ITC 465 Chapter 9
Independent Basic Service Set (IBSS)
A WLAN can be created without the use of an AP. Such a configuration, called an IBSS, is said to work in an ad-hoc fashion. An ad hoc WLAN is useful for temporary connections between wireless devices. For example, you might temporarily interconnect two laptop computers to transfer a few files.
Pre-Shared Key (PSK)
A shared secret that has been previously shared between parties and is used to establish a secure channel.
Interference
A signal that corrupts or destroys the wireless signal sent by APs or other devices
802.11a
54 Mbps - 5 GHz
802.11g
54 Mbps, 2.4 GHz
802.11ac
5GHz 1300mbps
802.11n
600 Mbps - 5GHz and 2.4GHz
Random noise jamming
Produces RF signals using random amplitudes and frequencies
802.11b
11 Mbps, 2.4 GHz
Frame compostion
802.11n changes the frame composition, resulting in increased efficiency of data transmissions due to less overhead.
Jamming
A DoS attack against wireless networks. It transmits noise on the same frequency used by a wireless network.
Configure the beacon
A beacon is a frame that is sent out by the AP periodically. The beacon announces the AP and the characteristics of the network, like the SSID, supported speeds, and the signaling method used. When you turn off SSID broadcast, you prevent the AP from including the SSID in the beacon. Wireless clients listen for beacons to identify APs in the area. The beacon is sent at periodic intervals, typically 100 ms by default, Sending the beacon uses some of the available bandwidth of the wireless network. You can reduce the traffic generated by the beacon by increasing the beacon interval. Increasing the beacon interval can increase the time it takes wireless clients to locate the wireless network. To improve access times, decrease the beacon interval.
Access Point (AP)
A device that connects wireless clients to wireless networks. Sometimes called wireless access point (WAP).
dual band access points
A dual band access point can use one radio to transmit at one frequency and a different radio to transmit at a different frequency. For example, you can configure many 802.11n devices to use one radio to communicate at 5 GHz with 802.11a devices, and the remaining radios to use 2.4 GHz to communicate with 802.11n devices. Dual band 802.11a and 802.11g devices are also available.
Public Network
A network that any user can access with no restrictions. the most familiar example of a public network is the Internet
Distribution System (DS)
A system used to interconnect a set of BSSs and integrated LANs to create an ESS
Infrastructure topology
A wireless network configuration that uses one or more WAPs to connect wireless workstations to the base station, or cable backbone.
Direct Sequence Spread Spectrum (DSSS)
A wireless technology that spreads a transmission over a much larger frequency band, and with corresponding smaller amplitude
Change the default name and password
APs typically come configured with a default username and password that is used to configure AP settings. It's important to change the administrator account name and password from the defaults. This prevents outsiders from breaking into your system by guessing the default username and password
Absorption
Absorption is the loss of signal strength that occurs when a signal passes through an object
Configure encryption and authentication
Add authentication to allow only authorized devices to connect. Use encryption to protect wireless communications from eavesdropping. Always use WPA2 when possible. If WPA2 isn't available, use WPA. Use pre-shared key (PSK) authentication with either AES (more secure) or TKIP (less secure) encryption for a SOHO network without a domain, Configure the shared secret (passphrase) value used with WPA2 or WPA. Each client needs to be configured with same secret value. Because WEP has several known security vulnerabilities and can be easily cracked, it should be used only as a last resort. When using WEP, never use shared key authentication; use only open authentication.
Site survey report
After the site survey is completed, you should create a site survey report containing: A physical network diagram, including each access point, controller, and the media that connects them. An RF model that includes a frequency/channel plan. The spectrum analysis results. A logical network diagram containing SSIDs, IP addressing, and VLAN information. Photographs and diagrams of each access point mounting site. A list of structural modifications required to build the network. A list of alternate mounting locations, if necessary. A list of equipment that must be purchased. A cost estimate for equipment and labor.
Secure the SOHO network
Although the router should now be configured to connect hosts to the private network and provide internet access, the following steps should be taken to properly secure the network from external threats: Configure the firewall on the device. Enabling the basic firewall on the router provides an additional level of security for the private network. If necessary, configure exceptions on the firewall to allow specific traffic through the firewall. Configure content filtering and parental controls. Most SOHO routers provide content filtering and parental controls that prevent hosts from accessing specific websites or using a specific internet service, such as chat, torrent, or gaming applications. Physically secure the router. Anyone with physical access to the router can make configuration changes and gain access to the network. To prevent this, limit physical access to the router. For example, place the router and other networking equipment in a locked closet.
Station (STA)
An STA is a wireless NIC in an end device such as a laptop or wireless PDA. STA often refers to the device itself, not just the NIC.
Wireless bridges
An access point used to create remote wired access to a network.
Packet sniffing
An attack on wireless networks where an attacker captures data and registers data flows in order to analyze what data is contained in a packet.
Wi-Fi Protected Access 2 (WPA2)
An improved version of WPA that does not support older network cards and offers both secure authentication and data encryption. It uses EAP for a variety of authentication methods—most often EAP-PSK. (16)
Bandwidth Saturation
Bandwidth saturation is the point at which all of the available bandwidth on an internet connection has achieved maximum capacity and cannot pass any more data through the connection.
Mixed mode
Be aware of the following when combining clients that use different 802.x standards. When you configure an access point, some configuration utilities use the term mixed mode to designate a network with both 802.11n and non-802.11n clients. In this configuration, one radio transmitter is used for legacy clients, and the remaining radio transmitters are used for 802.11n clients. Many 802.11n access points can support clients running other wireless standards (802.11a/b/g). When a mix of clients using different standards are connected, the access point must disable some 802.11n features to be compatible with non802.11n devices. This decreases the effective speed. Some newer 802.11a and 802.11g devices provide up to 108 Mbps using 802.11n pre-draft technologies (MIMO and channel bonding)
Configure the router
Before setting up the network, some basic settings on the router need to be configured. Most important is to change the default administrator username and password. Default usernames and passwords are easily guessed or discovered by checking the device documentation. By changing the password, you protect the system from unauthorized access.
Configure the internet connection
Begin by connecting the router to the internet connection using the device's WAN port. For a DSL or ISDN router, connect the device directly to the DSL/ISDN line. For a cable, fiber optic, or satellite connection, connect the router to the Ethernet port on the modem or connection device. Many routers will automatically detect and configure the internet connection. If not, follow the ISP instructions for setting up the connection. This could include: Configuring the internet connection with a static IP address assigned by the ISP or configuring the device to use DHCP for addressing Configuring the protocol used for the connection. This will often be PPPoE for an always-on internet connection Configuring logon information (username and password) to access the internet Configuring a default gateway and DNS server addresses that the router will use in order to access the internet
Devices
Below are some common devices that are used on a wireless network: A wireless NIC sends and receives signals. A wireless AP is the equivalent of an Ethernet hub. The wireless NICs connect to the AP, and the AP manages network communication. A wireless bridge connects two wireless APs into a single network or connects a wireless AP to a wired network. Most APs include bridging features.
Enable MAC address filtering
By specifying which MAC addresses are allowed to connect to your network, you can prevent unauthorized devices from connecting to the access point
Enable MAC Address Filtering
By specifying which MAC addresses are allowed to connect to your network, you can prevent unauthorized devices from connecting to the access point
Channel bonding
Two channels that do not overlap are used together in an effort to double the physical data rate.
Identify key design considerations
Create an initial design document by laying out the network on paper. Identify key wireless network design considerations, such as: Environmental conditions. Physical RF obstructions that could disrupt a wireless radio signal. Dynamic RF obstructions that are transient in nature. Future construction that could disrupt an RF signal. Sources of RF interference, both internal and external. The availability of mounting points for networking hardware, such as poles, suspended tile ceilings, and so on. Estimated bandwidth utilization requirements. Zoning and permit requirements. This is usually required only for outdoor deployments. Check your local laws for specific requirements. Later, you will conduct a site survey to validate the initial design.
Disable DHCP
DHCP servers dynamically assign IP addresses, gateway addresses, subnet masks, and DNS addresses whenever a computer on the wireless network starts up. Disabling DHCP on the wireless APs allows only users with a valid, static IP address in the range to connect.
deauthentication attack
Denial-of-service (DoS) strike that disconnects a wireless host from WAP, so that the victim is forced to reconnect and exchange the wireless key multiple times; an attacker can then perform an offline brute-force cracking of the password.
Configure for a network environment
Depending on the implementation, it may be necessary to take the following steps in order to configure the SOHO router for a particular network environment: Enable and configure a demilitarized zone (DMZ) host. Configuring a DMZ on a SOHO router causes all incoming port traffic to be forwarded to the specified DMZ host. Because this can open the network to a variety of external threats, configure a DMZ only if you understand all the implications associated with it. Configure quality of service (QoS) settings. Most SOHO routers provide basic QoS functionality. When enabled, QoS prioritizes certain network communications over others. For example, VoIP network traffic would be given higher priority and more bandwidth than HTTP (web browser) traffic. Enable the Universal Plug and Play (UPnP) networking protocol. UPnP is a networking protocol that allows UPnP enabled devices to easily discover each other on the network and share data and media content.
Disable DHCP for wireless clients
Disabling DHCP on the wireless access points allows only users with a valid, static IP address in the range to connect. An attacker would have to be able to discover or detect the IP address range, subnet mask, and default gateway information to connect to the access point.
Spectrum analysis and channel plan
During the survey, you should use a spectrum analyzer at different times of day to check channel utilization and to identify sources of RF inference at each location where you plan to deploy an access point. You can use freeware tools such as NetStumbler or Kismet to create a snapshot of wireless spectrum usage by nearby home and business networks, along with their proximity to your network. When you perform your spectrum analysis, you should record the number of other APs in the area and the channel utilization in the 2.4 and 5.x GHz bands to aid in channel planning and gather data at the heights where the AP will be installed and user devices will be located. A spectrum analyzer can determine the noise floor in the desired frequency range, allowing you to select the best available wireless channel. To determine the noise floor, identify the: Received signal level (RSL), which identifies how strong the radio signal is at the receiver. The closer you are to the transmitter, the stronger the RSL. The farther away you are, the lower the RSL. Signal to noise ratio (SNR), which compares the level of the wireless network signal (RSL) to the level of background noise (measured in decibels). Take note of: The number of other APs in the area. Channel utilization in the 2.4 and 5.x GHz bands to aid in channel planning. An SNR higher than 1:1 indicates more signal than noise, which is desirable. The farther a receiver is from a transmitter, the lower the RSL and the SNR. If the RSL falls below the noise floor, connectivity is lost. Using data from the spectrum analyzer, develop a channel plan that will work in your environment. Be sure to identify all of the frequencies that will be used.
Clearly identify expectations
Expectations should be clearly set and managed to ensure that the network design will fulfill the criteria identified in the previous step. Continue to meet with all stakeholders regularly throughout the process to communicate status, discuss anticipated changes, and review expectations. Document all discussions and decisions.
Frequency Mismatch
Frequency mismatch is when devices on the network are not broadcasting on the same frequency.
Antenna Orientation
For radio frequency wireless devices, the antenna orientation might have a small effect on signal strength. There are two types of antennas that are commonly used in wireless networks. Directional antenna -Creates a narrow, focused signal in a particular direction, which increases the signal strength and transmission distance. -Provides a stronger point-to-point connection; is better equipped to handle obstacles. Omnidirectional antenna - Disperses the RF wave in an equal 360-degree pattern. Provides access to many clients in a radius For other devices, such as infrared or satellite, the orientation of the receiving device is critical. For these types of devices, make sure the receivers have a line-of-sight path to communicate.
Warchalking
If an open WLAN (or a WLAN whose SSID and authentication credentials are known) is found in a public place, a user might write a symbol on a wall (or some other nearby structure) to let others know the characteristics of the discovered network. This practice, which is a variant of the decades-old practice of hobos leaving symbols as messages to fellow hobos, is called warchalking.
Configure the wireless protocol
If your access point supports multiple wireless protocols, select the protocols to support, such as 802.11n only or mixed mode (both 802.11n and 802.11g). Be aware that when using mixed mode, most access points will throttle all clients to the slowest connected protocol speeds (i.e. if a 802.11g client connects to the network, 802.11n clients will operate at 802.11g speeds).
Obstructions
In situations where there is no clear line of sight between transmitter and receiver due to obstructions (such as concrete, window film, or metal studs), the wireless signal is reflected along multiple paths before finally being received. This can cause phase shifts, time delays, and attenuation. To address this, use two or more antennas to increase the quality and reliability of a wireless link
Basic Service Set (BSS)
In wireless networking, a single access point servicing a given area.
Independent access points
Independent access points (APs) are where each AP stands alone, providing separate wireless networks by using its own independent configuration.
Atmospheric and EMI Conditions
Interference from weather or EMI can degrade the signal and cause service interruptions.
Latency
Latency on wireless networks is affected by several factors. Wireless communication operates in half-duplex (shared two-way communication). Devices can both send and receive, but not at the same time. Therefore, devices must take turns using the transmission channel. Typically, once a device begins receiving a signal, it must wait for the transmitter to stop transmitting before replying. An unstable wireless network signal can increase the processing that is performed on the signal by both the hardware and software
Multi-user MIMO (MU-MIMO)
MU-MIMO is an enhancement to MIMO that allows multiple users to use the same channel. In addition to adding MU-MIMO, 802.11ac doubled the number of MIMO radio streams from four to eight.
Change the default SSID
Many manufacturers use a default SSID that contains identifying information (such as device manufacturer and model number), so it is important to change the device's SSID from the default. In addition to changing the default SSID, it is also possible to disable the SSID broadcast. This is known as SSID suppression or cloaking. With broadcasting disabled, the SSID needs to be manually entered into devices for them to connect to the network (the SSID will not show up in the list of available networks). Even with the broadcast disabled, it's relatively easy to identify the SSID of a network by using readily available applications. Because of this, SSID suppression should not be the only form of protection.
Change default SSID and broadcast
Many manufacturers use a default SSID, so it's important to change your SSID from the default. You can also disable the SSID broadcast for further protection; this is known as SSID suppression, or cloaking. Even if the SSID broadcast is turned off, a determined hacker can still identify the SSID by analyzing wireless broadcasts.
Conduct initial RF modeling and mapping
Map and model the initial RF design on paper as follows: Compile all available asset information. This includes existing mounting locations, network media, and network hardware. Create an initial RF model. RF modeling is the process of identifying initial access point locations, assigning frequencies, and planning power levels.
Gather network requirements
Meet with all stakeholders and decision makers to discuss the implementations and gather detailed information. For example, you should: Identify the intended use of the wireless network. Identify the location of wireless service areas. Anticipate the number of wireless devices to be supported in each area. Discuss future network needs so that you can plan for expansion. Discuss data encryption and network security requirements.
Enable the firewall on the AP
Most wireless APs come with a built-in firewall that connects the wireless network to a wired network.
Extended Service Sets (ESS)
Multiple basic service sets used together to provide overlapping coverage on a mobility network
Work network
Network Discovery is turned on, you can join a domain, but you cannot join a homegroup
MIMO
increases bandwidth by using multiple antennas for both the transmitter and receiver.
Mixing newer and older devices
Newer devices' ability to communicate with older devices depends on the capabilities of the transmit radios in the access point. Some 802.11n devices are capable of transmitting at either 2.4 GHz or 5 GHz. However, a single radio cannot transmit at both frequencies at the same time. Most 802.11g devices can transmit using DSSS, CCK, DQPSK, and DBPSK for backwards compatibility with 802.11b devices. However, the radio cannot transmit using both DSSS and OFDM at the same time. When you connect a legacy device to the wireless network, all devices on the network operate at the legacy speed. For example, connecting an 802.11b device to an 802.11n or 802.11g access point slows down the network to 802.11b speeds.
Distributed Wireless Mesh Infrastructure
Newer wireless networks can be deployed using a distributed wireless mesh architecture. These networks still use a controller, but they move some of the network intelligence from the controller out to the individual APs.
Geofencing
Offering localized promotions for retailers in close proximity to the customer, as determined by phone location technology.
Core network planning
Plan out the core network. You should identify the IP addressing scheme and the VLAN configuration. Avoid a VLAN configuration that has a large number of wireless clients in the same VLAN because it will likely result in an excessive amount of broadcast traffic. To remedy this situation, you can: Create multiple, smaller VLANs. This will reduce broadcast traffic, but it will also require additional routers to route traffic between VLANs. Implement VLAN pooling. In this configuration, each wireless client is randomly assigned a VLAN from a pool of VLANs on the same SSID. This strategy automatically partitions a single broadcast domain into multiple VLANs. Use this information to create a logical network diagram that can be used during the actual deployment of the wireless network.
Refraction
Refraction is when radio waves pass through objects of different densities causing the signal to bend or change speeds.
Spark jamming
Repeatedly blasts receiving equipment with high-intensity, short-duration RF bursts at a rapid pace
Enable NAT
Small networks use a single public IP address to connect to the internet. This IP address is shared by all devices on the private network. Network address translation (NAT) is a protocol that allows multiple computers to share a single public IP address used on the internet. The internet is classified as a public network. All devices on the public network must have a registered IP address. This address is assigned by the ISP. The SOHO network is classified as a private network. All devices on the private network use private IP addresses internally, but share the public IP address when accessing the internet. A NAT router associates a port number with each private IP address. Communications with the private hosts from the internet are sent to the public IP address and the associated port number. Port assignments are made automatically by the NAT router. The private network can use addresses in the following ranges that have been reserved for private use (i.e., they will not be used by hosts on the internet): 10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255
Wireless On/Off Switch
Some portable devices have a physical wireless switch on the outside of the device. The wireless switch turns the device's integrated wireless network adapter on and off. When in the off position, no wireless networks are displayed as available.
Channel Interference
The 2.4 GHz frequency range is divided into 11 channels, with each channel having some overlap with the channels next to it. You might experience problems with your wireless network when other devices are trying to use the same or adjacent channels. There are also numerous device that operate in the 2.4 GHz and 5 GHz ranges, which can create background noise and additional interference. Cordless telephones that operate in the 2.4 GHz range (900 MHz cordless phones do not cause interference) Other APs in the area (for example, each of your neighbours might have a wireless network, with each configured to use a similar channel). Microwave ovens. Bluetooth devices. Wireless game controllers To avoid interference, try changing the channel used on the AP. If the area has different wireless networks configure each with a different channel, with at least two channels separating the channels in use (e.g., channels 1,6, and 11). The strength of your Wi-Fi signal compared to the level of background noise is known as the signal-to-noise ratio (SNR). If the SNR is low, your wireless network will have problems with interference.
Basic Service Set Identifier (BSSID
The BSSID is a 48-bit value that identifies an AP in an infrastructure network or an STA in an ad hoc network. The BSSID allows devices to find a specific AP within an ESS that has multiple access points. STAs use it to keep track of APs as they roam between BSSs. The BSSID is the MAC address of the AP and is set automatically
Set the SSID
The SSID is also referred to as the network name. All devices on the same network must use the same SSID. The SSID is case sensitive. To provide some level of security, consider using a cryptic name for the SSID. Using your business name for your network SSID makes it too easy to identify the network owner and could help hackers gain access.
Service Set Identifier (SSID)
The SSID, also called the network name, groups wireless devices together into the same logical network. All devices on the same network (within the BSS and ESS) must have the same SSID. The SSID is a 32-character value that is inserted into each frame. The SSID is case sensitive. The SSID is sometimes called the ESSID (extended service set ID) or the BSSID (basic service set ID). In practice, each term means the same thing; however, they are technically different.
Configure Wi-Fi Protected Setup (WPS)
The WPS security protocol makes it easier for WPS-enabled devices (e.g., a wireless printer) to connect to the wireless network. WPS can use several methods for connecting devices, including the PIN method and the push button method. The method used to connect devices must be supported by both the access point and the wireless device. Because of the inherent security vulnerabilities with WPS, it is best to disable this feature on the access point.
Determine best access point placement
The location of the access point can affect signal strength and network access. Keep in mind the following recommendations: Place access points in central locations. Radio waves are broadcast in each direction, so the access point should be located in the middle of the area that needs network access. Place access point to take advantage of the fact that devices often get better reception from access points that are above or below. In general, place access points higher up to avoid interference problems caused by going through building foundations. For security reasons, do not place access points near outside walls. The signal will extend outside beyond the walls. Placing the access point in the center of the building decreases the range of the signals available outside of the building. Do not place the access point next to sources of interference, such as other wireless transmitting devices (cordless phones or microwaves) or other sources of interference (motors or generators).
Incorrect Configuration
The most common source of problems with wireless networking is incorrect configuration. Before considering other problems, verify that the correct SSID and WEP/WPA keys have been configured. Remember that WEP/WPA keys are not case sensitive, but passphrases are case sensitive. In the case of a standalone (or thick) configuration, make sure eac individual AP is properly configured. With a controller-based (or thin) configuration, make sure each AP can communicate with the wireless controller. A similar form of an incorrect configuration is trying to access a wireless network that uses one standard (e.g., 802.11a) with a wireless card that supports a different standard (802.11b or 802.11g).
Select the network mode
The network mode you choose depends on the type of clients that will connect to your network. For the 5 GHz band, you can typically select: Mixed, which supports connections from 802.11a or 802.11n clients 802-11a only 802.11-11n only Disabled For the 2.4 GHz band, you can typically select: Mixed 802.11b/g only 802.11b only 802.11g only 802.11n only Disable
Wi-Fi Protected Access (WPA)
The original set of protections from the Wi-Fi Alliance designed to address both encryption and authentication.
Wardriving
The practice of driving around and locating open wireless access points.
Configure the region (AP only)
The region identifies the physical area where the AP operates.
Testing procedure
The site survey test procedure involves the following tasks: Mount Align Test Move Test Perform a spectrum analysis While testing, you should measure goodput. Goodput is the number of useful bits delivered from the sender to the receiver over the wireless network connection. Errors due to lost, corrupt, or dropped packets require retransmission and reduce the goodput of the connection. Part of your testing is to measure goodput.
Frequency Hopping Spread Spectrum (FHSS)
This wireless technology spreads its signal over rapidly changing frequencies
Untested Updates
Untested updates are updates that have not been tested in a test environment on your network before you applied them to your network. You should never deploy an update that you have not tested on your network first.
Random pulse jamming
Uses radio signal pulses of random amplitude and frequency to interfere with a Wi-Fi network
Equipment list
Using the network diagram you have created, identify the equipment you need. The number of wireless controllers. The number of access points. The type of media that best suits the network implementation. Use this information to generate an equipment list. If you think spare devices will be required, account for them in the list.
Conduct a site survey
When developing a munitions employment plan, the action that is the most efficient way to gather information is to
Speed and signal distance
When implementing the wireless network, keep in mind the following concerning signal distance and speed Transmission speeds are affected by distance, obstructions (such as walls), and interference. Maximum signal distance depends on several factors, including obstructions, antenna strength, and interference. For example, for communications in a typical environment (with one or two walls), the actual distance would be roughly half of the maximum. Because transmission speeds decrease with distance, you can either achieve the maximum distance or the maximum speed, but not both.
Create a whitelist and blacklist
When securing devices or navigation access, there are two options to create lists that either allow or deny access through the Firewall security: Whitelisting means that only the devices on the list are allowed access. Basically, everyone is blocked access except for the devices on the whitelist. Blacklisting means all devices are allowed access except for the ones on the blacklist. It's just the opposite of Whitelisting.
Device Saturation
When the percentage of CPU time where I/O requests are issued to a device or the bandwidth utilization for the device is close to 100%
Orthogonal Frequency-Division Multiplexing (OFDM)
Whereas DSSS uses a high modulation rate for the symbols it sends, OFDM uses a relatively slow modulation rate for symbols. This slower modulation rate, combined with the simultaneous transmission of data over 52 data streams, helps OFDM support high data rates while resisting crosstalk between the various data streams.
Update the firmware
While it's extremely important to keep your devices up to date, it's just as important to properly test new updates before pushing them out to the entire network. Proper testing saves you the headache of troubleshooting new bugs or problems on the live network that the update may have introduced.
WPA3
WiFi protected access 3 Next gen of WiFi security, uses latest security protocols, disallows outdated legacy protocols and requires use of protected management frames.
Bluetooth
Wireless PAN technology that transmits signals over short distances between cell phones, computers, and other devices
Configure the channel
Wireless networks can be configured to use one of several RF channels. Choose a channel on the AP that is not used by other wireless devices (such as phones or other APs). On the NIC, the channel is detected automatically and configured to match the channel used by the AP. Many APs detect channels used in the area and automatically configure themselves to use a channel that does not overlap with other channels used in the area.
Media access
Wireless networks use carrier sense multiple access/collision avoidance (CSMA/CA) to control media access and avoid (rather than detect) collisions. Collision avoidance uses the following process: 1. The sending device listens to make sure that no other device is transmitting. If another device is transmitting, the device waits a random period of time (called a backoff period) before attempting to send again. 2. If no other device is transmitting, the sending device broadcasts a request to send (RTS) message to the receiver or AP. The RTS includes the source and destination, as well as information on the duration of the requested communication. 3. The receiving device responds with a clear to send (CTS) message. The CTS also includes the communication duration period. Other devices use the information in the RTS and CTS to delay send attempts until the communication duration period (and subsequent acknowledgement) has passed. 4. The sending device transmits the data. The receiving device responds with an acknowledgement (ACK). If an acknowledgement is not received, the sending device assumes a collision occurred and retransmits the affected packet. 5. After the time interval specified in the RTS and CTS has passed, other devices can start the process again to attempt to transmit. The use of RTS and CTS (steps 2 and 3) is optional and depends on the capabilities of the wireless devices. Without RTS/CTS, collisions are more likely to occur.
Range
Wireless standards have a limited range. Moving a notebook outside the effective range results in a weakened signal and will likely cause intermittent reception. Moving outside of the stated range can cause the connection to drop entirely
Perform bandwidth planning
You need to understand the network's bandwidth requirements. To do this, identify the following: The amount of bandwidth required in various locations. The number of clients that will utilize this network. This is the device density. An overcapacity of clients will use up bandwidth and slow performance of your wireless network. It is better to overestimate the number of devices on your network to ensure that you have the capacity to support them. The signal strength in various locations. The farther away a device is from the access point, the more bandwidth drops. Bandwidth can also be affected by physical obstacles that interfere with the RF signal, as well as by sources of RF interference in the environment. You can measure the strength of the signal at a given distance from the access point by using the received signal strength indicator (RSSI). RSSI is measured as a negative number; a smaller value indicates a stronger signal.
Site survey test equipment
You should bring access points to each location to test the signal quality and to identify the node density required in each area. Your site survey kit should include: Two access points. Two laptops with a network performance measurement utility, such as Iperf installed so you can evaluate the network throughput available at each location. A tall ladder so you can test each AP at height or close to height. During the site survey, you will not physically install each access point. Instead, you will use a ladder to approximate the AP's final mounting location for testing. In outdoor deployments, you may need to use a bucket truck instead of a ladder to complete this task. Two-way radios to communicate with your assistants. A spectrum analyzer.
Configure security
You should enable some form of security or encryption on the AP and each wireless NIC by completing the following: Configure a MAC access list. Some APs can restrict wireless access to specific MAC addresses. Only devices whose MAC addresses are identified are allowed to access the wireless AP. Disable SSID broadcast. That way, wireless devices must be statically configured with the SSID before they can connect because they will be unable to detect the network name. Configure the passphrase WPA or WPA2. Remember that the passphrase is case sensitive. When configuring encryption, select the strongest method supported by all devices. AES is the strongest encryption method currently available, and it is used with WPA2. When using AES, all devices must be WPA2 capable. TKIP is used with WPA or WPA2. TKIP encryption is not as strong as AES encryption. Public networks may not use any encryption. Be very cautious when using these networks, as all data transmitted is easily captured and read.
Home Network
local area network designed for personal or business use in the home
Plan for Internet of Things (IoT)
Z-Wave is a wireless communication protocol that's broadly used in home security and home automation. If you have either of these systems, you probably use Z-Wave technology. It uses a mesh topology so that each device acts as a repeater. As you increase the number of devices you have, it increases the power of your signal. Unlike most newer wireless protocols, Z-Wave uses low-energy radio waves that are capable of little bandwidth. Devices that use Z-Wave are designed to need very little bandwidth to interact with each other. Ant+ is a protocol used to monitor sensor data. It uses a 2.4 GHz ISM band and has fast transmission rates. Like the Z-Wave protocol, it's compatible with the mesh topology, but can also be used with the point-to-point, star, and tree topologies. It's been used for things like geocaching and health monitors. Near-field communication (NFC) allows devices to communicate and share data with each other. It requires devices to be about four inches apart to communicate with each other. It's very common to see NFC used with cell phones and mobile pay applications. It's also used to pair devices that will then use other technologies to communicate.
Rogue access point
a wireless access point that gives unauthorized access to secure networks.
Hub-and-spoke infrastructure
a wireless controller is connected to all APs through wired links. The individual APs contain very little embedded intelligence and are sometimes referred to as lightweight access points (LWAPs). The wireless controller: Manages all of the APs that are connected to it. Configuration changes are made once on the controller and are then pushed out to all connected APs. Provides (typically) DHCP services to dynamically assign IP addressing information to wireless clients. Connects the wireless network to the internal wired network. Routes wireless traffic from the wireless network to the internal wired network (and vice versa)
Open system
authentication that requires that clients provide a MAC address in order to connect to the wireless network.
Data emanation
collect electronic component emission and piece them together into readable data
802.1x
uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.
ad hoc topology
wireless nodes are in charge of sending and receiving traffic to each other, without the assistance of infrastructure devices, such as switches or access points.
AP Placement
▪ Careful planning is required to prevent the APs from interfering with one another and still maintaining the desired coverage area in ESS ▪ Coverage should overlap between APs to allow uninterrupted roaming from one cell to another but can't use overlapping frequencies
