Wireless LANs are popular in homes, schools, small businesses, and key verticals like retail, manufacturing, and healthcare. But larger enterprises have been dragging their feet. Many have small pockets of deployment, but seem to be waiting for WLANs to mature before embarking upon company-wide rollout. What are they waiting for? Stable high-speed standards, security improvements, and quality of service are all concerns. But, when push comes to shove, what enterprises may be missing the most is centralized control over large, distributed WLANs.
Few companies would dream of building large wired LANs out of independent, unmanaged Ethernet hubs. So why they build large WLANs by knitting together a potpourri of hard-to-control wireless Access Points? Just as managed layer two switches tamed enterprise Ethernet LANs a decade ago, a new generation of wireless LAN switches are now emerging to enable consolidated control over large 802.11 WLANs.
Defining WLAN switches
Start-ups like Aruba, Airespace (BlackStorm), AirFlow, AirGo (Woodside), Chantry, Cranite, Vivato and established AP vendors like Cisco, Proxim , and Symbol have all announced WLAN systems that some have dubbed "wireless LAN switches." But features vary considerably, making it a challenge to understand exactly what a WLAN switch is and why you might want one.
One common thread is consolidated provisioning. Some enterprise-class APs can be remotely configured through SNMP, but most APs are fundamentally stand-alone devices. In contrast, WLAN switches are distributed systems that combine a central policy server with tightly-coupled APs that do the server's bidding. The administrator lays out WLAN topology and policies in one central GUI; the server implements that design by auto-magically pushing configurations to managed APs. Some systems can accommodate third-party APs, but for maximum benefit, you may need to buy the whole system (server and APs) from one vendor.
Another common thread is consolidated monitoring. Some enterprise-class APs can forward SNMP traps and SYSLOG records, and third-party analyzers and IDS products can sniff the air, alerting you to suspicious activity like unauthorized stations, rogue APs, or "NetStumblers." WLAN switches pull these activities together under one umbrella, using the server as a central surveillance system, and instrumenting APs to report unauthorized activity. Again, this is easier to achieve in homogenous WLANs.
Many WLAN switching systems distribute policy enforcement. APs are still responsible for most 802.11 physical and MAC functions, but the server usually off-loads some decision-making, adding functionality while keeping the APs "thin" to contain cost. Common examples include user/station authentication, load balancing across APs, and facilitating mobility when stations roam from one AP to another.
Differentiating WLAN switches
From 30,000 feet, WLAN switches don't sound all that difficult to understand. But look closer and you'll start appreciating their unique features and architectural differences. For example:
Trapeze Networks' RingMaster automates WLAN topology design: you input facility maps and desired coverage areas, RingMaster decides how many APs you need and where to put them.
Aruba's 5000 Switching System implements proxy DHCP and Mobile IP to help stations roam across subnets without session interruption. Cranite's WirelessWall uses client software on each station to facilitate secure mobility. Trapeze uses VLANs to keep roaming stations in the same virtual subnet. Cisco recently announced "fast secure roaming" that side-steps 802.1X re-authentication when roaming within the same subnet.
Aruba measures utilization and signal strength on each AP, generating dynamic WLAN maps that help administrators adjust power levels or reassign users to other APs. Airespace's AireWave Director dynamically reassigns channels based on measured load, interference and location, adjusting power to minimize overlap and let APs take over for one another.
Trapeze Network's Mobility Exchange classifies traffic based on DiffServ, 802.1p, and transport/network headers, creating class of service definitions that are used by APs (Mobility Points) to implement "per user QoS."
Vivato employs PacketSteering - a phased-array antenna system that generates very narrow signal beams that let transmissions reach farther in a given direction. Beams are recreated packet-by-packet, adjusting for station location, reducing co-channel interference, and supporting more users by giving each station its own beam.
Conclusion
WLAN switches are the newest kids on the block in a relatively new neighborhood. It will take time for customers to become familiar with products and fully understand what they offer - and for vendors to gain field experience and refine features. If you're faced with deploying a large enterprise WLAN, start tracking this emerging market and begin thinking about how switches might help you regain control over your wireless-enabled network.
Do you have comments about this article, or suggestions for Lisa to write about in future columns? Let us know!
