WLAN Deployment Checklist

Be sure to follow these basic steps when deploying wireless LANs:

Determine capacity requirements. Then conduct site surveys and performance testing to make sure access points (AP) perform optimally under the unique conditions of each building, room or site.

Design the network to avoid interference. Segregate traffic running in the same frequency band onto different channels in neighboring APs. Test actual performance to account for multipath interference caused by objects in the way of transmissions.

Set up appropriate security based on your corporate policy. Strongly consider IPsec virtual private networks (VPN), even for local use; they're the most secure option today. Purchase "WPA-certified" products in the second half of this year, as a more scalable alternative to IPsec.

If all you have is Wired Equivalent Privacy (WEP) on your current WLAN products, enable it. WEP ships disabled by default. Similarly, disable the default of your Service Set Identifier (SSID), an alphanumeric code entered into each AP and client device so that it doesn't broadcast the SSID and give intruders the opportunity to intercept it. WEP and SSID measures alone don't constitute strong security protection, but they're more effective than no security at all.

Protect your investment. If you have business needs for wireless to fulfill right now, simply deploy 802.11b. If you anticipate higher throughput needs in the very near term, select dual-mode products that let you run 802.11a and swap out 802.11b for 802.11g when products are available. Also, as Wi-Fi services from mobile WAN carriers become increasingly available, consider adding Wi-Fi subscriptions to your most mobile users' cellular subscriptions. You'll likely get a discount (T-Mobile recently began offering one), and this will deliver a bigger ROI on your WLAN equipment investment because users can connect from more locations. But use IPsec VPNs and personal firewalls for these nomadic users' laptops, which can easily be lost or stolen.

Deploy centralized management. This can be accomplished in several ways, including using the new WLAN "switch" architectures or "smart" APs that still allow centralized control and remote downloads to APs.

Integrate element managers with other management systems in your enterprise to the degree possible. For example, the Cisco Wireless LAN Solutions Engine is a CiscoWorks module that integrates with other CiscoWorks element manager modules. You can also fairly easily hook your WLANs into your SNMP-based enterprise managers. Finally, third-party options from companies such as AirWave Wireless Inc., Aruba Wireless Networks, Bluesocket Inc., Ecutel Inc., NetMotion Wireless Inc., Vernier Networks and others enable management (and security) of infrastructures for mixed-vendor APs.

Integrate with other networks for maximum connectivity. Keep an eye out for dual- and trimode products coming on the market -- whether enabled by chip sets or internetwork roaming software. The more networks that a user can transparently access without dropped sessions and without having to reauthenticate, the more productive and less frustrated that user will be.

Wexler is a freelance writer in Campbell, Calif. Contact her at joanie@jwexler.com.

Copyright © 2003 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon