Architectural Principles
| The model Griffith chose for its underlying wireless coverage maps was quite different from that of many other universities. Whereas other educational deployments have typically opted for blanket coverage, Griffith chose to provide connectivity only in specific Smart Zones, for several reasons. Smart Zones allowed the IT group to dissuade faculty members from using wireless within their staff offices, where they already have 100-Mbps switched cabling. "Most staff do not understand that wireless is a shared medium technology," says David Renaud, wireless network support engineer at the university, "and is not meant to be a replacement to the wired infrastructure, but as a complementary technology to be used in specific Smart Zones." Figure 12-1 shows the Smart Zone, shaded in gray, where wireless coverage is provided in one of Griffith's campus buildings. Coverage maps, such as this one, are made available on the Wireless@Griffith portal, allowing university students and staff to check service areas at any time. Figure 12-1. Smart ZonesReprinted with permission of Griffith University  Equally important, by providing coverage in specific Smart Zones only, users were guaranteed a quality service. Signal strength and coverage are guaranteed in the Smart Zones. Although students and staff might be able to access the WLAN outside of the coverage areas, they can experience low data speeds or connectivity problems. No IT support is offered to users and staff outside the Smart Zone. "By adopting this model, all parties have a clear understanding as to where we will support users on wireless," explains Renaud. Griffith University makes the following service disclaimer on its web portal:
The Smart Zone model has proven very successful for the university. Satisfaction levels remain high because the user population understands where connectivity is provided. TopologyThe IT staff at Griffith University opted for a simple architecture that would integrate seamlessly with their existing security infrastructure. Choosing a simple, flat network with a single VLAN per geographical campus also helped reduce the operational support overhead with easier troubleshooting and second- and third-level support. (You learn more about the university's three-tiered support system later in the section "Service and Support.") This in turn provides connectivity to a VPN concentrator only. Access points are therefore isolated from the normal academic network, and access is only possible through authenticated VPN sessions. Additionally, by limiting the numbers of VLANs to one per campus, seamless inter-AP roaming is supported, with no loss of VPN session connectivity. Figure 12-2 shows how the wireless LAN (shaded in light gray) and access points are isolated from the production data network (shaded in darker gray) by the use of a VPN concentrator. Access to the university network, servers, and services, and even the Internet, must go through the concentrator. This design ensures that only authorized traffic ever traverses the university's network. Figure 12-2. Typical Griffith University Campus 802.11 Wireless Networking StandardsGriffith standardized on the 802.11g WLAN protocol for its WLAN. This choice provided backward compatibility with the older, more common 802.11b standard (also in the 2.4-GHz frequency range), and it also offered higher speeds and increased throughput for client devices that supported 802.11g. It should be noted that 802.11g access points "step down" to 802.11b speeds when 802.11b clients are associated, so the full potential of this decision will not be realized until the majority of older 802.11b clients are replaced by staff and students. The university is actively facilitating maximizing the number of 802.11g clients in use because on-campus computer stores stock Linksys 802.11g cards at competitive rates. David Renaud reports that many hundreds of cards were sold in the first six months of operation. The university therefore encourages the use of 802.11g over the older 802.11b standard. To reduce cost, the university initially chose not to adopt the 802.11a standard, which would have required purchasing 802.11a radio modules for the university's access points. More recently, the newer-model access points come with 802.11a by default, and the university encourages users to utilize this frequency band where possible. Access Point SettingsThe access points have been configured to allow a maximum of 15 concurrent sessions. The university arrived at this figure based on the desire to provide connectivity to its users equivalent to or better than cable/ADSL speeds. A primary architectural and business goal was to provide a quality service to users. User perception of a high-quality service would most likely be influenced by connectivity and speed. "Although 15 may be a smaller number than other institutions have," says Renaud, "we would rather cut users off at 15, rather than risk the Wireless@Griffith service being perceived as slow and cumbersome." Such a perception has been avoided by careful, proactive planning. In locations where traffic was predicted to exceed 15 concurrent users, such as the large Gold Coast campus (where usage peaks around 40 users in the only Smart Zone), more than one AP was installed; in this case, three access points were deployed in one Smart Zone. Furthermore, the minimum association rate has been set to 11 Mbps. This setting helps manage the size of the cell and ensures that users will always enjoy high throughput. This careful, proactive planning has ensured that a good level of service, or user experience, has been achieved. The emphasis on a quality service has had a very positive effect on the solution's success. Signal Strength, Antennas, and Outdoor CoverageThe signal strength is not limited on most access points, which allows greater coverage. The exception is the university's South Bank campus, located in the commercial downtown area of Brisbane, a major Queensland city. In this area, access points are configured with lower transmit power to reduce "leaking" into nearby offices and public areas. Additionally, the IT group uses external omnidirectional antennas to cover several outdoor spaces, besides 6dBi and 12dBi patch antennas. Radio Cell ArchitectureWireless users can "step down" to lower speeds the farther away they are from the access points, until they reach 11 Mbps. The access points are configured to allow association at speeds of only 11 Mbps or higher. This setup ensures a quality experience for users and provides more predictable cell sizes and coverage zones. Global Naming StandardsA global naming standard was adopted in line with the university's existing policies. This standard ensures that second- and third-level support functions can easily identify the access points and quickly resolve their locations during troubleshooting activities. Details of the naming standard for APs follow: <campus><building>[<room>]<device id><ap number> This scheme is based upon the following values:
An example device name would be nabcn213ap01. This name designates the first access point in room 213 of the BCN building in the Nathan campus. Wireless EquipmentThe university undertook a rigorous and detailed equipment evaluation and selection process. Bruce Scott is the manager of the network and communications services group. His team created detailed requirement specifications and evaluated 10 equipment manufacturers. After initial evaluation and review, a short list of three vendors was created, and extended testing and review was undertaken. Each vendor was asked to supply test access points and clients for the university's IT staff and laboratories. Finally, the Cisco Aironet solution was adopted and the 1200 series access point selected. Lately, the university has moved on to the more recent 1131 model access point. |
EAN: 2147483647
Pages: 163