View
38
Download
0
Category
Tags:
Preview:
DESCRIPTION
The Next Generation Wireless. Yuri Kolomiyets Network Services Information Systems and Technology. Current Wireless Network. Complete indoor coverage of campus Hardware: Avaya Access Points (Fat) 802.11g everywhere with data rates up to 54Mbps Management: Airwave Management Platform - PowerPoint PPT Presentation
Citation preview
The Next Generation Wireless
Yuri KolomiyetsNetwork Services
Information Systems and Technology
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Current Wireless Network
Complete indoor coverage of campus Hardware: Avaya Access Points (Fat) 802.11g everywhere with data rates up to 54Mbps Management: Airwave Management Platform Authentication: Network Authentication Appliance
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Access Point management
Airwave Management Platform Allows to monitor, configure and manage access
points Has rogue detection capabilities Collects statistics Supports multiple vendors/platforms
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Access Point management
Problems with Airwave Not 100% support of all features Lots of false positives by Rogue Detection Poor distributed management capabilities
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Authentication Gateways
Network Authentication Appliances (aka. NAAs) Developed by Bruce Campbell <bruce@ist> Gateways (routers) for wireless subnets 3 in IST, 1 in ARTS, 2 in ENG, 1 in ARC Run on FreeBSD Control authentication, security and traffic shaping Also used for wired access where required
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Authentication Gateways
Custom functionality Captive portal authentication Client-only firewall rules TTTS (Toilet tank traffic shaping) MinUWet
developed by Erick Engelke <erick@engmail> Windows XP SP2 only Failed health check results in access restrictions
Printing capabilities (in ENG)
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Architecture Overview
Core NAA Constituency switch/router Access points Clients AP management vlans Client vlans trunked to NAA Routed links
Management Wireless
ProCurveSwitch 6200ylJ8992A
Power
Fault
StatusLED
ModeActFan
Test
RPS
Reset Clear
Mdl
Tmp
Usr
Mini-GBIC / SFP Ports - use only ProCurve-authorized devices
Auxiliary Port
Status of the Back Link Mode
Link Mode 22
21
24
23
20181614
19171513
121086
11975
42
31Link Mode
Link ModeConsole
Link Mode
Link Mode
ProCurve NetworkingHP Innovation
SiSi
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Problems with physical infrastructure After initial survey no way to determine gaps in
coverage No dynamic power/channel adjustment Poor load balancing No physical layer security (Open access)
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Problems with NAAs Need to be inline with client traffic
Currently can only be done with VLAN trunking Very complicated (messy) design
Not very scalable architecture No redundancy Inefficient use of IP address space No synchronization between NAAs No roaming Buggy
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Usage statistics
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Next generation
RFP 07-53 awarded to Aruba 3rd generation Architecture (Thin APs + controller) Complete overall solution from a single vendor
Except health check
Built-in firewall Application aware
Extensible
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
New Architecture
Aruba Wireless Controller Aruba APs No need for trunking Wireless traffic tunnelled
from AP to controller Wired traffic goes through
tunneller (wired AP) NAA is replaced with Aruba
WIRELESS NETWORKS
SLOT2
SLOT0Ar
uba
6000
FANSTATUS
O
I
O.T.P
DC OK
AC OK
61
PWR ACT
LINK
ProCurveSwitch 6200ylJ8992A
Power
Fault
StatusLED
ModeActFan
Test
RPS
Reset Clear
Mdl
Tmp
Usr
Mini-GBIC / SFP Ports - use only ProCurve-authorized devices
Auxiliary Port
Status of the Back Link Mode
Link Mode 22
21
24
23
20181614
19171513
121086
11975
42
31Link Mode
Link ModeConsole
Link Mode
Link Mode
ProCurve NetworkingHP Innovation
SiSi
ARUBA 2400
POWER
STATUS
WIRELESS NETWORKS
SERIAL
ACCESSPOINT
STATUS
18
19
17
16
22
23
21
20
ACT
ACCESSPOINT
STATUS
ACCESSPOINT
STATUS
0 2 4 6 8 10 12 14 16 18 20 22
1 3 5 7 9 11 13 15 17 19 21 23
10
11
9
8
14
15
13
12
2
3
1
0
6
7
5
4
LNK/ACT
POE LNK/ACT
POE LNK/ACT
POE 24 25
Link/ACTLink/
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Aruba is #UNO !!!1
More powerful access points Automatic channel/power adjustment
Effective high density deployment
Full roaming capabilities (L2 and L3) Rogue monitoring and mitigation Uniform use of IP space with Vlan Pooling NO BUGS !!!!
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Deployment
Deployed 10 APs in MC 645 to go 3 controllers in N+1 redundant mode Authentication will be moved to Aruba
Minimum change in appearance Routing will be moved to HP DHCP will move to NS1 and NS2 minUWet to be implemented by Erick TTTS to be implemented by Aruba or Erick
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Aruba Interface
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
Future
Complete coverage in residences Wired control for ResNet moving to Aruba Outdoor coverage 802.1x authentication Guest provisioning Remote APs
WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless
n Questions??
n Thank you.
Recommended