Project 1: Providing Satellite Building Access When designing a wireless network in an enterprise building, you must determine the placement of antennas and access points for best coverage. In this example, the mechanical room, elevators, and communications room are sources of frequency inter- ference that you need to consider. A single omnidirectional antenna might be capable of covering the office area in a satellite building (over 100 feet). However, with the interference items to consider, it would be better to place omnidirectional antennas (and access points) in each hallway, as shown in the Figure 9.5, to get better coverage. Also, each access point can provide redundancy. If one access point fails, the other pro- vides access to all computers on the floor. The access point wireless bridges will be placed on shelves near the antennas. The Ethernet ports of the access point bridges will be connected to the LAN switches that serve the floor.The LAN switch must be configured to permit mul- tiple media access control (MAC) addresses on the data port. Designing & Planning… Other Antenna and Access Point Bridge Placements There are several methods of placing antennas to have full coverage in a floor. Directional antennas could be placed in each of the four corners of the floor aiming at a 45-degree angle toward the center of the building. To verify antenna placement, place an access point bridge at each location and test its range with a laptop with a wireless card. It is helpful to perform this test using a roll cart, so you can roll around the hallways, offices, and conference rooms to verify coverage. Project 2: Providing Wireless Technology to the Conference Rooms For the conference room project, plan to install one access point wireless bridge. Users requiring wireless LAN connectivity will need to install wireless LAN net- work interface cards into their laptop computers.The access point will be configured as a bridge with the Ethernet port connecting to the LAN jack. An antenna will be installed in the conference room.This solution meets the requirement for access to the LAN from the hospital conference room. www.syngress.com Designing a Wireless Enterprise Network: Hospital Case Study • Chapter 9 305 As shown in Figure 9.6, the access point is placed on a shelf on the corner of the conference room. A directional antenna is also placed on the corner providing access to the conference rooms and nearby offices.The LAN switch that serves the confer- ence room drop must be configured to permit more that one MAC address on the LAN port.This same solution is applied to each conference room in each satellite building. www.syngress.com 306 Chapter 9 • Designing a Wireless Enterprise Network: Hospital Case Study Figure 9.5 Project 1: Placement of Access Point Antennas in Satellite Buildings Elevators Mechanical Room Communications Room Conference Room Office Office Office Office Office Office Office Office Office Office Office Office Office Office Office Break Room AP AP Project 3: Providing Building-to-Building Connectivity There are many different ways to provide a wireless solution for Jones Hospital’s net- work. A single wireless link could be implemented between the hospital building and each satellite building, but this solution would not provide redundancy. A full mesh could also be implemented, but it might be an overkill solution. The solution presented here is one design approach that meets the requirements. Let’s review the design requirements for this connectivity: ■ Provide a replacement to the leased T-1s that connect the satellite buildings to the main hospital building. ■ Provide increased bandwidth to the satellite buildings. ■ Provide redundancy to the satellite buildings. ■ Maintain a level of security and encryption for the links. Based on the requirements, the existing lease lines will need to be replaced with wireless links from the main hospital building to each satellite building. Data encryp- tion will be enabled to provide link security.The wireless links will provide increased bandwidth from 1.5 Mbps to 11 Mbps.To provide redundancy, we could link every www.syngress.com Designing a Wireless Enterprise Network: Hospital Case Study • Chapter 9 307 Figure 9.6 Project 2: Conference Room Solution Ethernet Port connected to LAN Drop Hall Office Office Conference Room AP building in a loop, but this would add additional cost to the solution.The redun- dancy goal can be accomplished by just adding wireless links between building pairs; for example, adding a wireless link between Buildings 100 and 101, Buildings 200 and 201, and Buildings 300 and 301. A high-level illustration of the proposed solu- tion for Jones Hospital is shown in Figure 9.7. Describing the Detailed Design of the Building Links As previously described, we want to create point-to-point wireless links between buildings. Some vendors have wireless devices called outdoor routers that can provide a solution for Jones Hospital.We will create an architecture using the existing routers in each building.The access-point outdoor routers will connect via Ethernet to the hospital router.We’ll use each outdoor router to create point-to- point links to each satellite building. As Figure 9.8 shows, Building 100 will use two wireless outdoor routers to link with the main hospital router and to Building 101 for redundancy. Data will be encrypted using 64-bit Wired Equivalent Privacy (WEP) or 128-bit RC4. www.syngress.com 308 Chapter 9 • Designing a Wireless Enterprise Network: Hospital Case Study Figure 9.7 Project 3: Proposed Building Wireless Connectivity Main Hospital Building Building 301 Building 201 Building 200 Building 100 Building 300 Building 101 Wireless Link This solution provides for 11 Mbps of bandwidth between the buildings and the main hospital building, a significant increase from the 1.5 Mbps of bandwidth pro- vided by the leased T-1 lines. Also, the hospital IS team will reduce costs by elimi- nating the monthly recurring costs for the leased lines. Let’s now look at how to add redundant links to provide backup connectivity in case of link or device failure. As shown in Figure 9.9, the main hospital router con- nects via Ethernet to the access-point outdoor routers. Each satellite building has two access-point outdoor routers to connect to the hospital and to the other building. If the link between Building 100 and the main hospital fails, the Building 100 router will still have access to the hospital via its link to Building 101.The same loop would be created for linking Buildings 200 and 201 to the main hospital route and for Buildings 300 and 301. These designs will provide redundant connectivity for all satellite buildings. If there is a problem with any link or access point device, all traffic takes the redundant path to the main hospital router.These designs provide increased bandwidth to 11 Mbps. Also, users with wireless cards in their laptops will be able to meet in the con- ference room and access the local area network. Since the leased T-1 lines are not required, recurring costs also are eliminated. www.syngress.com Designing a Wireless Enterprise Network: Hospital Case Study • Chapter 9 309 Figure 9.8 Router-to-Router Wireless Connectivity Main Hospital Router To Building 100 To Building 101 To Main Hospital To Building 301 To Building 300 To Building 201 To Building 200 To Building 101 Building 100 Router 11 Mbps link Part of planning and design will be to reserve network closet and computer room space for the placement of the access point devices.We will need to estimate the distance of the antenna cables.Also, we need to determine the necessary equip- ment and obtain the building owner’s permission to place the antennas on the building roof. Implementing and Testing the Wireless Solution When the design phase is complete and all the equipment has been acquired, we can begin the implementation phase.The following sections describe the steps to follow when installing, configuring, and testing the wireless devices. Project 1: Implementing the Satellite Building LAN Access Install the access point devices and antennas in the building floors as described in the design: www.syngress.com 310 Chapter 9 • Designing a Wireless Enterprise Network: Hospital Case Study Figure 9.9 Redundant Links: Hospital to Building 100 and Building 101 Main Hospital Router Building 101 Router Building 100 Router 11 Mbps Link 11 Mbps Link 11 Mbps Link Access Point Outdoor Routers Access Point Outdoor Routers Directional Antenna Ethernet 1. Mount the antennas in the hallways, and connect cables to the access point devices in the nearby offices. 2. Connect the access points to the floor LAN switch. 3. Configure the access point frequencies, keeping configuration information available for laptop configuration. 4. Configure the access point for bridging, and enable multiple MAC addresses on the LAN switch. At this point we are ready to test wireless access throughout the floor plan.We begin by verifying access from each office and the conference room.The hospital laptops can be equipped with the wireless PC Memory Card International Association (PCMCIA) cards and configured to connect to the LAN via the access points. Project 2: Implementing the Hospital Conference Room Implementation for the hospital conference room includes the same steps used in Project 1. For the conference rooms, install the access point and antenna at the corner of the room as described in the design diagram. Place the directional antenna so that the antenna energy covers the conference room completely.The access point is configured for bridging (no routing). Connect the Ethernet port of the access point to a LAN drop. Configure the building switch that serves the used LAN drop to permit multiple MAC addresses on that port.The following steps provide a review of this implementation: 1. Mount the access point and directional antenna in the conference room. 2. Connect the access points to the floor LAN switch. 3. Configure the access point frequencies, keeping configuration information available for laptop configuration. 4. Configure the access point for bridging, and enable multiple MAC addresses on the LAN switch. Use a laptop to verify access to the LAN in the conference room and nearby offices. Make sure that the connection is reliable. www.syngress.com Designing a Wireless Enterprise Network: Hospital Case Study • Chapter 9 311 Project 3: Implementing the Building-to-Building Connectivity The implementation of the wireless links between buildings is made in parallel to the current T-1 connectivity. No serial interfaces are used on the existing routers. In the server room of the main hospital, you connect the main router to six access- point outdoor routers.These routers reside in the server room, not outside. Install the directional antennas on the roof of the hospital, each pointing toward the direc- tion of its respective satellite building. Install and configure the primary links between each satellite building and the hospital before installing the redundant lines. Figure 9.10 shows, at a high-level, the primary links. For implementation of the pri- mary wireless links, follow these steps: 1. Install and configure the access-point outdoor routers. 2. Install the outdoor antennas and connect them to the outdoor routers. 3. Verify that the frequencies are configured and test the wireless link. 4. Verify that the received connection is strong enough to be a reliable connection. 312 Chapter 9 • Designing a Wireless Enterprise Network: Hospital Case Study Figure 9.10 Primary Wireless Links Main Hospital Building Building 301 Building 201 Building 200 Building 100 Building 300 Building 101 Wireless Link www.syngress.com At this point we connect the outdoor routers to the existing building routers. Use the following steps to make these connections: 1. Connect the routers via their Ethernet ports. 2. Enable the encryption protocols for data security. 3. Configure the existing routers to forward packets via the wireless link. 4. Since the wireless link provides greater bandwidth, verify that the packets are getting forwarded via the wireless link over the leased T-1 lines. When all six wireless links are installed and are passing traffic, install and con- figure the redundant links as shown in the steps for the primary wireless links listed at the beginning of this section.The next task is to test and verify the links: 1. Test the routing failover of wireless links by deactivating a primary link interface or an outdoor router. 2. Verify that the building still has access to the main hospital router. 3. Reenable the primary link or an outdoor router. When all of the wireless devices and links are tested, the IS Manager can place cancellation orders for the leased T-1 links. Configuring & Implementing… Verify the Wireless Service When installing the wireless antennas, use the testing capabilities of the access point devices to make sure that the wireless connection is reliable. If you encounter problems with the connection, try moving the antenna in one or the other direction to correct the problem. Verify that interference is not caused by trees or reflection from nearby buildings. Reviewing the Hospital’s Objectives Hold a follow-up meeting with the IS Department and hospital teams to demon- strate the functionality of the new wireless network and to determine the successes or failures of the wireless project.This meeting will help you determine whether you www.syngress.com Designing a Wireless Enterprise Network: Hospital Case Study • Chapter 9 313 need to expand the wireless access points further in the satellite buildings. In the meeting held with Jones Hospital, we hear that the feedback received from the hos- pital groups is good.They are satisfied with their new ability to access the LAN from the satellite buildings and the conference room in the main hospital building.The medical staff is very happy with their new mobility. The IS manager is very pleased with the savings of leased line costs and the increased bandwidth to the satellite buildings. Since installing wireless devices is much faster than requesting that fiber cabling be installed, they are very pleased that the project was completed in a short time span. Lessons Learned From this case study we learned how to deploy wireless technologies to extend wired Ethernet LANs for office and conference room areas.We also learned how to use wireless outdoor routers to provide campus links to an enterprise hospital network. We learned to follow the process of planning, designing, implementing, and testing a wireless network. Following this approach makes wireless projects easier to manage.We learned to consider interference when designing for antenna placement for best coverage of the floor area, and decided on placing two access points in the satellite building floors because of interference in the mechanical, elevator, and com- munications rooms. In addition, having two access points increases the range and redundancy of the wireless network. We decided to pair up satellite buildings to provide redundancy for the building links.This solution was not as costly as compared to creating a full mesh of wireless links.We enabled encryption to provide data security to the wireless links.We also learned that verification testing is very important.When the wireless network is implemented, testing access and routing will help validate the solution. www.syngress.com 314 Chapter 9 • Designing a Wireless Enterprise Network: Hospital Case Study [...]... is also important that the channels that are chosen be as separate as possible from each other In other words, you cannot set one radio to channel 1 and the next one to channel 2 Most access point vendors recommend a three-channel spacing between usable channels; however in certain cases it is possible to push that limit to a two-channel spacing A three-channel spacing will allow for three usable channels... 327 3 28 Chapter 10 • Designing a Wireless Industrial Network: Retail Case Study The first floor spans 200 feet by 200 feet.The main entrance to Pro Sports is on the north side of the building.The entrance implements glass panes to let natural light filter into the store An escalator, which enables customers to move to the second story, divides the store horizontally and vertically An additional escalator... more accurately in Figure 10 .8. This figure shows the RF pattern for the first floor overlaid with the RF pattern of the second floor.The RF pattern shows that almost all areas of the store are covered by at least three RF patwww.syngress.com Designing a Wireless Industrial Network: Retail Case Study • Chapter 10 terns In fact, most areas in the store are covered by five RF patterns.This extra coverage ensures... will enable the employees to respond to customer pages.These devices will make it easy to assess the customers who need assistance and respond to them quickly.When a customer requests specific information, the sales associates with that particular expertise can respond Since employee incentives are based on commission and customer satisfaction, handheld devices will become sales associates’ pagers.What... recommends that at least one of the two PC cards should be equipped with a range extender to create a distance of at least one meter between the antennas of the two PC cards.You decide that all of the radios should have the Range Extender Orinoco also recommends that you set each of the two PC cards to a different frequency channel and to optimize capacity and minimize channel crossover, and suggests that you... case study No confidential data will be transmitted using the handheld devices.The handheld devices have the capability to swipe credit cards for payment, but Bob Tucker has stated that he does not want any credit card transactions transmitted over the wireless network, not wanting to risk the possible interception of personal customer data Reviewing the Current Situation To make sure that your team... Constraints can be physical, such as no access to electrical outlets The consumer can also mandate constraints ■ Conduct a walk-through to verify information on the physical map.This helps you account for any deviance from the physical map to the existing structure A deviance can occur when store improvements are not added to existing documentation.Walk-throughs also provide you with additional information... organized to attract customers and lead them through the store.The attached warehouse acts as a receiving dock for merchandise Employees use the warehouse for inventory overflow and office activities, like general company accounting (accounts payable, accounts receivable, and payroll) For convenience, the company offices are located in the warehouse The existing wired network consists of an Ethernet local area... that just arrived Another advantage to adding this capability to the shipping/receiving area is that wireless technology will enable the shipping/receiving clerk to access the current wired network. The PC used in the shipping/receiving department currently is not connected to the office PCs It is a stand-alone PC with a separate software package that is not tied to the company accounting system Handheld... Also, MAC address-based access control table schemes are used Q: What are the ranges of wireless devices outdoors? A: Directional antennas can provide a range of up to 16 miles Q: What routing or bridging functionality is available on access point devices? A: Access point wireless devices can act as bridges or routers.They can be configured with static routers or with simple Routing Information Protocol . office for manual entry.This automation will also enable other employees to check stock accurately and quickly for items that just arrived.Another advantage to adding this capability to the shipping/receiving. Sports is located in a spacious two-story building. Both floors contain mer- chandise that is organized to attract customers and lead them through the store.The attached warehouse acts as a receiving. WEP, and 1 28- bit RC4. Also, MAC address-based access control table schemes are used. Q: What are the ranges of wireless devices outdoors? A: Directional antennas can provide a range of up to 16