) • Wireless adoption will continue to be strong • The number of hot spots in the United States is expected to increase from 32,800 in 2005 to 64,200 in 2008, growing at a 25.5% CAGR.  (TIA, May 2005)

  15. Share some issues you have had? • Site Survey & Expansion • Did you do it? Did you contract it out? • Problems? • Install & troubleshoot • What tools do you use? (Laptop-NIC card?) • Problems? • Security Audit & Management • How do you locate Rogue Devices and AD-Hoc networks? • Optimization • Have you done this? • Do you need to? • What tools will you use?

  16. Wireless “The Standards”

  17. Wireless Standards (or 802.X Hell) Welcome back to the IEEE 802 Standard for LAN Technologies: • 802.3/ 802.5 defines the MAC/PHY layer for Ethernet and TR LANS • 802.1 defines Management (e.g. 802.1d, 802.1Q, 802.1X**) • 802.2 defines LLC • 802.11defines the MAC/PHY for Wireless! • 802.11a/b/g define PHY Layer standards for wireless transmission • 802.11i defines robust WLAN security protocols (TKIP, CCMP, AES)

  18. Architecture: 802 Family Tree

  19. Wireless A-B-CA-Pick a PHY LayerB- Pick a TopologyC- Choose Security

  20. Wireless- PHY Basics Four PHY Layers Defined for WLAN Transmission • FHSS ( Frequency Hopping Spread Spectrum) • DSSS & HRDSS ((High-Rate)) Direct Sequence Spread Spectrum) • OFDM (Orthogonal Frequency Division Multiplexing) • PBCC (Packet Binary Convolution Coding)

  21. Wireless- PHY Basics (contd) PHY Layer Divided into Two Sub-Components • PLCP (Physical Layer Convergence Procedure) - Maps MAC Frames onto the Medium • PMD (Physical Medium Dependent) - Transmits the Frames

  22. UHF ISM S-Band S-Band ISM C-Band C-Band satellite downlink C-Band Radar (weather) C-Band ISM C-Band satellite uplink X-Band X-Band Radar (police/weather) Ku-Band Ku-Band Radar (police) PHY Details: ISM Frequencies 902.928 MHz 2-4GHz 2.4-2.5 GHz 4-8 GHz 3.7-4.2 GHz 5.25-5.925 GHz 5.725-5.875 GHz 5.925-6.425 GHz 8-12 GHz 8.5-10.55 GHz 12-18 GHz 13.4-14 GHz

  23. PHY Details: 802.11, b, a and g

  24. 802.11b • Uses 2.4GHz band • Industrial, Scientific, Medical (ISM) band • Shared with microwave ovens and 2.4GHz cordless telephones • 14 channels (11 in U.S.) • 3 non-overlapping channels • Channels 1, 6, and 11 • Maximum speed is 11Mbps • 1, 2, 5.5, and 11 Mbps speeds

  25. 802.11g • Uses same 2.4GHz band as 802.11b • Industrial, Scientific, Medical (ISM) band • Shared with microwave ovens and 2.4GHz cordless telephones • 14 channels (11 in U.S.) • 3 non-overlapping channels • Channels 1, 6, and 11 • Maximum speed is 54Mbps (raw) • 1, 2, 5.5, and 11 Mbps speeds (802.11b) • 6, 9, 12, 18, 24 Mbps speeds (required) • 36, 48, and 54 Mbps speeds (optional)

  26. 802.11a • Uses 5GHz band • Unlicensed National Information Infrastructure (U-NII) band • 12 channels • NO overlapping channels • Maximum speed is 54Mbps • 6, 12, and 24Mbps (mandatory) • 9, 18, 36, and 54Mbps (optional)

  27. 802.11a

  28. Range vs Rate Typical Indoor Application Benefit comparison: 802.11a • Fewer sources of interference • Easily scalable • Maximum cell overlap 802.11g • Greater range • Backwards compatibility with 802.11b

  29. 802.11a/b/g Coverage Example

  30. Trends • 802.11g is by far the leading WLAN technology in enterprise (new install), followed by 802.11b (largest installed base) • Both are 2.4GHz. • 802.11a is still around, but growth is slow. • 802.11n in development for 100Mb/s speeds • 300 Mb/s and 600 Mb/s also in the queue

  31. Wireless A-B-CA-Pick a PHY LayerB- Pick a TopologyC- Choose Security

  32. Wireless- Choose a Topology • Basic Service Set (BSS) - A group of stations communicating with each other • Independent Basic Service Set (IBSS) - BSS communicating in Ad-Hoc Mode • Infrastructure Basic Service Set (Infrastructure BSS) - BSS communicating in Infrastructure (AP) Mode • Extended Service Set (ESS) - BSS’s connected together through a backbone network

  33. Wireless- Choose a Topology • BSSID (Basic Service Set Identifier) - Usually the MAC address of the AP hosting the BSS clients - Used by all BSS Stations in the Frame Header • SSID (Service Set Identifier) - Name given to all AP’s in an ESS - Transmitted in non-encrypted management frames

  34. Wireless- Choose a Topology • Beacons - Announce the existence of a network and it’s parameters - Define the basic service area for a BSS • Probe Requests - Used by stations to scan an area for existing 802.11 networks - Include the SSID and rates supported by the station • Probe Responses - Sent in response to Probe Requests by the AP or assigned Ad-Hoc Station - Contain all information found in the Beacon Frame

  35. Wireless- Choose a Topology • 802.11 Authentication (Two-Step) - The process of a station identifying itself before being allowed to transmit frames • Association (Two-Step) - The process of a station “registering” with a chosen AP AFTER 802.11 authentication. The AP registers the station on the network. Association is the equivalent of “plugging in” to a wired network.

  36. Handoff / Roaming Delay

  37. Wireless LAN Topology Basic Service Set(BSS) Ad-hoc Mode (IBSS) Infrastructure Mode (Infrastructure BSS) BSSID

  38. Wireless LAN Topology Extended Service Set (ESS)Shared SSID ------------ Different BSSID’s SSID “Students/Teachers” BSSID #1 SSID “Teachers” BSSID #2 Distribution System

  39. Wireless LAN Topology Bridge Mode (Internal and Outdoor) Distribution System

  40. 802.11 State Transitions (The Minimum) State 1 Unauthenticatedand unassociated Can send only Control, Probe, Beacon and Authentication frames Can now send Association frames Can now send all frames, including Data State 2 Authenticatedand unassociated State 3 Authenticatedand associated

  41. Identify Your Coverage Locations • Keep the antenna away from metal obstructions such as heating and air-conditioning ducts, large ceiling trusses, building superstructures, and major power cabling runs. If necessary, use a rigid conduit to lower the antenna away from these obstructions. • The density of the materials used in a building's construction determines the number of walls the signal must pass through and still maintain adequate coverage. Consider the following before choosing the location to install your antenna: • Paper and vinyl walls have very little affect on signal penetration. • Solid and pre-cast concrete walls limit signal penetration to one or two walls without degrading coverage. • Concrete and wood block walls limit signal penetration to three or four walls. • A signal can penetrate five or six walls constructed of drywall or wood. • A thick metal wall causes signals to reflect off, causing poor penetration. • A chain link fence or wire mesh spaced between 1 and 1 1/2 in. (2.5 and 3.8 cm) acts as a harmonic reflector that blocks a 2.4 Ghz radio signal. • Install the antenna away from microwave ovens and 2-GHz cordless phones. These products can cause signal interference because they operate in the same frequency range as the device to which your antenna is connected. • Install the antenna horizontally to maximize signal propagation.

  42. Choose Your Antenna • This choice will be limited to application • Indoor vs outdoor • Point to Point vs multipoint • Omnidirectional • Directional • Yagi • Panel • Sectoral • Parabolic Grid • Remember that the Higher the Gain (dbi), doesn’t increase the range

  43. Wireless A-B-CA-Pick a PHY LayerB- Pick a TopologyC- Choose Security

  44. WLAN Security Q&A Key Questions: • How can I protect against war drivers? • Are there rogue devices in my network? • How does wireless relate to my other security solutions? Challenges: • The rogue user (war drivers) Challenge (Geek, thief, or both?) • The User Policy Challenge • The Authentication + Encryption Challenge Result: • Secured wireless network

  45. Let me introduce you to “The War Driver”

  46. “The War Driver” Tools of the trade!

  47. “The War Driver” Their goal “to map out the wireless world for all to use!”

  48. The User Policy Challenge Challenge:How do I ensure users aren’t bringing in rogue equipment from home? Fact 1: You have wireless, whether you know it or not... • Home APs cost <$50 and are widely available • Home equipment may not respond to SNMP queries • All home equipment is a security hole out of the box Design Approaches: • Outlaw private wireless LAN equipment • Enforce the policy with periodic walkthroughs

  49. The Authentication + Challenge Challenges: My authentication methods are top-notch so I’m safe, right? My WLAN data is encrypted so I’m safe, right?

  50. WLAN Security = Authentication + Encryption Early Security “Solutions” • Don’t Send Beacons? • Don’t Broadcast my SSID? • Filter MAC addresses? • How about a VPN?

More Related