1. Northridge Consulting Presents: WLAN Workshop Wireless LAN configurations. The advantages & disadvantages of Basic Service Set, Extended Service Set and Independent Service Set.
2. Part 1 We will discuss the types of WLAN’s pictured below and briefly describe the advantages and disadvantages of each. We will also touch on the appropriate uses and locations suited for each network. Basic Service Set-BSS Extended Service Set-ESS Independent Service Set-ISS
3. Basic Service Set or Infrastructure Mode Depicted in the picture below the BSS (Basic Service Set) is clearly defined as having only one AP (Access Point) in which to cover the designated home , public or workspace area. This is a very easily installed wireless network that requires little assistance. It serves a very functional service supplying the immediate area with a wireless signal that may reach up to a 150 feet indoors and 300 feet outdoors from the location of the AP in a 360 degree coverage circumference.
4. The installation and configuring of a BSS It is suggest that the AP be connected to the server or internet in order to have complete access to the network. The AP may be configured to only provide access to wireless nodes in the immediate area allowing them to share files . If we wire the router (AP) to the internet it’s necessary to create a SSID (Service Set Identifier) which provides the network with a unique identifier. . Below is an example of the SSID settings screen. The network can now be secured with either WAP 1 & 2 , MAC Addressing or WEP 1 & 2. WEP and WPA are similar with 128 bit encryption only 2 is slightly stronger. Mac Addressing filters and only allows designated machines to join the wireless network. This is a very good and simple security measure.
5. Advantages & Disadvantages of a BSS The cost involved with a 802.11a ,b or g is relatively inexpensive. By using the BSS you have the ability to cover a fairly large office space, open café type of setting or home. The BSS can accommodate up to about 100 devices but, it’s recommend not to exceed 50 and there’s heavy transferring traffic lower still to about 20 users. Overall the BSS is a good WLAN for the smaller business and home area with an affordable price, easy set up and low maintenance. Some of the drawbacks to this type of WLAN are for one the quantity of users or devices on the network are limited. To comfortably have more nodes accessing the wireless network there would need to be multiple AP’s set on different channels to avoid signal hopping and to accommodate the traffic being generated. Another item of concern is network breakdown. If the AP goes down then the WLAN is out of commission. Although the wired nodes will be fine the disruption from one piece of hardware can be devastating at critical times.
6. Extended Service Set This is a very common network. It is very functional and straight forward in it’s set up & configuration. With the ESS (Extended Service Set) we can take the abilities of the BSS a step further and supply signal to more users, cover a larger area and allow for the use of wireless network to be accessible in different areas of a building. This is composed of 2 or more BSS networks and as you can see from the diagram below, the services that may be provided with this type of configuration are far greater then a BSS however the actual configuration is a bit more complex.
7. The installation and configuring of a ESS When installing the ESS (Extended Service Set) it is essential to configure and place the routers or Ap’s according to the layout of the facility. When installing 2 or more AP’s it vital to ensure the signals overlap and that there is no dead space left in the projected coverage area. The picture below shows an ESS composed of 2 BSS networks. As you can see the signal overlaps allowing for a mobile user to enter the field of the other AP without losing a signal. The process of moving from one signal to another a called a “handoff” Once a signal is received with a stronger signal then the current connection the device will switch over. Some devices also measure the packet error in order to determine when or if an switch is necessary.
8. Advantages & Disadvantages of a ESS One of the big advantages to this type of network is that it allows for an undetermined amount of users. It is easy to continue to add SP’s as the need arises at a minimal cost. Once the security has been decided upon it’s nothing more than aping the first AP configuration to the rest of the networks AP’s. A couple of the other disadvantages of the ESS is just like every other IEEE 802.11 standard, when the handoff takes place during roaming it is not specified. Roaming between APs of different vendors may also pose a problem at times.
9. Independent Basic Service Set This type of network does not use a AP and is a self contained network. The IBSS also known as an ad-hoc or peer 2 peer simple uses the file sharing option located in the network tools menu. It’s a very simple and secure way to share files among users at home or in an office setting. Each mapped user can send or locate and view files on any of the other nodes included in this network.
10. Advantages & Disadvantages of a IBSS One of the more convenient advantages of an IBSS is that the network can be setup very easily and quickly. It’s a matter of entering the computer name of each node to access and share with. Users can communicate and share files with each other without having to run cabling around the room or rooms and without the use of a server or internet connection. Along with the above assets of an IBSS there’s no additional cost aside from assuring the nodes are wireless. The disadvantages are that there’s no means of accessing the internet or transferring large amounts of data being this is an ad-hoc . The BSS has more flexibility then the IBSS being it’s network through AP’s and Ethernet.
12. Authentication Some of the concerns of the regarding wireless network adminsand users has been its perceived vulnerability to unauthorized access, this is because unlike wired networks where network access can be secured by securing the physical location of the systems; radio frequency (RF) signals which carry the transmitted network signal cannot be secured physically. To bring wireless networks under the control and authority of the owner, authentication becomes inevitable in wireless networking. There are three types of authentication that is widely used and support by IEEE 802.11 standard Open System authentication Shared Key authentication Digital Certificate authentication
13. Open System Authentication The default authentication is the open system method and this is the most widely used method. This system uses a straight forward approach; 1. The wireless device having scanned and discover a network, sends a request frame to the AP requesting for an association. 2. The AP reviews the received request and verifies that the SSID of the device requesting for association matches with the one network has. 3. If it matches, AP sends an association responds frame to the device containing the acceptance notice and the device will be authenticated. If it does not match, the device will be denied access. Ciampa, M. (2006).
14. Shared Key Authentication This is a system where both the AP and the wireless device have the same key value entered in their settings. 1.The wireless device that needs to connect sends an authentication frame to AP 2.The AP generates the authentication frame containing a block of text called the “challenge text”. 3.The wireless device has to encrypt the text and send it back to AP 4.The AP decrypts the returned frame to see if it matches the original challenged text. 5.If it does, AP sends an authentication frame representing the result of the authentication. 6.Only pre-approved users or wireless device are provided with the shared key thus verifying the authenticity of it’s user or node. Ciampa, M. (2006).
15. Digital Certificate Authentication Digital certificate method of authentication uses digital documents that associate an individual or user with a key value. This certificate is a data structure that contains information, and it is digitally signed by a third party, meaning that it is not possible to change any part of the certificate by intruders without been detected. On wireless platform, Digital certificate can be installed on a wireless device for authentication, making it more reliable than open system and shared key.
16. Recommendation to Staff The combination of standards, protocols, and software that support digital certificates is called a public key infrastructure, or PKI. The software that supports this infrastructure generates sets of public-private key pairs. Public-private key pairs are codes that are related to one another through a complex mathematical algorithm. The key pairs can reside on one’s computer or on hardware devices such as smart cards or floppy disks. Individuals or organizations must ensure the security of their private keys. However, the public keys that correspond to their private keys can be posted on Web sites or sent across the network. Issuers of digital certificates often maintain online repositories of public keys. These repositories make it possible to authenticate owners of digital certificates in real time. For example, publishers, as service providers, will want to authenticate the digital certificate of a faculty member or student in real time. This is possible by verifying the digital signature using the public key in the repository. (DFL. 1999)
17. References: Ciampa, M. (2006). CWNA Guide to Wireless LANs. (2nd ed.). Thompson Course Technology. Retrieved April 9, 2010 from Week 7 Course Material. IT/241 – Intro to W-LAN Technologies The Digital Library Federation. (DFL) (1999). Digital Certificate Infrastructure. PDF. Retrieved April 9, 2010 from http://www.diglib.org/architectures/cren-dlf.pdf