Wireless Networking - PowerPoint PPT Presentation

1 / 20

About This Presentation

Title:

Wireless Networking

Description:

Number of Views:55

Avg rating:3.0/5.0

Slides: 21

Provided by: itssnet

Category:

Tags: diy | network | networking | wireless

Transcript and Presenter's Notes

Title: Wireless Networking

1
Wireless Networking

2
Outline

3
Wireless Technology Overview
4
Why Wireless?

() No wires. Convenience, flexible. But
(-) Relatively slow speeds, typically 5 Mbps with
802.11b. Nowhere near the 100 Mbps of typical
wired connection.
(-) Wireless access points are hubs, not
switches. Bandwidth is shared among wireless
users. Think of it as phone party lines.
(-) Data is freely available in the air.
Traffic is easily sniffed.
Data is not encrypted unless the protocol is
encrypted (e.g., SSL and Kerberos).
Stanford does not use WEP, because it can be
cracked.

5
Wireless Terms

Access Point (or AP) device that sends and
receives wireless signals. Usually directly
connected to the wired net.
ITSS uses Cisco Aironet 350 APs.
SSID the network name that Access Points
broadcast.
ITSS uses Stanford.
Departments and home users may want to use other
names.
Users can roam between access points with the
same SSID.
Channel radio frequency used by APs.
APs near one another should use different
channels to minimize noise.
802.11b Channels 1, 6, and 11 dont overlap.
Channels 1, 4, 8, and 11 have only a little bit
of overlap

6
Wireless Alphabet Soup

802.11b
Most common wireless protocol. Uses 2.4GHz
frequency, with 11 Mbps bandwidth. (5 Mbps is
more typical). ITSS wireless net and most other
campus wireless is based on this.
802.11a
Uses 5.5GHz range, 54 Mbps bandwidth (20 Mbps is
typical performance). Produces to much radio
power to be certified in medical areas. Unlikely
to become a standard at Stanford.
802.11g
Uses 2.4GHz band and is compatible with 802.11b.
Also 54 Mbps bandwidth (20 Mbps typical). An
emerging standard, but likely to grow in the
future.

7
ITSS Wireless Net
8
ITSS Wireless NetOverview

Coverage map at http//wirelessnet.stanford.edu
Wireless net uses separate physical and logical
network. (Separate switches, fiber, and address
space.)
Prevents layer 2 attacks (e.g., broadcasts,
IP/MAC spoofing) on wired net
Prevents wired broadcasts/multicasts from
saturating wireless bandwidth
Dont have to dedicate department roaming IPs
for wireless users
You still have to register wireless cards in
NetDB.
provide the hardware address of the wireless card
enable DHCP and roaming.
Wireless card recommendations
Recommend Cisco and Apple cards which are
available at the Bookstore.
Any WiFi certified card should work.

9
ITSS Wireless NetSecurity

Wireless networks are inherently insecure
Even with encryption, the data between client and
APs are available for anyone to capture.
Most corporate wireless nets lie outside of
firewalls.
ITSS Wireless doesnt use WEP
Consumes client resources
Well-known security vulnerabilities
Other methods of wireless encryption are
vendor-specific.
Stanford uses wireless authentication to protect
campus resources.

10
ITSS Wireless NetAuthentication

11
Department Wireless
12
My Department Wants Wireless!

Net-to-jack clients are eligible for 1 AP for
every 16 wired ports.
Wireless net-to-jack For non-net-to-jack
clients, ITSS will do a survey, install, monitor,
maintain, and upgrade your wireless network.
Price is 31/month per AP.
Or.

13
Do-It-Yourself Options

Option 1 ITSS can place a wireless entrance
switch in your building and that carries the ITSS
Wireless net.
Option 2 Departments can put their wireless
devices on their existing building net.
Both options require departments to purchase APs
and switches. ITSS can recommend equipment, but
departments will need to do their own survey and
place access points.

14
Department Wireless Setup

ITSS Wireless net always uses Stanford as the
SSID.
APs plugged into the building net shouldnt use
Stanford
This has caused problems when users roam between
access points.
Putting the department/group/lab name as the SSID
makes it clear to users who to call in case of
trouble.

15
Recommended Cards and APs

16
Home Wireless Nets
17
Keeping Your Neighbors Out

The range of wireless means that its very
possible that your neighbors can use your
wireless net too. And see all your traffic
Precautions
Most APs have MAC address filters so that only
specific cards can associate. This is the most
important thing to enable!
Most APs can also be set to not broadcast the
SSID. (e.g., Apple Airports call this Create a
closed network) That way, people have to know
the name of your network in order to join.
Definitely want to use encrypted protocols
whenever possible.
If available, consider turning down the power of
your AP to restrict the range.

18
Setup 1 Stanford DSL and Stanford West

In both cases, you can request multiple IP
addresses for home machines. You dont need a
DSL router.
We suggest that you purchase access points that
do bridging, where traffic is simply forwarded
between the wired and wireless sides of the
access point without alteration.
Examples Cisco Aironet 350, Linksys WAP11,
Apple Airport.
Weve seen a number of people on the campus or
Stanford West who have installed Airport base
stations with DHCP enabled on the Ethernet side,
disrupting DHCP service.
Breaks DHCP for other users.
We shut down their connections

19
Setup 2 Non-Stanford DSL or Cable Modem

In many cases, you only get one IP address.
Network Address Translation (NAT -- often
provided by DSL/wireless routers) can be used
to hide a network behind a single IP address
Some wireless units do this by default. E.g.,
Apple Airport.
Note that NAT disrupts some Stanford services,
especially WebAuth.
Also interferes with some VPN setups.

20
Questions???

Write a Comment

User Comments (0)