• United States
Editor in Chief

What to look for in WLAN switches

Nov 03, 20032 mins
Network Security

When you’re shopping for wireless LAN switches, look for systems that offer integrated radio frequency management, centralized configuration and the ability to pinpoint rogue access points.

So says the network vice president from a Boston financial institution and David Passmore, the research director of Burton Group. Both were featured speakers at a tutorial last week in Boston by WLAN switch vendor Airespace.

Passmore said the biggest value-add in these new WLAN switch systems is radio frequency management. When demand changes – say, when people flood into a conference room – or access points fail, these centrally controlled systems can adapt by balancing radio frequency levels and channels. First-generation systems, by comparison, are static.

The network vice president, who wanted to remain anonymous, seconded that opinion. “Our No. 1 area of problems is [radio frequency] management,” he said. “Sixty-five percent of all trouble tickets are [radio frequency] related. Interference, rogue access points, etc.”

This vice president has 225 first-generation wireless access points supporting more than 550 users and is evaluating next-generation options, including those from Airespace. Some of his current thinking:

802.11b‘s 11M bit/sec is inadequate for some apps. He is looking at 802.11a (54M bit/sec) and 802.11g (also 54M bit/sec, but backward-compatible with 802.11b). But he is concerned about interference with 802.11g from things such as Bluetooth, and doesn’t like that a single 802.11b client brings the whole cell down to 802.11b data rates. He’s leaning toward an 802.11a/b environment.

• He wants centralized management that provides a building view, inband radio frequency monitoring, and the ability to locate rogue access points.

• He is convinced that thin (some say dumb) access points are the way to go because they are less complex and will ease management, which is a vote of confidence for Airespace and Aruba Wireless Networks and flies in the face of the approach Cisco backs.

• His company puts its WLAN outside a firewall and uses an IP Security VPN and X.509 certificates to regulate access. He believes the Wi-Fi Protected Access solves the security problems in the Wired Equivalent Privacy standard and is not demanding support for the more stringent 802.11i security spec.

Interestingly, he says the demand for wireless is driving a larger issue: a shift away from fat clients. Of the 100 corporate applications today, 80 have fat clients. The company is evaluating a move to thin clients, which are wireless-friendly.