BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
With Wi-Fi now the primary, default, and often the only access in the organization, IT managers are today motivated...
to get the most from their wireless LANs. They need to provide support for every application, whether local or cloud-based, on an increasingly broad range of devices and with a wide array of traffic types and classes of service, including voice and streaming video. All this must be done while maintaining high security, minimizing total cost of ownership, managing transparent scalability and maintaining management visibility and -- here's the operative term -- control. What's needed are wireless LAN controllers.
While we usually think of wireless LANs as primarily a vehicle for moving data, there are two other key functional components. The first of these is management, as embodied in the management console of a particular product. The console provides configuration, visibility, alerts and alarms, troubleshooting, reporting and many other functions, but most management strategies are today based on creating and enforcing policies relating to class of service, quality of service (critical for time-bound traffic), security specific to a given class of users, and many other aspects of performance, from radio resource management to BYOD to guest access and well beyond.
But the second component is truly where the rubber meets the road -- wireless LAN controllers, or more properly the control function of the wireless LAN. Think of control in this context as a layer of capability that sits between the management function, which again sets policies, and the data-moving part of the system that does so according to these policies. In fact, layer is a very apt analogy here, as we often describe functionality within a WLAN system in terms of three planes -- management, control and data.
I like to describe the control plane as the operating system of the wireless LAN system. It executes and enforces the policies set in the management plane by directing and optimizing the functions implemented in the data plane. How well a given vendor implements the control plane often determines the overall performance of a given WLAN system, and today that is usually even more important than radios and antennas in determining ultimate success.
Implementing WLAN controllers
There is significant debate as to how the control plane in enterprise-class WLANs should be implemented. There are two key schools of thought here. The first involves the implementation of centralized control, typically via a dedicated physical controller appliance, which is usually based upon a single-board computer running specialized software that implements the control function (and sometimes the management function as well). The second is distributed control, sometimes called controllerless (even though, yes, the control function is still there). In this architecture there is no controller appliance; the access points instead exchange control information among themselves. Which is better? The proponents of the centralized model argue that wireless LAN controllers have visibility across the entire wireless network, so resource-allocation and traffic-optimization decisions are much more efficient and effective. Those in favor of the distributed approach, however, note that eliminating the controller saves money with no necessary compromise in function -- perhaps a lot of money, since redundant controllers are necessary to ensure continuity of operations in the event that wireless LAN controllers fail or otherwise goes offline.
Complicating matters is the virtualization of wireless LAN controllers—that is, locating it in the cloud. Some vendors even offering cloud-based control as a service. Clearly, making a decision on a WLAN vendor and system based on architectural matters can be difficult. IT managers should take heart in knowing that a solution addressing their particular combination of scale, performance and management requirements is indeed available. And once the controller (or, again, control function) is up and running, it's rare for any additional effort beyond the occasional software upgrade to be required here.
Best practices for WLAN security
Implementing VLAN over WLAN
Security considerations in configuring WLAN