Working Through Walls


Radio Frequency (RF) waves travel well through most solid objects. This creates a complicated scenario when dealing with physical security on your network. The placement of access points and their antennas requires some careful planning and site surveys.

Moving Target

The industry standard for wireless security is a moving target at this time. The target standard is IEEE (Institute of Electrical and Electronics Engineers) 802.11i. As of the writing of this book this standard is still in draft. It outlines wireless security guidelines for hardware manufacturers and software developers.


Common Mistakes When Planning Access Point Placement

When considering coverage and number of access points, physical placement is very important in a wireless network. Taking into account the surrounding building architecture, distances and possible sources of interference become critical. RF propagation patterns can be affected in many ways. You're going to look at some of the points to take into consideration while creating your WLAN layout.

Considering Signal Attenuation

RF attenuation refers to the reduction of signal strength between the wireless AP and the client station. Attenuation is represented in decibels (dB). Decibels are 10 times the logarithm of the signal power at a particular input divided by the signal power at an output of a specified medium. An application of this formula is listed in Table 2.1.

Table 2.1. Sample Attenuation Results

RF Signal

Medium

Loss

Attenuation

200mw

Office wall

100mw

3dB

200mW

Office window

100mW

3dB

200mW

Metal Door

150mW

6dB

Inside a building structure attenuation is caused by common construction materials such as wood, metal, and concrete. Additional items that come into play when considering loss are metal storage shelves , partitions, and people.

Examples of some common objects that cause signal attenuation are listed in Table 2.2.

Table 2.2. Common Attenuation Causes and the Resulting Loss

Medium

Attenuation

Plasterboard office wall

3dB

Office window

3dB

Cinder block wall

4dB

Glass wall (metal frame)

6dB

Metal door

6dB

Metal door (brick wall)

12.4dB

Outside the building structure attenuation is based on free space loss formulas. These formulas take into account the power of the transmitting station, distance, and the receiving station sensitivity. Other factors might be objects that might obstruct a portion of the RF propagation pattern.

Administrators need to take into account that RF signals between the client and the AP can be attenuated by various metal objects. These objects act like antennas and drown out the usable signal. When designing a WLAN layout make sure to be aware of building materials such as the following:

  • Metal studded walls

  • Steel I-beams

  • Rebar reinforced concrete

  • Heating and air-conditioning ducts

  • Wire mesh reinforcements in walls

  • Elevator shafts

  • Window coatings that contain metal

WLAN administrators can reduce the ease of the "man in the middle" attacks by placing access points near the middle of the building structure. Window coverings that contain metal coatings can reduce the signal emitted into the parking lot or surrounding areas. Grounding metal studded walls can also help create a barrier to signal propagation into unwanted areas.

Planning Signal Coverage

Omni-directional antennas transmit the RF signals in all directions at basically the same level. Think of the shape of a doughnut surrounding the center of the antenna.

802.11b access points generally have greater transmission range than 802.11a. This is because of the wavelength of the RF signal. The 2.4GHz of 802.11b has a longer wavelength and loses less power over distance.

Access points available from enterprise class vendors enable users to set the radio transmission power level. The maximum transmit power level allowed by the Federal Communications Commission in the Unite States for an 802.11b transmitter is 1 watt (1,000 milliwatts).

Directional antennas transmit the RF signals in a single direction. This type of antenna is best used for narrow coverage requirements such as hallways. Another application of this type of device is for long distance point-to-point transmission.

Coverage of the desired areas can be increased by deploying multiple overlapping access points. By knowing the requirements of the network you can either give the end users constant signal levels, such as 11MB/sec or allow throughput down to 1MB/sec.

The SSIDs, power output, and overlapping channels are important. By mapping out your network application requirements you can place the appropriate antennas and number of access points in the correct areas.

Reducing Interference

Your wireless network signals are susceptible to multiple sources of interference. By keeping your access points higher in your room layout, such as above false ceilings and mounted to beams in warehouse structures, you should avoid most common sources of interference.

Rogue access points can create havoc on your wireless LAN design. You can avoid the rogue access point from hijacking your clients by removing the rogue from the desired connections within your client's wireless network interface card (NIC).

Avoiding WLAN Conflicts

Knowing the frequencies of the WLAN can help avoid conflicts. IEEE 802.11 is the standard for WLANs. The frequency, or band , that 802.11b uses from 2.4 to 2.5GHz. 802.11a operates in the range of 5.725 through 5.875 GHz.


Appliances such as microwaves and portable phones operate at the same frequencies as 802.11b and 802.11g networks. By avoiding placing your access points too near these appliances you can reduce your likelihood of interference with such devices.

Considering Distance

Indoor distances can be affected by physical obstructions and RF-producing appliances. The average maximum distances are about 300 feet, but can differ greatly depending on access point power and antenna placement. As mentioned previously, signal strength, and therefore distance, can be decreased due to interference and attenuation.

Outside applications can be much greater due to the lack of interference. The use of directional antennas and amplifiers can extend the distance to kilometers in range.

Turning Down the Volume

Although using the highest possible signal level gives the longest range, this might not always be desirable. By testing signal level tests and checking for overlapping channels, it might be necessary to lower the transmit power to reduce overlapping coverage.

Using the wireless AP configuration utilities, it might be prudent to lower the radio output. This approach would be best applied where access points are near the exterior of buildings or on the edge of desired WLAN RF coverage.

Connecting to Power

One of the last things people often think about when deciding where to place their access points is power. An important item to consider is how to get the proper power to any access points up above false ceilings or mounted to beams high above the warehouse floors.

The saving grace in scenarios where power isn't readily accessible via an AC receptacle is called power over Ethernet (POE) . POE is supported by most enterprise level access point vendors. Some are as simple as an in-line power injector. Other vendors have special network switches that support POE.

Bridging Versus Broadcasting

Wireless bridging devices can be used for temporary network links or where wiring is impractical . Bridging between two wireless devices lowers the ability of attackers from being able to associate with your wireless network. Using wireless bridges also allows for point-to-point or point-to-multipoint connections.

A popular use of wireless bridges is from building to building using directional antennas. This can either be a temporary or permanent installation. Using RF signal amplifiers and high gain antennas can transmit the signal for several miles.



Microsoft Windows Server 2003 Insider Solutions
Microsoft Windows Server 2003 Insider Solutions
ISBN: 0672326094
EAN: 2147483647
Year: 2003
Pages: 325

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net