Making Wireless, Not Ethernet, the Heart of the Network

GMGruman writes "As mobile devices enter the workplace and latch on to Wi-Fi networks — along with devices such as HVAC sensors and videoconferencing that most people don't even realize use Wi-Fi — the typical wireless LAN is unable to cope. What needs to happen, argues Aberdeen Group's Andrew Borg, is a rethink of the wireless LAN not as a casual adjunct to the wired LAN (the typical mentality when they were first set up) but as the corporate LAN itself."

Too bad it won't work

High latency, low throughput, and a shared collision domain.
What's not to like?

Re:The number of devices is not most relevant

[Albanach]

So what? What is relevant is what those devices are doing. Anyone who needs to pull boatloads of data needs to sit the hell down, and at that point, you can serve them with a wire.

And where, exactly, do you suggest I plug in my iPad? The MacBook Air requires a separately purchased dongle to connect to a wired LAN.

Your solution assumes that a majority of devices continue to be developed with an ethernet port. As we move towards thinner, lighter laptops, I doubt Apple will stand alone in manufacturing devices that no longer have an easy way to connect to a wired network.

No, can't be done.

[SuricouRaven]

Ye cannae change the laws of physics!

Seriously, though... wireless has serious inherent disadvantages. Susceptibility to interference, a single collision domain, much lower bandwidth in the analog sense. It's good for mobility, but if you try to run a whole site-LAN on wireless it just wouldn't work - even if you utilised the 800MHz, 2.4GHZ and 5.0GHz bands all at once. Maybe if you put little 60GHz nodes in every room, but it'd be far too expensive.

wireless networks in critical infrastructure

[OzPeter]

One of the advantages of a wired network is that the data only leaves the premises at well defined locations that you control. With wireless networks it floats over the aether in all directions. And before you can say "encryption will protect me", think about how easy it would be to build a transmitter running on the same frequencies as the wireless network and sit that just outside the company and pointed inwards - instant denial of service attack with zero traceability.

Re:The number of devices is not most relevant

I can tell you where to shove your iPad

Re:The number of devices is not most relevant

[dfghjk]

You are using an iPad on a corporate LAN and accessing "boatloads of data"? Haha.

Some people have real work to do.

Re:The number of devices is not most relevant

[hawkbat05]

Perhaps then it's time to refine the overly large rj45 plug into something that will accommodate smaller form factors. Call it Ethernet micro. Most of the connector is wasted plastic anyway.

Why are these things using WiFi?

[betterunixthanunix]

Printers? Video surveillance? HVAC? Electric meters? Why are these things using WiFi, when they rarely move and are always plugged into an external power source?

Re:Why are these things using WiFi?

[ledow]

That's no excuse.

I work in schools (i.e. limited budget). It's just not sensible or practical to have ANY of that stuff running Wifi, especially in solid-build buildings, near residential areas, or anywhere you need something to STAY connected.

We have HVAC controls - on a Cat5 outlet that we put in specially. The electrician ran it in with the electrical outlets and the AC engineers run it with their cabling happily too - for the price of the cable / box and a little extra labour.

We have a printer in every room. Usually wired to the same Cat5 outlet as the main computer outlet.

We have door-controls - same thing. All over Cat5/IP, even down to the individual door activators and swipe-card sensors.

We have VoIP - same thing. If there isn't a socket where we need it, Cat5 goes in for no more than a phone line of the same length / distance.

We have CCTV - all wired to Cat5 sockets rather than with Coax back to a central point because that would mean more unnecessary cabling when the Cat5 does the job and STILL supplies Gigabit Ethernet to several other devices on the same point.

And then eventually you realise - after a while, in any large building, you still always have a Cat5 point within 100m (usually within 10m) and from there you can do everything you need to split it / put a switch in and join even more stuff to the normal network.

Cat5 is a universal deployment that virtually everything can use once plugged in and can be extended to ridiculous means (i.e. Gigabit to every outlet, so you CAN stream multiple CCTV channels from the other end of the building without having to worry about the wireless bandwidth / interference in between and/or knocking out other systems).

Whereas our wireless deployments? In the middle of a residential area, we can't get more than 8 machines into a room reliably using Wifi - even with flooding 3 channels full from school AP's - ( and where reliability means "can login via LDAP without having to constantly retry") because of the interference and up/down-ness of it all - training days we only use switches and hard cables now.

What we do expose to Wifi can be picked up miles away if you want to but can't be used reliably on the other side of the room. Wireless CCTV interferes like hell and knocks out both itself and the Wifi and other 2.4GHz gadgets.

Yet with wired cabling we can cover the entire building with the minimum of fuss. Diagnosis is simple (green light on switch = working). Things don't change over time. We can have redundant and even circular links. We don't drown out our neighbours.

It costs LESS than the Wifi crap - hell a run of Cat5 to the maximum run (with installation costs and sockets) costs less than a single access point (without installation costs) if you have decent contractors that aren't conning you. If you have in-house staff, you also save the "profit" that you would have given the contractor.

Copper cabling saves you so much more hassle and time and money and effort and extraneous costs, if you're being charged sensible prices, and stays that way pretty much forever - use your brain and install Cat6a now and you're save until each outlet needs more than 10Gb/s. Install wifi now and for MORE cost, you get LESS service, LESS reliability and in before you even get to 200MB/s you're going to be replacing them ALL.

Security, Availability, Expandibility.

[Bilby+Baggins]

These are the three things that WiFi still can't compete in against a wired network.

Even the most secure wireless is still much more susceptible to attack then a wired network. Even with the most modern access control and protection methods (which are neither cheap nor convenient) the sheer massive avenue of attack WiFi presents creates a problem for many large corporations. Ask JPMorgan Chase how much WiFi connectivity they have. Or pretty much any US Government building.

Even if you do as the article suggests and call in an expensive contractor to map out the best locations for access points, you have to find out if it's even feasible to run network and power to that location. Even with the best-possible placement you are going to have dead zones, and the size and location of dead zones will vary depending on the devices used. My Toshiba laptop got service in places a virtually identical Macbook did not- let alone the poor wireless reception most mobile phones and devices provide. So you have to deal with irate users, and try to find places to install additional access points to cover the dropped zones.

When I worked for a small non-profit K-12 school, during teacher inservice days I always had to install 2 additional access points in the gym so that the teachers could all connect on their laptops, as the single AP currently serving the gym was not sufficient. Even then, transferring any large file from the server or online either brought the network to a standstill or required tethering each machine to an ethernet cord to do the transfer. Most high-tech oriented conferences, the wireless is all but useless if it's available publicly, due to the hundreds of devices all connecting within a limited frequency space and bandwidth. There is just not enough bandwidth in a small space available to deal with more then a handful of data-rich connections. Spread across multiple spheres of AP reception the problem is reduced, but not eliminated! My bedroom is WiFi-connected only due to wiring constraints and connecting from my laptop to my server via VNC or to copy files is very... very... slow. And really, try having a LAN party over wireless- I can run hundreds or thousands of network cables through a small room and connect everything I need for nearly any project or task inexpensively, and know that the network will be robust. Working with WiFi in anything other then a solo arrangement is a lesson in frustration.

TL;DR - Until security protocol and access control methods are more robust and available; until tools to design, implement, and test wireless networks are more plentiful and robust; and until bandwidth availability is not on par with but exceeds that of standard CAT5- wireless is but an adjunct, a convenient add-on to the main structure of a wired network in a business. ... err, not that I'm impassioned about it, or anything.

Re:The number of devices is not most relevant

[hedwards]

Precisely, which is why you'd get that response. If the company wanted you to use an iPad for your job they would either provide it or provide resources with which IT would support it. It's really clear that under typical circumstances that they won't provide the support unless they provide the equipment.

Plus, self entitled assholes like you make it a lot more difficult for the rest of us to get our work done.

Re:The number of devices is not most relevant

[Anthony+Mouse]

People are apparently having trouble understanding that there is a finite amount of spectrum allocated to wireless and you have to share it between all the devices in range. At some point all the bandwidth is used up, and if you want more, you need wires.

Re:The number of devices is not most relevant

[Charcharodon]

An iPad is not a real device, it's a toy. Besides exactly how much "data" do you need to send it?......... oh wait you are talking about watching movies/video at work not actually doing "work" because anything else doesn't actually take up that much bandwidth for more than a minute or two.

The only thing thin devices like iPads may be usefull for someday is running remotely software on a hardwired server or a desktop and then streaming it to it.

Re:The number of devices is not most relevant

[DarkOx]

I work in IT security at my company. If an end user acted the they way you are acting I'd report it and you'd probably be pretty severely reprimanded for your attitude and if you failed to change it afterward you'd be fired. Yes IT does need to *make it work* if its actually *work*, the fact that'd you would *like* to use your iWhatever may or may not be work. If you have a good reason come talk to us, most security departments would try to find a solution.

Expecting IT (Security especially) to just get out of the way or have a no request is to unreasonable attitude is just wrong, and I think you will find your UPPER management realizes that. Maybe you are not at a public company that might change things a bit too, but trust me someone will care when they have to put in the notes to the financial statement that something happened.

Management would be very unhappy if they were forced to report that, our trade secrets relating to the manufacturing we do may have been leaked, that our competitors know our cost structure, that we lost customer data, etc etc. The last on is embarrassing and might cost some current business, the first two could seriously harm the competitiveness of the company going forward. IT Security IS IMPORTANT we are not just your BITCH. We play a role just like every other department. We need you to be able to do what you do so we have job, you need us to make sure you are able to keep doing what you do, so you have job. That is why its called a (corp)oration, we are supposed to be cooperating.

Re:The number of devices is not most relevant

[Hylandr]

The only thing that leaves me inclined to go wireless is not having to pull butt loads of cable through ceilings and attics. Then things like security, PCI DSS and HIPAA are brought into the mix and reality sets in, as I head back into the attic. One of the places I worked at was trying to use an apple airport for a firewall. We were scanned for PCI DSS compliance and gave us a report of every single device on our network. I yanked that in my first 30 days there. Don't even get started on the wireless encryption bit. Really

- Dan.

Borg

[arisvega]

What needs to happen, argues Aberdeen Group's Andrew Borg

So a Borg is giving suggestions as to how Earth's networks are to be set up?

Careful now, people.

Re:The number of devices is not most relevant

[Mr.+Slippery]

I look around at the Fortune 100 company where I work, and I note that every single executive is carrying an iPad.

Yes, but this thread was about people doing work. Not about people who parleyed social connections into dead-wood positions where they rake in large salaries to get in the way of the people who actually get shit done. (Or am I being cynical?)

Re:The number of devices is not most relevant

[MeatBag+PussRocket]

Your job may be vital to your organization, and you may be "goddamned good" at it, but thats really besides the issue. Any corporate network contains mountains of proprietary data that is placed at risk when people who dont understand how to manage that data (you) attempt to hook up whatever you damn well fancy. Computers are not magic no matter how much you'd like to believe otherwise. Ethernet is not powered by unicorn blood an IT staff are not wizards (no matter how much some of us would like to believe otherwise). Getting a virus is only one potential problem, and truthfully the ability to not get a virus has no bearing on "knowing what you're doing"

At the end of the day, if your flashy electronic status symbol causes a network issue and then no one in your office can work, it really doesnt matter how 'goddamnded good' you are at your job, you cant do everyone elses too.

I've seen a number the power-suit, anger-management, "i'm a type-A", throbbing hard-ons; thinking they're the next Richard Branson. its a great wet-dream until you fuck up and get punted from your high horse by people that care about advancing the goals of the business over their own personal agenda.

Well, we can.

[Cyberax]

4 years ago I've helped to manage a mesh WiFi network for a fairly large enterprise. It covered a large building with about 1000 people working simultaneously. It was first intended as a temporary network (they had to relocate quickly, because of a fire in their old building). But it worked well enough to become the main network.

Keys to success: low-power APs with WDS, and gigabit Ethernet trunks + switches with STP. We used WPA with pre-shared password for wireless security and then IPSec for IP-level security (it was used with the wired network earlier so no setup was required).

As far as I remember, an average access point served about 15 clients. We manually set all the access points to the lowest possible power level, but apart from that we did no additional setup.