• United States

University migrates to thin-AP architecture

Aug 18, 20032 mins
Cellular NetworksNetwork SecurityWi-Fi

* The thin-vs.-fat WLAN game is officially afoot

Universities are magnets for wireless LANs, because highly mobile students, faculty and staff use their laptop connections for Internet access, teaching aids, research and access to Web-enabled intranet applications.

Universities also are especially management-challenged, because they don’t usually mandate what vendors’ client computers, operating systems and wireless network interface cards students use. So industry standards and multivendor management products are extremely important to these organizations.

Consider, for example, Johnson & Wales University (JWU), which has five campuses throughout the U.S. The institution recently began using automated RF tools from WLAN start-up Aruba Wireless Networks to manage its existing Enterasys “fat” AP WLAN infrastructure on three campuses. And it is now installing an all-Aruba WLAN infrastructure on a new, fourth, campus in Denver.

Joshua Wright, senior network and security architect at the 16,000-student university, explains that JWU already has about 250 Enterasys 802.11b intelligent APs installed in campuses in Providence, R.I., Charleston, S.C., and North Miami, Fla.

“We recently found ourselves running into flexibility limitations,” Wright explains. “We often have to revisit the network [topology] as the environment changes when new buildings, walls, file cabinets and so forth are added. But we don’t have the on-staff skills to perform regular site surveys and manage a large network.”

Enterasys has its own management tools, Wright notes, but they require him to interrogate each AP individually. “So with 250 APs, a considerable amount of work goes undone,” he explains.

By contrast, says Wright, the Aruba configuration entails a centralized management appliance, or “wireless switch,” that plugs into 802.1af-compliant power-over-Ethernet wiring closet switches on the wired side of the network and Aruba 50 radios, which can function as APs or air-monitoring probes, on the wireless side. The infrastructure passively monitors the air space for rogue APs and intrusions and gathers traffic statistics for usage reporting.

“You can monitor one channel at a time or tell [the Aruba 50] to channel-hop; it hops very quickly, at a couple hundred hops a second. For example, we use one to monitor the channel we’ve chosen for a WLAN subnet, then a second set of monitors to watch other channels to check for intruders,” Wright says.