Lightweight Access Point Protocol's goal is to provide consistent behavior across WLAN devices, ensure multi-vendor WLAN interoperability, protect WLAN hardware investments and create a foundation for delivering advanced WLAN functionality in enterprise environments.
Centralized security and management of wireless LANs is a rapidly growing trend in which a WLAN device such as a switch, appliance, or router is used to create and enforce policies across many streamlined, or lightweight, radio access points.
As is the case with any network technology, standardization is key to widespread adoption. More specifically, a standardized protocol is required that governs how WLAN system devices communicate with lightweight access points to ensure interoperability and to avoid having to buy from only one vendor.
This is the role of the Lightweight Access Point Protocol (LWAPP), a draft standard the Internet Engineering Task Force is considering as part of the Control and Provisioning of Wireless Access Points (CAPWAP), which is in the preliminary stages of becoming an IETF working group.
Traditional WLANs function on a stand-alone basis. As such, they are based on a device known as a fat access point, which contains all wireless processing capabilities. This traditional architecture doesn't let different vendors' equipment interoperate. The new, hierarchical WLAN architecture departs from this model.
LWAPP's goal is to provide consistent behavior across WLAN devices, ensure multi-vendor WLAN interoperability, protect WLAN hardware investments and create a foundation for delivering advanced WLAN functionality in enterprise environments. LWAPP helps companies simplify WLAN deployment and management, and build large-scale wireless networks.
An LWAPP-managed network consists of multiple access points connected via Layer 2 (Ethernet) or Layer 3 (IP) to an access controller. Access controllers typically are WLAN appliances or WLAN switches. With LWAPP, access points are essentially remote radio frequency interfaces that no longer house all the mandatory wireless processing capabilities and are controlled by the access controller.
LWAPP governs how access points and access controllers communicate with each other by defining the following activities:
Access point device discovery and authentication - When an access point is plugged into a wireless network, it uses LWAPP to discover available access controllers. After the access point is certified as a valid network device, it associates with the best available WLAN switch/appliance.
Access point information exchange, configuration and software control - The access point is updated with the most recent software load and configured with appropriate WLAN system information, such as Service Set Identifiers, channel assignments and security parameters.
Communications control and management between access point and wireless system devices - LWAPP handles packet encapsulation, fragmentation and formatting of data being transferred between access points and access controllers.
LWAPP has several practical benefits for enterprise environments. By reducing the amount of processing within an access point, the LWAPP specification lets the limited computing resources on the access point focus on wireless access, rather than filtering and policy enforcement. The protocol centralizes traffic handling, authentication, encryption and policy enforcement (quality of service and security) capabilities within the access controller, improving the effectiveness of WLAN management.
LWAPP also improves WLAN security because it provides a generic and secure encapsulation and transport mechanism for multi-vendor access-point interoperability, either by means of a Layer 2 infrastructure or an IP-routed network.
Finally, LWAPP lets network administrators use an array of interoperable access points and wireless system devices from multiple vendors. As a result, they can make purchasing decisions based on the functionalities of individual access points and access controllers rather than simply buying gear from the same product line as a matter of necessity. This is also expected to drive down access point pricing.
LWAPP is expected to move to a working group within the IETF in the first half of next year. Standardization is projected to take approximately 18 to 24 months, but early vendor implementations exist today.
Aaron is senior manager of product marketing at Airespace. Calhoun is CTO of Airespace and one of the co-authors of the LWAPP protocol. They can be reached at jaaron@airespace.com and pcalhoun@airespace.com, respectively.