Overview of Deploying a Wireless LAN

To provide authorization and authentication, automatic IP address assignment, and name resolution for wireless users, your networking infrastructure should include the following services:

• Active Directory directory service

• Remote Authentication Dial-In User Service (RADIUS) servers and proxies

• A certificate infrastructure, also known as a public key infrastructure (PKI)

• Dynamic Host Configuration Protocol (DHCP) services

• Domain Name System (DNS) services

These services together provide the security, availability, and scalability needed for an enterprise WLAN solution. Before you begin designing and deploying an enterprise WLAN, all of the supporting components and services in your networking infrastructure should be in place.

All of the components required for an enterprise WLAN solution are included with Windows Server 2003 and Windows XP. Windows Server 2003 includes DHCP, DNS, and Certificate Services, and support for RADIUS (through the Internet Authentication Service [IAS]), the IEEE 802.1X standard, and certificate authentication. Windows XP with wireless network adapters provides support for wireless devices such as laptops and personal digital assistants (PDAs), the IEEE 802.1X standard, and certificate authentication.

After designing your enterprise WLAN and deploying the networking components and services needed for the WLAN, you will be able to maintain a secure and manageable wireless network by using supported features such as the Wireless Zero Configuration (WZC) service included in Windows XP and Windows Server 2003, RADIUS-based 802.1X authentication, and interoperability with other networking services.

Process for Deploying a Wireless LAN

In deploying a wireless LAN, adapt your existing network infrastructure for a WLAN before designing the wireless network access solution — that is, deciding where to locate wireless access points (APs) and how to deploy them; designing wireless security and unauthenticated access; optionally designing a public space WLAN; and designing for better manageability. Before embarking on a full-scale WLAN deployment, implement a WLAN test environment and test your wireless networking solution. Figure 11.1 shows the major steps in the process for deploying a WLAN.

Figure 11.1: Deploying a Wireless LAN

WLAN Technology Background

The WLAN solution provided by Windows XP and Windows Server 2003 is based on IEEE standards 802.11 and 802.1X.

IEEE 802.11 IEEE 802.11, the standard for WLANs, specifies a technology that operates in the 2.4 through 2.5 GHz Industrial, Scientific, and Medical (ISM) band and has a maximum bit rate of 2 megabits per second (Mbps). IEEE 802.11b supports two additional speeds, 5.5 Mbps and 11 Mbps, in the ISM band.

The 802.11 standard defines an access point (AP) as a device that functions as a transparent bridge between the wireless clients and the existing wired network. The AP contains at least one interface to connect to the existing wired network, and transmitting equipment to connect with the wireless clients. The AP also contains IEEE 802.1D bridging software, thereby acting as a transparent bridge between wireless and wired data-link layers.

IEEE 802.1X The 802.1X standard defines port-based network access control to provide authenticated network access for Ethernet networks. This port-based network access control uses the physical characteristics of the switched LAN infrastructure to authenticate devices attached to a LAN port. Access to the port can be denied if the authentication process fails. Although this standard is designed for wired Ethernet networks, it applies to 802.11 WLANs as well.