enterprise infrastructure design scenariosbr.comstor.com/documents/41459/enterprise...
TRANSCRIPT
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-1
WLAN Deployment Design Scenarios
Renato Saraiva, CCIE # 25336
Partner Systems Engineer
Enterprise Infrastructure Design Scenarios
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-2
Enterprise WLAN Requirement
A WLAN that allows computer users in a company to access any data or computing resource on both the intranet and internet.
– The Enterprise WLAN is business critical
If the network fails, the company is losing productivity
All users have credentials and must authenticate
Intrusion prevention and detection is required
Network is likely to:
– Have multiple locations on multiple floors.
– Be comprised of hard wall and cubicle work space.
Mobility is important especially for voice applications
May support guest users with scavenger class of service
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-3
Bandwidth
QualityScale
Enterprise WLAN Criteria (Cont.)
Cisco
Media
Ready
WLANVideoStream
ClientLink
End-to-End QoS
Call Admission
Control
Spectrum
Analysis
802.11n
BandSelect &
LoadBalance
The Enterprise WLAN supports multiple applications.
– Data
– Voice
– Video
– Context aware services
Location
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-4
Enterprise WLAN Design—Data
Generic guidelines for only data application
5000 ft2 per AP (1 ft2 = .093 Sq m2) or 464,52 m2
– 80,000 ft2 of carpeted area may require 16 APs
Used only to build a quick bill of materials
10% overlap of coverage cells for roaming support
– AP at 60% power for coverage redundancy
In case of AP failure
– Average -75dBm at the edge of each cell
Can only be confirmed by site survey
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-5
Enterprise WLAN Design—Data and Voice
Generic guidelines for voice and data applications
3000 ft2 per AP (1 ft2 = .093 Sq m2) or 278,71m2
– 80,000 ft2 of carpeted area may require 27 APs
Used only to build a quick bill of materials
15% overlap of coverage cells for roaming support
– AP at 60% power for coverage redundancy
In case of single AP failure
– Average -67dBm at the edge of each cell
Can only be confirmed by site survey
Implement Cisco Centralized Key Management
– Reduces latency associated with roaming
Do not implement Cisco Aggressive Load Balancing
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-6
Enterprise WLAN Design—Video
Generic guidelines for voice and data applications still apply.
Maximum of 20 clients per AP.
– Each multicast will be sent as a unicast to subscribed clients.
Each unicast will be sent to each device at their connected data rate.
– Changes dynamic of multicast being sent at lowest common denominator data rate.
– Must implement Cisco VideoStream technology.
Confirm that LAN can support multicast traffic loads prior to allowing application on WLAN.
– Implement IGMP snooping to prevent LAN from being overwhelmed with multicast traffic.
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-7
Enterprise WLAN Design—Location
Generic guidelines for video, voice or data applications still apply
AP placement must take triangulation into consideration
– Effective location requires three APs to detect signal
AP placement should be staggered
AP density should be greater
– Requires AP placement at the perimeter of building interior
– May require AP placement outside building perimeter.
Not a typical deployment for Enterprise WLAN
– Devices typically are used and located within the building
More typical deployment of HealthCare WLAN
– Devices may require connectivity and location outside of the building
– Devices may be restricted from leaving a building
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-8
Enterprise WLAN Solution Design
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-9
Enterprise WLAN Solution Design (Cont.)
The complete generic WLAN design solution is required for the Enterprise WLAN solution due to business critical classification.
WLAN controller choice:
– Based on current topology and total AP count – WLC5508 or WiSM2
– Designed with n+1 for failure redundancy
WLAN controller placement:
– Consider desired data flow for placement in network
Majority of implementations place controller at core
– Data flows to core for routing
– Seamless roaming
Some implementations place controller at edge
– Supports slow interconnection from access to core
– Keeps majority of data at access
5508 WLAN Controller Cisco WiSM-2
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-10
Enterprise WLAN Solution Design (Cont.)
Implement 802.1X infrastructure:
– RADIUS server with EAP support for client authentication
– Dynamic keys and encryption for security
Minimize the SSID required to support applications:
– Create SSID based on authentication types
Place user in appropriate VLAN by user credentials
Quality of service can be implemented per VLAN using 802.1p:
– Voice only devices would be on separate VLAN
– Implement Session Initiation Protocol (SIP) flow detection of voice application from data device to provide priority
Skype
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-11
Enterprise WLAN Solution Design (Cont.)
Utilize IPS
– Implement rogue classification policy
Malicious AP: AP not part of infrastructure using same SSID—should be contained
Friendly: Neighboring AP using unique SSID
Unclassified: Default value for all detected APs
– Implement client authentication policy
Exclusion list inappropriate clients
– Criteria based on number failed authentication attempts
– Monitor message logs
Note integrated signature violations
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-12
Enterprise WLAN Solution Design (Cont.)
Utilize standard network management systems
– Syslog server
Implement syslog server to provide appropriate context
– Network time protocol server
Implement network time protocol server to provide accurate time stamps and activity correlation
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-13
Enterprise WLAN Solution Design (Cont.)
APs
– Consider external antenna requirements
Mounting on ceiling, enclosure or wall
AP1130 AP1140 AP3500 AP1240 AP1250 AP1260 AP3500e
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-14
Enterprise WLAN Solution Design (Cont.)
Aps
– Utilize Cisco RRM feature
Reduce interference from signal emitting devices
Reduce co-channel interference by optimizing channel configuration
Ch 1
Ch 6
CH 11
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-15
Enterprise WLAN Solution Design (Cont.)
H-REAP or local controller for remote office support
– H-REAP not recommended to support video
– Solution based on following criteria
Desired data flow
Application latency requirements
– Determine required bandwidth from AP to controller
Required roaming
– Layer 2 roaming is supported by H-REAP
– Layer 3 roaming is not supported by H-REAP
WAN Link
(T1, DSL, FR)
Remote Office
Main Office CAPWAP Control
VLAN 101
LOCAL VLAN
Centrally Switched Client
Data
Locally
Switched
Client
Data
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-16
Enterprise WLAN Solution Design (Cont.)
WCS
– Required for consistent multi-controller configuration
– Provides WLAN management tools for peak performance
Controller and AP templates
Location
Reports
Heat maps
Security audits
Location readiness tool
Voice readiness tool
Client troubleshooting tool
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-17
Enterprise WLAN Solution Design (Cont.)
MSE (Mobility Service Engine)
– Required for multiple device client location
Location notification
Location tracking
– Historical data collection
– CleanAir support
Persistent channel avoidance
Interference correlation
– Advanced intrusion detection signatures
MSE 3310
CAS: 2,000 DevicesWIPS: 2,000 AP’s
CAS: 18,000 / >18,000 Devices *WIPS: 3,000/ >3,000 AP’s *
MSE 3355
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-18
Enterprise WLAN Solution Design (Cont.)
Spectrum intelligence
– Required for effective troubleshooting
Stand alone console
Integrated into APs with CleanAir technology
Site survey tool
– Required for effective WLAN measurement
Packet capture analysis tool
35
20
63
97
90
100
Good
Bad
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-19
Summary
Enterprise WLAN Solutions allow computer users in a business setting to access any data or computing resource on both the intranet and internet and support multiple applications.
The data-only application requires 1000 square feet per AP and 10% overlap of coverage cells for roaming support.
The data and voice application requires that Cisco Centralized Key Management be implemented, not Cisco Aggressive Load Balancing.
The video Enterprise WLAN Solution uses the generic guidelines for data and voice applications and allows a maximum of 20 clients per AP.
If a location is to be implemented, different AP densities and AP placement schema may be required.
The integration of the Cisco WLAN solution into an existing multi-site data network infrastructure is shown as an example of an Enterprise WLAN Solution.
© 2010 Cisco Systems, Inc. All rights reserved. CUWN v7.0—6-20