qstockmedia - Fotolia
In this edition of The Subnet, we catch up with Yaroslav Glushko, a senior IT engineer for networking at Infopulse, a Ukranian managed services provider. Overseeing the company's internal network -- which spans four offices and supports 1,200 users -- Glushko says it's time to adapt his wireless network design to counteract signal problems in old buildings and an avalanche of new mobile devices.
What are you working on now?
Yaroslav Glushko: We currently have several projects. The first one is maybe the biggest: redesigning our wireless network. The growth of users and the number of mobile devices they are using are both quite high, and we are trying to get the best experience for them because our office wasn't built by current [construction] standards. It's rather old, and it doesn't suit wireless communications very well. Because of several radio signal propagation difficulties in this office, we need to modify our wireless coverage to get the best experience for the current situation. And, of course, we are implementing new technologies using new wireless standards like 802.11ac as we do this.
So the problem is with the building materials?
Glushko: Yes, and what's interesting is that the walls are heavier than the floor, so between floors we have channels overlapping and interference. It's really disrupting our wireless communications.
How do you modify your wireless network design to solve that?
Glushko: We are trying to mitigate it by installing more access points and reducing the transmit power on each of these points. We are tweaking algorithms that control these settings so that all the access points see each other and try to minimize their impact on each other.
Also, we're switching more communications to the 5 GHz radio frequency band. It's wider and allows us to use more radio channels that are not overlapping. We use the 2.4 GHz radio band for 11bg [endpoints], so we are using the two in parallel, with 5 GHz for the 11ac [endpoints].
Neighboring businesses use the 2.4 GHz frequency, so we are also trying to reduce the impact of those communications on our network. Most of our users are now connected to 5 GHz, and we are doing everything to upgrade them to that band because it's more stable and less noisy.
Aside from having to rethink your wireless network design, what's your biggest challenge on the job these days?
Glushko: We are currently trying to develop the appropriate solution for unified network access architecture. It should give us the opportunity to consolidate all wired, wireless and remote VPN network access management in a single and flexible solution. Its main purpose is to apply the appropriate access level for users based on their network connection, location, time and date, device type and the device's current status, in addition to the classic user access privileges. Besides that, it should add granularity and robustness to the network access management process, improve security by providing the minimal required network access, and enhance end-user experience and productivity by allowing users to do their work from any device, anywhere and at any time.
Yaroslav Glushkosenior IT engineer for networking, Infopulse
For example, if users connect through the VPN from home using personal devices, they should get limited access to the most critical resources needed to perform their work duties remotely. And if they connect to the corporate wired or wireless network using corporate devices, they should get full access to all of the resources as they use the most secure access scenario.
There are numerous other conditions upon which the decision can be made, and a wide range of actions that can be applied to the user connections. And all of these abilities would allow us to implement access policies tailored for different use cases.
What's the background on that?
Glushko: The main problem has been that users want to work from anywhere using any device they have, not only the most secure one. And our security guys also have their requirements to restrict access to where it's really needed, so we need to find a solution that satisfies both of the parties.
On a more personal note, how did you get into IT and networking?
Glushko: When I entered university, the faculty of information and computer sciences was my chosen field. I studied there for almost six years. During my university years, I enrolled in a Cisco Networking Academy, and that's where I got my first hands-on experience in networking and became focused on it. At that time, I also started to see what was going on in the IT market and started to look for a job. It was good luck that I had friends and teachers who pointed me in the right direction, and I succeeded in getting a job at an IT company during my last year of university.
What attracted you to networking?
Glushko: The network spans over large distances and connects all of these IT systems as one living organism. When you connect to the Internet, you see the starting page on your browser, but you're not really aware of what is going on when you click on the webpage and how the packets are flowing through those links and devices. It's very interesting to me how it works and how it's all connected.
Last question: If I gave you the keys to a time machine, what point in history would you go to and why?
Glushko: There are several points of time I'd like to travel to if I could, but let me pick one. I always wanted to meet Albert Einstein, so I would like to travel back to 1905 or another year that he was working on his theories of relativity and discuss those matters with him because I'm interested in natural sciences, astronomy, physics, chemistry and other stuff like that.
See, that's a nice intellectual answer. I would've just said, 'I want to go see dinosaurs.'
Glushko: Well, I only thought about human history. But, yes, of course I would like to visit those ancient times when the dinosaurs were alive. And even farther back in time as well.
To the birth of the universe? I don't know if my hypothetical time machine goes back that far.
Glushko: We have that time machine already, because today we can observe light traveling from [celestial bodies formed during] the early moments of the universe and see what it was like at that time.
As users carry more devices, wireless network designs must evolve
BYOD network design: Beyond iPhones and iPads
Network design checklist: How to design a LAN
- Myth vs. Reality: Cloud-Managed Wireless LAN and the Primary Access Network –SearchSecurity.com
- WLAN Best Practices: 10 Questions to Ask When Evaluating Solutions –SearchSecurity.com
- E-Guide: Wireless LAN access control: Managing users and their devices –SearchSecurity.com
- Ensuring an Optimal Wi-Fi Experience: Best Practices –SearchSecurity.com