BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Do you want the right on-premises WLAN platform for the enterprise? There are a number of factors to consider, but four are most critical.
First, what kind of wireless LAN (WLAN) performance do you need? Take into account wireless throughput speeds, capacity, consistent signal while moving through a WLAN and self-healing options in the event of component failure. Second, understand the security options that ensure end devices and users are properly authenticated and can access networked resources. Third, evaluate the deployment options that best match the enterprise's specific needs from a physical and logical design standpoint. And, finally, determine which on-premises WLAN platforms are easiest to manage.
WLAN performance requirements
Why go with on-premises WLAN over a cloud-managed WLAN? One word: performance. WLAN hardware components offer consistently better quality and are more finely tuned by the manufacturer. In addition, many vendors develop custom wireless chips and specialized antennas to give their equipment an extra boost.
Additionally, network administrators have more control to tweak an on-premises wireless network from a software configuration perspective. Local WLAN controllers allow administrators to modify even the most sensitive settings. Properly configuring on-premises WLAN controllers requires much more skill, but if done right, admins can configure WLANs for optimal performance in virtually any setting.
When researching on-premises WLAN options, you will frequently run across the term merchant silicon. This describes commodity microchip components that are standards-based and, therefore, identical no matter the vendor. Most cloud-controlled products use more merchant components than locally controlled products. The focus of cloud-controlled products is more on the ease of management than on performance.
WLAN vendors place varying amounts of effort into customizing chips and antennas -- it takes an incredible amount of time to create customized components. While this results in significant performance gains and improved wireless stability, it also increases costs.
This series on wireless LAN controllers examines some of the leading vendors in this segment. Companies selected were based on research data from TechTarget surveys, interviews and reports from other respected research firms, including Gartner.
WLAN security options
Wireless security options are an increasingly important factor when choosing a WLAN system. In the past, most enterprises simply used authentication and encryption security measures on their Wi-Fi. But with wide adoption of BYOD policies and the impending internet-of-things revolution, wireless devices need more advanced security. This includes the accurate identification of users and devices, automated onboarding and offboarding capabilities, device and operating-system posture assessment and remediation, and context-aware policy enforcement. It's wise to take all of these factors into account before choosing a specific vendor.
Because wireless follows strict, standards-based protocols from an encryption and authentication standpoint, WLAN security is often thought to be the same across the board, no matter the WLAN manufacturer. But by using components from multiple vendors instead of implementing an end-to-end platform, on-premises WLAN security becomes more complex.
Vendors like Cisco, Aruba and Extreme Networks offer a full range of security options that assist in authentication, access control, and user and device management. Using a single-vendor deployment end to end typically decreases complexities. Additionally, troubleshooting a single-vendor architecture is far less time-consuming. This is especially true with support contracts that include troubleshooting services from the vendor.
On the other hand, WLAN vendors that don't offer a full suite of security products make the case that because wireless is standards-based, the enterprise can select top-of-the-line security products to implement as the enterprise sees fit. This may be the optimal choice if the enterprise values increased security over ease of management -- and is willing to purchase the absolute best products from multiple vendors.
WLAN deployment flexibility
The importance of flexibility in deploying various vendor WLAN platforms depends on the current state of a network. If the physical network environment consists of a single building or a group of interconnected buildings on a local campus, deployment flexibility isn't much of a concern. But if the enterprise consists of multiple branch offices spanning large geographical regions, flexible deployment options are critical.
Because most on-premises WLANs are designed and configured to tunnel traffic back to a controller, WLAN performance can pose problems in remote sites. This is because Wi-Fi traffic would have to tunnel across a WAN connection, which is often not an optimal path.
Vendors take different approaches to address this issue. One is to place smaller controllers at branch offices, so they can operate independently and do not have to tunnel traffic back to a centralized controller. Other vendors allow remote-site access points to offload wireless data locally onto the wired network as if it were an autonomous or cloud-controlled AP.
Lastly, some vendors offer wireless hardware that can be used with on-premises controllers or through a cloud-controlled architecture. For those looking to eventually move toward a cloud-controlled architecture, this may provide a path that does not require a complete hardware rip and replace.
Ease of management
Because on-premises wireless platforms are inherently more complex to deploy and maintain, it helps to implement an easy-to-manage system. When evaluating different WLAN products, always consider how the in-house IT staff will manage it in terms of troubleshooting and general maintenance. Having fully trained IT staff at every WLAN location is ideal, but it's logistically challenging.
Most on-premises wireless networks offer some form of remote management and diagnostics. Therefore, it's crucial that IT administrators feel comfortable with the controller's management interface and remote troubleshooting tools. Also keep in mind that some vendors require additional management servers -- at an additional cost -- in order to take advantage of the full spectrum of their WLAN management features.
Lastly, configuration backups and fault monitoring of an on-premises controller are solely the responsibility of the internal IT staff. Therefore, it's important that backup and monitoring tools are in place in order to maintain a high level of availability for the wireless LAN.
Examine the benefits of provider-based vs. premise-based network management.
Learn best practices for wireless security.
Explore WLAN security tools.
Examine network access control tools for the enterprise.