BV Fluke Networks N E T W O R K S U P E RV I S I O N Slide 2 BV
l Focus on Value, Quality, and Reliability Drawing on 50 year Fluke
heritage of most reliable tools available l Innovation Firsts in
most categories entered Full line-rate Gigabit Analysis Handheld
Network Analyzer Out of the Box Network Mgmt Handheld Fast Ethernet
Analyzer 1993199519961999 Digital Cable Tester Digital Cat 6 Cable
Tester 19982000 How We Got Here! (A Brief History) Integrated
Network Analyzer 20002002 WorkGroup Analyzer Portable &
Distributed Protocol Analysis 20022003 Handheld Wireless Analyzer
WAN OC3 / 12 Analyzer PC Support/ Help Desk Test Tool Slide 3 BV
Fluke Networks Today l Annual Sales Over $150M l Over 500 Employees
Worldwide Direct Sales, Support, and Service in 22 Countries l 47%
of Sales Outside the US l 91 of the Fortune 100 use our Solutions l
Over 100,000 Network Testers Shipped To Date Slide 4 BV Fluke
Networks Products Handheld Network Testers Turn your staff into
powerful problem solvers Network Analysis Portable and Distributed
Solutions for Optimization and Troubleshooting Cable and Fiber
Testing Verification and Trouble- shooting of Cable Plant Slide 5
BV N E T W O R K S U P E RV I S I O N Wireless Technology Slide 6
BV 802.11 PHY Details Slide 7 BV PHY Details: ISM (Industrial,
Scientific and Medical) Frequencies UHF ISM S-Band S-Band ISM
C-Band C-Band satellite downlink C-Band Radar (weather) C-Band ISM
C-Band satellite uplink X-Band X-Band Radar (police/weather)
Ku-Band Ku-Band Radar (police) 902.928 MHz 2-4GHz 2.4-2.5 GHz 4-8
GHz 3.7-4.2 GHz 5.25-5.925 GHz 5.725-5.875 GHz 5.925-6.425 GHz 8-12
GHz 8.5-10.55 GHz 12-18 GHz 13.4-14 GHz Slide 8 BV PHY Details:
Regional Channels for 11b Slide 9 BV PHY Details: 802.11, b, a and
g 802.11802.11b802.11b+802.11a802.11g Modulation Technique FHSS
DSSS HR/DSSSPBCCOFDM Operating Frequencies 2.4GHz 5GHz2.4GHz
Maximum Throughput 1Mbps 2 Mbps 11Mbps22Mbps54Mbps22Mbps to 54Mbps
Ratified StandardYes 1997 Yes 1999 NoYes 1999 Not Yet? 2003 Slide
10 BV 802.11 MAC Details 4 address fields: sender destination
sender AP destination AP Meaning is determined by To/From DS bits
Slide 11 BV 802.11 MAC Details Protocol includes layer 2
fragmentation used to avoid noise on 60 Hz cycles useful for
microwave ovens, lights makes the protocol robust in noisy
environments sign that noise is present Slide 12 BV 802.11 MAC
Details Protocol includes a retry bit set by client or AP if FCS
fails used by our tools to detect errors caused by noise another
sign that non-802.11 2.4Ghz noise is present Slide 13 BV 802.11 MAC
Details Protocol includes several status bits power management mode
supported long data packets mode supported WEP security mode
supported forced packet ordering supported, for VoIP applications
Slide 14 BV 802.11 MAC Details Management Frame Types Implements
state machine Used for roaming Slide 15 BV 802.11 MAC Details
Control Frames Used to implement CSMA/CA flow control Carrier Sense
Multiple Access with Collision Avoidance Used to implement power
management Slide 16 BV 802.11 MAC Details Data Frames Used to send
data Used to implement contention-free mode token passing medium
access control Contention-free mode is rarely deployed in practice
Slide 17 BV Architecture: 3 Choices Ad-hoc Slide 18 BV
Architecture: 3 Choices Infrastructure Slide 19 BV Architecture: 3
Choices Bridge Slide 20 BV Architecture: 3 Choices
Ad-hocInfrastructureBridge Slide 21 BV The Hidden Node Problem
Answer: Access Point(AP) must give clear to send commands Problem:
Client 1 cant hear Client 2 and avoid collisions Slide 22 BV 802.11
State Transitions Can send: Control, Probe, Beacon and
Authentication frames Association frames Data frames Slide 23 BV
Roaming: The Basics Step 1: Client probes AP 1 and AP 2 80% 30%
Slide 24 BV Roaming: The Basics Step 2: Authenticate and Associate
with the AP with the strongest signal Authenticate Associate Slide
25 BV Roaming: The Basics Step 3: When signal strength for AP2 gets
stronger, send re-associate to AP2 40%60% Re-associate Slide 26 BV
Roaming: The Basics Step 4: Using IAPP (Inter Access Point
Protocol) over the wired interface, AP2 asks AP1 if it should
authenticate the client Authenticate? Slide 27 BV Roaming: The
Basics Step 5: AP1 responds with authenticate and forwards traffic
for the client Authenticate! Slide 28 BV Roaming: The Basics Step
5: AP1 responds with re-associate and forwards traffic for the
client Re-associate Slide 29 BV Roaming: The Basics Step 6: Client
Disassociates from AP1 Disassociate Slide 30 BV Wireless Tool Must
Haves Wireless Tool Feature Requirements: 1.Automatic discovery and
Site Survey 2.Equipment, Spectrum and Network views which allow
different problem solving approaches 3.Quick and convenient drill
down diagnostics 4.Active troubleshooting tools to find
load-related issues 5.Packet Capture and Decode as a last resort,
with filters preconfigured based on troubleshooting context Slide
31 BV N E T W O R K S U P E RV I S I O N Hands On: Wireless
SuperVision Slide 32 BV Wireless Security Key Questions: Are there
rogues in my network? How can I protect against war drivers? How
does wireless relate to my other security solutions? Challenges:
The Policy Challenge The WEP (Wired Equivalent Privacy) Challenge
Result: Secure network Slide 33 BV The Policy Challenge Slide 34 BV
The Policy Challenge Challenge: How do I ensure users arent
bringing in rogue equipment from home? Design Approaches: l Outlaw
private wireless LAN equipment l Enforce the policy with periodic
walkthroughs l Bring the hurt down on someone to set the message
Slide 35 BV The WEP Challenge Challenge: Can I count on WEP as my
security solution? Design Approaches: l Several Short-term
solutions l A couple of emerging long-term solutions Slide 36 BV
Short-term Solution: No AP Beacons Good: l Easy to implement l
Stops casual connectors Bad: l 802.11b packets very easy to sniff
with free software (and our tools) l Clients may not see AP Overall
l Dont stop there! Slide 37 BV Short Term Solution: MAC Filtering
Good l Easy to implement l Stops causal connectors Bad l MAC
addresses very easy to sniff and spoof with free software (and our
tools) l Administrative headache! Overall l Dont stop there! Slide
38 BV Short-term Solution: VPN over Wireless Good: l Often already
deployed l Provides authentication and security l Protects
mission-critical servers Bad: l Doesnt stop users from using
network resources Overall: l Good stopgap solution Slide 39 BV
Long-term Replacement: 802.1x l Based on the Extensible
Authentication Protocol (EAP) l Uses a RADIUS server to provide
port based access control and mutual authentication as well as
accounting services(AAA) Uses digital certificates Does not specify
authentication mechanisms l Major Authentication Methods: MD5,TLS,
TTLS, LEAP, Kerberos Slide 40 BV Long-term Replacement: 802.11i l
Firmware fix to WEP (a.k.a. WEP 2 or WPA) Unique key per host
Rotating keys (TKIP- temporal key integrity protocol) l AES -
Advanced Encryption Standard Will require hardware upgrade for
existing APs Very strong encryption FIPS (Federal Information
Processing Standard) 197 Slide 41 BV Overall Strategy: Extend and
Simplify l Goal 1: Extend Existing Systems Dial-up, VPN, or
Firewall solutions already deployed l Goal 2: Old Tech in a New Way
Try to use known technologies instead of deploying another system l
Goal 3: Simplify Clients Minimize complexity on the client side New
servers are easier than new clients Slide 42 BV Wireless Tool Must
Haves Key Rogue Detection Feature Requirements: 1. Must be able to
detect non-beaconing devices 2. Must be able to detect and locate
3. Must be able to differentiate rogue from deployed 4. Must scan
all channels, not just US channels Slide 43 BV N E T W O R K S U P
E RV I S I O N Hands On: Rogue Detection & Location Slide 44 BV
Design and Deployment Key Questions: What is this going to cost? Do
I have wireless interference? How is it going to integrate into my
wired network? How will I certify my wireless deployment?
Challenges: The Wiring Challenge The Coverage Challenge The IAPP
Challenge Wireless Certification Result: Wireless LAN ready for
clients Slide 45 BV How do I do a physical plan design? Obtain or
design a Map of Coverage Area Slide 46 BV How do I do a physical
plan design? Look for radio wave obstacles Slide 47 BV How do I do
a physical plan design? Identify good potential AP locations Access
Points Slide 48 BV How do I do a physical plan design? Look for
likely for connection areas Slide 49 BV How do I do a physical plan
design? Eliminate APs that didnt cover the area Slide 50 BV How do
I do a network plan design? Find or make a wired cabling map.
Infrastructure Cabling Slide 51 BV How do I do a network plan
design? Plan new AP Cabling. Calculate costs. Infrastructure
Cabling Slide 52 BV How do I do a walkthrough? Identify spots in
coverage area away from APs. Checkpoints Slide 53 BV How do I do a
Rogue walkthrough? Locate & Eliminate Rogues. Map Neighbors.
Neighbor on channel: 6 Rogues Slide 54 BV How do I do a Client
walkthrough? Document RF & Throughput at Checkpoints. Slide 55
BV How do I finalize the network design? Assign different channels
to avoid overlap. channel: 1 channel: 11 Neighbor on channel: 6
Slide 56 BV Schedule spot checks. Document Results. Checkpoints How
do I finalize the network design? Neighbor on channel: 6 channel: 1
channel: 11 Infrastructure Cabling Slide 57 BV The Wiring Challenge
Challenge: How do I Maximize Coverage While Minimizing Wiring
Costs? Design Approaches: l Use wireless only where portability is
necessary l Smart use of directed and/or high gain antennas l Use
power over CAT5E/6 to eliminate power wiring Slide 58 BV The
Coverage Challenge Challenge: How do I fix dark spots? Design
Approaches: l Identify coverage areas to start! l Perform a Site
Survey l Use directional or high gain antennas Slide 59 BV The IAPP
Challenge Challenge: How can I make sure roaming works? Design
Approaches: l Standardize on one vendors access points l Ensure
roaming works with the chosen security system l Implement an AP
VLAN l Reconfigure Subnets to put all APs in the same subnet Slide
60 BV The VLAN Challenge Challenge: How do I make sure roaming
works across different VLANs? Design Approaches: l Verify both the
wired and wireless segments with a protocol analyzer/MIB browser l
Verify from the perspective of the client Slide 61 BV Wireless
Certification Challenge: How do I know that the wireless clients
will be able to connect to the network? Design Approaches: l Verify
from the perspective of client that it can connect from key
locations l Verify and Document that APs are configured correctly l
Measure RF noise, preferably with trending Slide 62 BV Wireless
Tool Must Haves Key Design Feature Requirements: 1.Must be able to
detect RF signal strength 2.Must be able to detect RF signal
quality (SNR) 3.Need a tool that works on the wired and wireless
side of the access point 4.Client Connectivity Testing, with clear
failure explanations 5.Automated Reporting of AP configuration
baseline Slide 63 BV N E T W O R K S U P E RV I S I O N Hands On:
Site Survey with Baseline Reporting Slide 64 BV Troubleshooting
& Load Balancing Key Questions: Is it the client or the
network? Is it the wired or wireless segment causing problems? Is
the issue connectivity or security? Why is everyones connection
slow? Challenges: The State Machine The Equipment Challenge The
Bandwidth Hog CSMA/CA The Capacity Challenge Result: Trouble ticket
resolved Slide 65 BV The State Machine Challenge: How do I know at
what stage the association is failing? Troubleshooting techniques:
l Use test tools to see the clients connectivity state l Use
protocol analysis to see the connectivity state l Check signal
strength and signal quality Slide 66 BV The Equipment Challenge
Challenge: How do I know if the client or the AP are misconfigured?
Troubleshooting techniques: l Do a good network verification with
baseline documentation l Have a tool that is able to quickly
evaluate configurations of APs and clients Slide 67 BV The
Bandwidth Hog Challenge: How do I know why client connections are
slow? Troubleshooting techniques: l Use a tool to see top talkers
and top protocols l Communicate to users the effects of their
application usage Design Approaches: l Move high bandwidth
applications to wired connections Slide 68 BV CSMA/CA (Collision
Avoidance) Challenge: Why are client connections still slow?
Troubleshooting techniques: l Track and trend the peak utilization
of your high traffic APs Design Approaches: l Cap the number of
clients connecting to any AP to ~25 l Have flexible deployment
options in your high traffic areas Slide 69 BV The Capacity
Challenge Challenge: How should I be designing for capacity? Design
Approaches: l Assign clients to specific channels l Assign clients
to specific SSIDs l Only put low-bandwidth users on the wireless
segment Slide 70 BV Design for Coverage: Honeycomb Provides for
minimum of overlap in space Provides for minimum of overlap in
channels 111 1 6 1 6666 1 Slide 71 BV Design for Capacity: Channels
Co-locate APs on three different Channels Assign Clients to only
one channel Minimizes wiring costs 6111 Slide 72 BV Design for
Capacity: SSIDs mainadminexec Co-locate APs on different SSIDs
Assign Clients to one SSID Minimizes wiring costs Slide 73 BV
Wireless Tool Must Haves Troubleshooting & Load Balancing
Feature Requirements: 1.AP Client state display and Link tests
2.Ability to see AP retransmits and fragmentation frames 3.Ability
to packet capture and decode a specific client conversation 4.Top
Talkers / Top Conversations display 5.Traffic Display with Layer 4
presentations 6.Actual file transfer throughput analysis Slide 74
BV N E T W O R K S U P E RV I S I O N Hands On: Troubleshooting
& Throughput Tests Slide 75 BV The Wireless Family OptiView
Wireless Analyzer l Brings the power of OptiView to wireless LANs l
10/100/1G wired and 11M wireless l Upgrade option for all OptiView
models WaveRunner l Wireless LAN visibility in a Linux- based PDA
package l Includes iPAQ hardware, software and holster Slide 76 BV
WaveRunner l Pocket Security Guard l Support for: Rogue AP
detection Design, deployment planning Monitoring and capacity
management WLAN Troubleshooting Slide 77 BV Rogue AP Detection
Search and Locate Where is the Access Point? Who is using this AP?
Slide 78 BV Design and Deployment Planning Where do the antennas
go? How should I assign channels? Can I connect from anywhere? Do I
have any channel interference? Are the clients correctly
configured? Slide 79 BV Troubleshooting Is the problem in the
network? Is the problem in the client? Slide 80 BV Monitoring and
Capacity Management Can I add another client? Whos doing what?
Slide 81 BV From Protocol Analysis to Integrated Network and
Service Management Solutions Understanding the power of a complete
solution! Slide 82 BV OptiView Network Analysis Solution l
OptiView: Inspector Console l OptiView: Integrated Network Analyzer
(INA) l OptiView: WorkGroup Analyzer (WGA) l OptiView: Protocol
Expert l OptiView: Link Analyzer (LA) l OptiView: WAN Analyzer
