Wednesday, 21 September 2011

Which Wireless Solution to Choose

Before I start writing any thing , I would like to clarify this post is not suggesting to go for any specific vendor, My main point here is to discuss what are the main challenges you face when you start evaluating network wireless solution.

As my company is looking to deploy the wireless solution and I have been struggling for last couple of months to get my head round with the terms and different architecture / Solution that are vendor specific, but what you need to look for to avoid any confusion during the stage of evaluation or POC.

There are many wireless vendors in the market, leaving you with a tough decision which ones to recommend and which are ideal for higher end, enterprise-wide solutions that can support VOIP , Video and all those new technologies.

what we need to look for In wireless solution Ok !! here we go stick with three main things ... that we need in wireless solution once you stick with them start learning the terms i will mention at the end of the post. then you are good to go with any vendor and discus what they offer you .

The main challenges in wireless are

  1. Coverage

  2. Capacity (how many users can connect)

  3. Throughput (how much speed you can offer to all the active users)
Mind that throughput is the main factor to future proof your network to add more and more services on the network.

As per existing market roughly all access points support all set of frequencies the main are 2.4 Ghz and 5 Ghz to memorize i use to draw it something like that
2.4 Ghz = B , G , N

B stand for BAD gives you 11 Mbps

G 54 and N 300 / 450 Mbps

However 5 GHZ gives you A with 54 Mbps and N 300/450 Mbps

there are a lot of 2.4 Ghz devices so you network should not only support 2.4 but it should be able to support 5 Ghz and when in future you switch to 5 Ghz it should still not effect your coverage.

Key point
:- 2.4 has 3 x non mapping channels like 3 lane motorway and 5 Ghz have 20 non mapping channels how ever some vendors use 9 out of those 20 channels , however some even use 16 channels , so you must look for 5 ghz support in your network.

Key point :-
when you go and buy for any wireless product and if it says it support ABGN then it supports 5 GHZ if it says B,G,N yes , It supports N but it supports N on 2.4 Ghz , (remember 3 Lane motorway no future proofing)

Make sure your wireless solution support MIMO 3 x 3

for further information on MIMO google it it is sort of multiple antenna on both TX and RX to improve performance.

Now lets discuss about wireless Architecture.

  1. Single channel Approach

  2. AP controller based

  3. Distributed
I am going to discuss about all of these three approaches in a single paragraph it is a very debate able issues , you might see lot of white paper battling on each approach.

single channel one speak other just shut up result in Less bandwidth , Only One channel , and No interference as there is only one channel .

AP / Controller based , I am not going to comment, you have to ask vendor supporting this if you have 100 Devices going through the controller how it will share the bandwidth ? , what effect it will make if you enable WPA2 , i.e if 1 have 2 controllers and 100 AP's and every AP have 10 users how much bandwidth it can practically give to each user with WPA2 enabled (we don't forget about security in wireless), if it is sufficient for your existing and future VIOP and video we don't have any problem.

Distributed approach , I would just like to say intelligent AP have every functionality happening on the AP , built in encryption engine and i would say it can easily tick all your boxes about coverage , Capacity and throughput
Now come to the first thing (HUH what we were doing above then !!!! Cmon it was just theory real work starts here)
Survey. - when doing survey you need to very clear what SNR (Signal to Noise ratio) you want to live with , dont let the Vendor or surveyor trick you saying this area is covered see you can see the signal , yes but what is the dBM here mind that - 80 dBm will be dead for you you cannot communicate , there are couple of papers suggesting stick with -70 dBm and some say 76 Depending upon your requirement .
Key point:- Here is one more trick while you are doing survey do the survey for 2.4 and 5 both dont get robbed again . 5 GHZ wave is differnt then 2.4 so it have more impact if it hit something. i.e 2.4 covergage with -70 dBM need 10 AP's however it will not give same cover on 5 Ghz.
Some AP have 2 antennas one feeding you 2.4 and other 5 ghz normally known as dual band AP.

WLAN vendors are trying to improve functionality at edge by providing Security , gest access and reliability , IPS , and some vendors with Spectrum analyzer.

That's pretty much I have to say at the moment I will revisit and try to update, before I close I would like to add some main point.

If you are more concerned about Security you might be looking for FIPS 140 and PCI certification of products.

Look for Licences cost for controller with regards to AP count.

Some AP's are coming up with dual band support for example 2 antenna one antenna 2.4 and other is 5 Ghz and in future if you don't need 2.4 you would not like to end up with one antenna, so ask vendor about future plans.

One last point if wireless vendor say its 300 Mbps it is not 300 Mbps full duplex , It is just marketing figure , your Ethernet LAN is 100 Mbps full duplex which will make it 200 Mbps .

That is pretty much from my notes, Have a nice day.

Wednesday, 7 September 2011

Fraudulent Digital Certificates

some major borwsers have issued a relased because DIGINOTAR the former Certificate Authority whihc managed to issue more than 500 bogus digital certificates in the name of majore web service providers mainly


even in the name of some intelligence agencies.

In recent update from MoZilla Firefox it have blocked any certificate signed by DigitNotar.

Microsoft have also released an update 2607712 permanently moving all five DigiNotar's root certificates to the Certificate Revokation List whihc provides protection to all Windows versions.

DigiNotar Root CA

DigiNotar Root CA G2
DigiNotar PKIoverheid CA Overheid
DigiNotar PKIoverheid CA Organisatie - G2
DigiNotar PKIoverheid CA Overheid en Bedrijven