Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Network tap wikipedia , lookup
Extensible Authentication Protocol wikipedia , lookup
Power over Ethernet wikipedia , lookup
IEEE 802.11 wikipedia , lookup
Wireless USB wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Policies promoting wireless broadband in the United States wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
The Next Generation Wireless Yuri Kolomiyets Network Services Information Systems and Technology Current Wireless Network Complete indoor coverage of campus Hardware: Avaya Access Points (Fat) 802.11g everywhere with data rates up to 54Mbps Management: Airwave Management Platform Authentication: Network Authentication Appliance WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Access Point management Airwave Management Platform Allows to monitor, configure and manage access points Has rogue detection capabilities Collects statistics Supports multiple vendors/platforms WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Access Point management Problems with Airwave Not 100% support of all features Lots of false positives by Rogue Detection Poor distributed management capabilities WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Authentication Gateways Network Authentication Appliances (aka. NAAs) Developed by Bruce Campbell <bruce@ist> Gateways (routers) for wireless subnets 3 in IST, 1 in ARTS, 2 in ENG, 1 in ARC Run on FreeBSD Control authentication, security and traffic shaping Also used for wired access where required WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Authentication Gateways Custom functionality Captive portal authentication Client-only firewall rules TTTS (Toilet tank traffic shaping) MinUWet developed by Erick Engelke <erick@engmail> Windows XP SP2 only Failed health check results in access restrictions Printing capabilities (in ENG) WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Architecture Overview Si ProCurve Switch 6200yl J8992A Power Mdl Mini-GBIC / SFP Ports - use only ProCurve-authorized devices RPS Status of the Back Link 1 Mode 3 5 7 9 11 Link 13 Mode 15 17 19 21 Link 23 Mode Link 2 Mode 4 6 8 10 12 Link 14 Mode 16 18 20 22 Link 24 Mode ProCurve Networking HP Innovation Status LED Mode Act Tmp Fault Fan Usr Test Reset Clear Console Auxiliary Port Core NAA Constituency switch/router Access points Clients AP management vlans Client vlans trunked to NAA Routed links Management Wireless WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Problems with physical infrastructure After initial survey no way to determine gaps in coverage No dynamic power/channel adjustment Poor load balancing No physical layer security (Open access) WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Problems with NAAs Need to be inline with client traffic Currently can only be done with VLAN trunking Very complicated (messy) design Not very scalable architecture No redundancy Inefficient use of IP address space No synchronization between NAAs No roaming Buggy WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Usage statistics WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Next generation RFP 07-53 awarded to Aruba 3rd generation Architecture (Thin APs + controller) Complete overall solution from a single vendor Except health check Built-in firewall Application aware Extensible WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless New Architecture Aruba 6000 Si SLOT 2 SLOT 0 O.T.P O I DC OK WIRELESS NETWORKS FAN STATUS ProCurve Switch 6200yl J8992A Power Mdl Mini-GBIC / SFP Ports - use only ProCurve-authorized devices RPS Status of the Back Link 1 Mode 3 5 7 9 11 Link 13 Mode 15 17 19 21 Link 23 Mode Link 2 Mode 4 6 8 10 12 Link 14 Mode 16 18 20 22 Link 24 Mode ProCurve Networking LED Mode Act Fan Usr Test Reset Clear Console Auxiliary Port ARUBA 2400 PWR AC OK HP Innovation Status Tmp Fault 0 2 4 6 LNK/ 1 POE ACT 3 5 7 ACCESS POINT STATUS ACT LINK 0 1 POWER STATUS 61 8 10 12 14 LNK/ 9 POE ACT 11 13 15 4 5 2 6 3 7 Aruba Wireless Controller Aruba APs No need for trunking Wireless traffic tunnelled from AP to controller Wired traffic goes through tunneller (wired AP) NAA is replaced with Aruba ACCESS POINT STATUS 8 12 9 13 10 14 11 15 16 18 20 22 LNK/ 17 POE ACT 19 21 23 ACCESS POINT STATUS 16 20 17 21 18 22 19 23 WIRELESS NETWORKS Link/ ACT 24 Link/ ACT 25 SERIAL WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Aruba is #UNO !!!1 More powerful access points Automatic channel/power adjustment Effective high density deployment Full roaming capabilities (L2 and L3) Rogue monitoring and mitigation Uniform use of IP space with Vlan Pooling NO BUGS !!!! WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Deployment Deployed 10 APs in MC 645 to go 3 controllers in N+1 redundant mode Authentication will be moved to Aruba Minimum change in appearance Routing will be moved to HP DHCP will move to NS1 and NS2 minUWet to be implemented by Erick TTTS to be implemented by Aruba or Erick WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Aruba Interface WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless Future Complete coverage in residences Wired control for ResNet moving to Aruba Outdoor coverage 802.1x authentication Guest provisioning Remote APs WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless n Questions?? n Thank you. WatITis | Life After 50 | December 4, 2007 | The Next Generation Wireless