In the first part of this series on WLAN testing and troubleshooting, we learned about wireless intrusion prevention systems (WIPS). In part
two, we examine how to troubleshoot Wireless LAN proactively.
In the past, small Wireless LANs (WLANs) that were built to support email and the Web were often debugged using manual tools designed for radio frequency (RF) experts. But as workforce size and diversity grow, and as WLANs become a primary source of network access, that WLAN troubleshooting approach hits a wall quickly. WLAN managers can’t afford any network downtime as they fix problems. So the answer now lies in easier-to-use remote WLAN management tools, backed by proactive WLAN diagnostic tests, to spot and fix issues before users are impacted.
How WLAN managers can help in proactive WLAN troubleshooting
With 802.11 being added to laptops, netbooks, smartphones, printers, cameras, consumer electronics and more, users connecting to the WLAN from the same location may have very different outcomes depending on the device. To be effective, help desks must have readily-accessible insight into what a given caller is actually experiencing, both historically and in real-time.
This is where contemporary WLAN managers can be helpful. For example, Meraki's Cloud Controller displays near-real-time status for each connected client, with click-through access to each client's event log, and it offers basic diagnostic tools and functions (e.g., identifying associated APs, pinging clients from AP and monitoring input/output counters). Triage tools like this are simple enough for the help desk to use and readily available from a webpage.
However, the more complex the network, the harder troubleshooting becomes. Clients can rapidly roam between several APs; some offices may even use varied APs. Here, advanced third-party WLAN management may be warranted. For example, Aruba’s AirWave Management Platform displays multi-vendor APs and client statuses tailored by role, such as help desk, Network Operations Center (NOC) and engineering. Every connection is monitored and mapped in real time and recorded for trend analysis. The goal is to quickly differentiate between problems caused by user error, client configuration, network outage, weak coverage or congestion. Tools like Aruba’s AirWave try to resolve most troubles at tier 1 while escalating tougher issues to higher level engineers (tiers 2 and 3).
Proactive WLAN testing using distributed sensor platforms
Of course, the least expensive problems are those that never trigger help desk calls because they are detected, diagnosed and resolved prior to impact. For this reason, enterprises often run automated network assurance tests -- periodically connecting to key servers and applications to quickly alert the NOC to troubles.
However, network assurance is harder in a WLAN because users move around. Knowing that an AP is reachable is not the same as verifying wireless clients that can connect to that AP from various locations using different SSIDs or bands. For the latter, consider a tool like the Motorola AirDefense Network Assurance Suite or 7signal Sapphire.
Such tools use remotely-deployed Wi-Fi sensors to create a distributed test platform. For example, the AirDefense suite is a wireless intrusion prevention system (WIPS) add-on that instructs otherwise full-time sensors to periodically connect to nearby APs, just like "real" clients. Once connected, those sensor clients run defined network assurance tests, proactively alerting the NOC to failures and supplying diagnostic data (e.g., remote packet captures, key indicators).
AP-based spectrum analysis to analyze air quality
Troubles caused by user error, client configuration or upstream network/application failures can't be resolved "auto-magically" by a WLAN. However, those resulting from weak coverage or RF interference can sometimes be auto-remedied by APs and controllers.
Nearly every AP can be configured to select a "best" channel. Some controllers let admins force APs to immediately reassess channels or control how often they are re-examined. Radio resource management algorithms vary, but usually consider other APs on each channel and their signal strength. On 5GHz DFS channels, other transmitters (such as radar systems) must also be considered.
But problems caused by non-802.11 interferers can be harder to diagnose and avoid. The traditional method -- sampling areas with a handheld spectrum analyzer -- is fraught with limitations. Sporadic interferers may not transmit during sampling. Spectral graphs can be hard to interpret visually in noisy, densely-populated airspaces. By the time sampled measurements have been interpreted, the situation may have changed once again.
To overcome these limitations, several vendors, including Aruba, Cisco, Meraki, Meru and Motorola, now offer AP-based spectrum analysis. Capabilities differ, but such tools use APs to listen for non-802.11 interferers. Some even apply signatures to classify interferers (e.g., video cameras, phones). For example, Cisco Clean Air periodically puts Aironet 3500 APs into monitor mode to spot, categorize and localize 2.4 and 5 GHz interferers, reassigning channels to avoid both 802.11 and non-802.11 interference.
Read part three of this series on WLAN testing and troubleshooting where we discuss WLAN performance optimization.
About the author: Lisa A. Phifer is vice president of Core Competence Inc. She has been involved in the design, implementation and evaluation of data communications, internetworking, security and network management products for more than 20 years and has advised companies large and small regarding security needs, product assessment and the use of emerging technologies and best practices.
This was first published in December 2010