Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How to buy locally managed WLAN for the enterprise

Find out the four key criteria to consider when buying an on-premises, locally managed wireless LAN for your enterprise from networking expert Andrew Froehlich.

When it comes to choosing the right locally managed WLAN product platform for your enterprise, four primary factors need to be assessed. First and foremost is WLAN performance, which includes wireless throughput speeds, capacity, consistent signal while moving through a WLAN, and self-healing options in the event of component failure. Second is security options that ensure end devices and users properly authenticate and access networked resources. Third is considering the deployment options that best match your enterprise's specific needs from a physical and logical design standpoint. And finally, evaluate ease of management for the different on-premises WLAN solutions.

Performance requirements

Performance is one of the primary reasons an enterprise IT department would choose to deploy a locally controlled WLAN over a cloud-controlled WLAN. The most popular locally managed WLAN options commonly out-perform cloud-controlled wireless systems. The first reason being that hardware components offer consistently better quality and are more finely tuned by the manufacturer. Many vendors develop custom wireless chips and specialized antennas to squeeze out additional performance. Second, network administrators have more control to fine-tune an on-premises wireless network from a software perspective. Local WLAN controllers allow administrators to modify even the most sensitive settings. Properly configuring local WLAN controllers requires much more skill, but if done right, a WLAN can be configured for optimal performance in virtually any setting.

WLAN security becomes more complex when you leverage components from multiple vendors, as opposed to implementing an end-to-end solution.

When researching on-premises WLAN options, you'll likely run into the term merchant silicon. The term is used to describe un-customized microchip components that are standards-based and, therefore, identical no matter which vendor uses them. Most cloud-controlled products use more merchant components than locally controlled products. The focus of cloud-controlled products is more on the ease of management than on performance.

WLAN vendors place varying amounts of effort into customizing chips and antennas. The amount of time and effort needed to create customized components is incredibly high. While this results in significant performance gains, it also increases costs.

WLAN security options

WLAN security is often thought to be the same across the board no matter who the WLAN manufacturer is. This is due to the fact that wireless follows strict, standards-based protocols from an encryption and authentication standpoint. But WLAN security becomes more complex when you leverage components from multiple vendors, as opposed to implementing an end-to-end solution.

Some vendors -- namely Cisco, HP and Huawei -- offer a full range of security options that assist in authentication, access control and user/device management. Using a single vendor deployment end-to-end typically decreases deployment complexities. Additionally, troubleshooting a single-vendor solution is far less time-consuming. This is especially true if you use support contracts that include troubleshooting services from the vendor.

On the other hand, WLAN vendors that don't offer a full suite of security products will tell you that because wireless is standards-based, you use "best of breed" security solutions to implement as you see fit. This may be the optimal choice if your enterprise values optimal security over ease of management -- and if you are willing to purchase the absolute best products from multiple vendors.

Wireless security options are becoming an increasingly important factor when choosing a WLAN system. In the past, most enterprises simply leveraged authentication and encryption security measures on their Wi-Fi. But with wide adoption of BYOD policies, and the impending Internet of Things revolution, wireless devices need more advanced security. This includes the accurate identification of users/devices, automated onboarding/offboarding capabilities, device and operating system posture assessment/remediation, and context-aware policy enforcement. It's wise to take all of these factors into account before choosing a specific vendor.

Deployment flexibility

The importance of deployment flexibility for various vendor WLAN solutions depends on the current state of a network. If your physical network environment consists of a single building or a group of interconnected buildings on a local campus, deployment flexibility isn't much of a concern. But if your enterprise consists of multiple branch offices spanning large geographical regions, flexible deployment options are critical.

Because most locally managed WLANs tunnel traffic back to a controller, it's not an ideal solution for remote sites. This is because you would have to tunnel Wi-Fi traffic across a wide area network connection, which is often not an optimal path. Vendors take different approaches to address this issue. One is to place smaller controllers at branch offices so they can operate independently and not have to tunnel traffic back to a centralized controller. Other vendors allow remote site access points to offload wireless data locally onto the wired network as if it were an autonomous or cloud-controlled AP. Lastly, some vendors are beginning to offer wireless hardware that can be used with on-premises controllers or through a cloud-controlled architecture. For those looking to eventually move toward a cloud-controlled solution, this may provide a path that does not require a complete hardware rip and replace.

Ease of management

Because on-premises wireless solutions are inherently more complex to deploy and maintain, it helps to implement a system that is easy to manage. When evaluating different WLAN solutions, always consider how your in-house IT staff will manage it in terms of troubleshooting and general maintenance. Having fully trained IT staff at every WLAN location is ideal, but it's logistically challenging. Most wireless networks are at least partially supported remotely. Therefore, it is crucial that IT administrators feel comfortable with the controller's management interface and remote troubleshooting tools. Also keep in mind that some vendors require additional management servers (at an additional cost) in order to take advantage of the full spectrum of the WLAN management features they offer.

Next Steps

Examine the benefits of provider-based vs. premise-based network management.

Learn best practices for wireless security.

Explore WLAN security tools.

Examine network access control tools for the enterprise.

This was last published in August 2015



Find more PRO+ content and other member only offers, here.

Buyer's Guide

Wireless LAN technology: A buyer's guide

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Does your organization manage your WLAN on-premises or in the cloud?