Slashdot Mirror

← Back to Stories (view on slashdot.org)

A WiFi-Only Office Network?

Posted by ryuzaki0 on from the airborn-packet-storms dept.

periol wonders: "I'm the sysadmin for a firm in mid-town Manhattan that is moving to a larger workspace six months from now. The new space is on one floor (100+ users to begin, 200 capacity) and is completely stripped. We've been playing around with the idea of completely wireless office, with no ethernet except to the access points (probably running over VPN for security). Email and files are all accessed locally over the network, and there is a web application hosted off site. Does anyone have experience with this kind of setup? My calculations are that we would need one access point per 15 computers, but I don't know what kind of issues we'll run into along the way. Will we run into unexpected periods of network downtime with a wireless-only setup like this?"

5 of 155 comments (clear)

  1. Re:Odd question. by Lord+Prox · · Score: 3, Informative

    ...and remember to put your microwave oven in an RF shielded cage. Hot coffee is not worth network downtime.
    Also look into getting some anti radation / stealth wallpaper.




    Got Debt?

  2. Absolutely not. by jacobdp · · Score: 5, Informative

    Wireless performance is shit. Here's the problem: Sure, 802.11g gives you a theoretical peak 54 mbps. However, not only do you never get more than 50% of it, that bandwidth is shared among every user on the network and is half-duplex. It's like having everyone on a single hubbed network - once a buch of users all start communicating at once, you get collisions, and performance drops. 1 user on wireless is fine. 5 or 10 is questionable. 50 will be like molasses.

  3. Yup, bad idea by RebornData · · Score: 4, Informative

    You can't just add access points to increase capacity... the limitation is the radio frequency space available. Remember there is only room for 3 wifi channels (1, 6, 11) in the 2.4GHz spectrum. Add a forth into the same space, and you're just stepping on the others and causing interference. Of course I'm assuming 802.11b/g here, as 802.11a has 20 distinct channels.

    The other issue that people have mentioned is outside interference. Microwave ovens can be a real bummer. So can the little cordless 2.4GHz headsets executives seem to like. And you better hope nobody sets up a 2.4Ghz video sender for their security system in the vicinity. Or a nearby cell tower, or radio station. You could be working perfectly for a year, and then suddenly have your network permanently broken by something completely outside your control or ability to change.

    There's a reason you don't hear of many people doing this.

    -R

  4. Maybe unreliable :-) by spagetti_code · · Score: 4, Informative

    We have several offices.

    We put in 100% wireless at one when we moved. Saved us a bundle of time, but there were dead spots all over the place. Lots of people had laptops and moved around with them - some offices had good connectivity, some didn't. In hindsight, we didn't have enough access points to provide good coverage. We eventually switched to wired due to user frustration.

    In the next office we learnt. Fewer people have laptops and move around. Everyone fixed is wired. Laptops have the option and using IBM's s/w on the thinkpads, they seamlessly switch when you unplug to move (in fact, some choose to stay wireless all the time). We carefully chose the locations of the APs by testing. Throughput is down but not noticeably so.

    What to learn:

    Think of access points in terms of distance between them and coverage as well as number of people connecting. And figure this out by testing, not by reading manuals. Walk the floor with a laptop and test every office, nook and cranny - there are lots of unexpected dead spots.

    Security is not a problem - WPA is a piece of cake to set up and (as yet) unbroken.

    So it can work.

  5. Re:The downside to wireless office: by swillden · · Score: 5, Informative

    How long do you think it will take me to crack the WPA/EAP key,

    Which one?

    Assuming EAP-TLS, each authentication is a mutual authentication using public/private key pairs on both access point and device. You'll need to crack the client's auth key to get in. So how long will it take you to crack a 2048-bit RSA key?

    Or, assuming you want to sniff the data, rather than join the network, you need to crack the packet encryption keys. With WPA, that means you have to defeat TKIP, which changes the RC4 key on every packet transmitted, and isn't vulnerable to the related-key attacks that sunk WEP's stupid design. But if this is a new office, there's no reason for them to use the backward compatibility hack that is WPA, they should deploy WPA2, which uses AES for the packet-level encryption. Although both WEP and WPA/TKIP misuse RC4 in a way that enabled the WEP attacks (neither of them discard the first few hundred bytes of the keystream after a rekey operation), AES doesn't have the same potential weakness as RC4. Since the best known attack against AES is brute force, you're going to have to search a 128-bit keyspace. How long will that take you?

    Given WPA2 and, say, EAP-TLS, the best known attacks on the WiFi security require breaking either RSA or AES. Good luck with that.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.