For any IT enterprise looking to upgrade its legacy wireless local area network, one of the main questions that crops up is whether to implement a WLAN managed by on-premises controllers or one whose controllers are located in the cloud. Depending on your company's structure, current network design and wireless requirements, one architecture will likely trump the other.
Let's first look at the evolution of WLAN networks and point out some key differences between an on-premises WLAN and a cloud-managed WLAN.
The evolution of WLAN design
When enterprise WLANs were originally deployed, each wireless access point was configured and managed independently from other APs on the same network. At the time, this wasn't a problem because most companies designated specific areas where wireless hotspots were used. These areas were typically places such as conference rooms, lobbies and outdoor patios -- any location with many users and few wired ports.
As the demand for wireless access grew within the enterprise, so did the infrastructure required to supply it. Suddenly, network administrators had to manage hundreds -- or even thousands -- of APs in an attempt to blanket entire buildings and campuses with a wireless signal. Even more problematic, the APs had no ability to communicate with each another, so technical issues like co-channel interference, power adjustments and client roaming rendered many networks unstable and unpredictable.
To solve these technical issues, WLAN vendors created wireless LAN controllers to force data and management control-plane data back to a single location. The controller's job is to be a single choke point for AP configuration, communication and, in most cases, policy enforcement. The APs themselves lose their individual intelligence, and the controller becomes the brain for the entire WLAN.
This design has a couple of major advantages. First, the wireless controller oversees all the APs throughout the network and has a complete view of the WLAN as a result. IT staff can use the controller to make intelligent radio adjustments as needed. This allows WLAN administrators to modify wireless channels when interference occurs, change wireless signal strength when APs go offline/online, and switch clients from one AP to another. The second major benefit is that both control-plane and data-plane traffic is tunneled back to the wireless controller before it is placed onto the local data LAN. This can be both a positive and a negative from a data-plane perspective. It's a positive in the sense that wireless policies for specific SSIDs are enforced at only one location, making policy management incredibly easy. The design, however, can create bottlenecks and single points of failure if not planned properly.
With a cloud-managed WLAN, APs connect to a virtual controller, typically located in a public cloud on the Internet. Control-plane information, AP management and other WLAN services are performed between the cloud controller and the local APs across an Internet connection. The primary architectural difference between an on-premises controller and a cloud-based controller regards the flow of data-plane traffic. In an on-premises design, both control- and data-plane communication is tunneled back to the controller in a process called wireless backhaul. By contrast, in a cloud-controller design, data-plane information is offloaded as soon as it hits the LAN. This means that any policy enforcement is performed on the AP itself, which makes cloud-controlled APs semi-intelligent, as they must locally possess and enforce policy rules.
Now, both on-premises and cloud-managed WLANs are enterprise-ready in terms of management, automated intelligence and reliability. Determining which implementation will give your organization the best return depends on a number of factors. Let's look at the benefits and best use cases of both cloud-managed and on-premises WLANs.
Benefits of on-premises WLANs
LAN architecture: The first thing to examine is the current state of your LAN. Users who already have an on-premises wireless controller may simply be looking to upgrade. From a Layer 2 and Layer 3 perspective, changing to a cloud-based system would require reconfiguring the network to permit the cloud-controlled network to offload wireless data directly to the LAN as opposed to having it tunneled back to the on-premises controller. Depending on the size of the network, this would take a considerable amount of time to accomplish. So, for many, simply upgrading to a next-generation on-premises controller that tunnels both control- and data-plane information back to the local controller is the easiest option.
Internet connectivity: Cloud-controlled WLANs rely heavily on the Internet in order to function properly, which can be an obstacle if your Internet connectivity is spotty. In addition to communicating wireless control data to and from local APs, the cloud controller also often performs other wireless services like Dynamic Host Configuration Protocol provisioning and authentication. If your Internet connectivity is unreliable or suffers from latency and throughput problems, it's best to stick with an on-premises approach that controls all of these functions locally.
WLAN complexity: In most situations, on-premises controllers offer far more flexibility when it comes to the actual design and deployment of the WLAN. This includes more advanced support for legacy Wi-Fi devices and applications, and more granular control over specific wireless settings. For enterprises that leverage thousands of APs in large campuses, multiple on-premises controllers can work together to provide robust WLAN access and failover for clients. In these types of complex WLAN scenarios, on-premises controllers offer far greater benefits than cloud-controllers.
Benefits of cloud-managed WLANs
Ease of remote management: If your organization is geographically dispersed with hundreds or even thousands of branch sites, a cloud-based WLAN might be ideal for you. With a cloud approach, you have a single point of management, regardless of where IT staff is physically located. This eliminates the need to deploy controllers at each site, and network administrators no longer need to worry about remote access into each site, as everything is controlled in a public cloud. Many network vendors also offer other network devices, including cloud-managed switches, routers and firewalls. So, if your organization is geographically scattered, you may not only want to evaluate cloud-based WLANs but put all network management into the cloud as well.
A benefit of cloud-managed WLAN hardware is the fact that most vendors offer zero-touch deployments. This means you can preconfigure your wireless network before it is even shipped from the manufacturer to the remote site. The AP need only be connected to the network, powered on and it will set itself up automatically using the preconfigured settings based on the serial number and MAC address. This means field technicians no longer have to travel to various branch offices to set up their wireless networks.
No controller hardware limitations: One challenge with on-premises controllers is that you are limited to your organization's existing hardware. Smaller on-premises controllers can manage up to 25 APs, while others can handle thousands. But either way, the amount of hardware that controllers can handle is limited. New hardware would have to be purchased for rapidly expanding infrastructures, whereas cloud WLAN theoretically has no limits. In the cloud, your WLAN can contain anywhere from a handful to thousands of APs without being restricted by hardware limitations.
Along those same lines, as new features come out, older controllers must be manually upgraded to handle advanced capabilities, which can take a lot of time and manpower to accomplish. With a cloud controller, updates are performed by the provider in the cloud.
There is no "right" solution when it comes to the on-premises versus cloud-managed WLAN debate. Each approach has positives and negatives. Before buying, evaluate the current and near future state of your network, then gauge which factors listed above are critical to the success of your organization. In all likelihood, a clear winner between on-premises and cloud WLANs should emerge, and you can then focus on which specific vendor portfolio is right for you.
Learn about the myths and facts of cloud-managed WLANs
Learn how to install a WLAN for the enterprise
Combining wired and wireless network management in a controller-centric architecture
Best practices emerge for WLAN security