Basic-Infographic-Diagram-Wifigear-V1

  • Welcome to Wifigear's Basics of Wireless Networking Blog

    You can use the infographic above to follow the journey of data through the wireless and wired system.

    Here is a Wi-Fi glossary for reference

    Use the navigation bar to your left to navigate the information in this blog. Networks are complex, so we took the time to try to organise it for you.

    Clear your mind...

    Done? Let's pretend that we are all pieces of data for the duration of this blog.

    Effectively the internet is the biggest mesh of interconnected devices in the world. It’s just a big network of computers and devices talking to each other using either wires or radio waves (Wi-Fi).

    A standard home ‘router’ is everything we are about to talk about in one compressed package. When you try to make one underpowered box wear 5 different hats the result is that it can only handle a few devices (clients) at once.

    This is where the real wireless toys step in.

  • Remember, we're all just data on a device for now - follow the path to the internet

  • • Device connects wirelessly to the Access Point within it's coverage area (highlighted transparent white in the infographic) (Access Point)

    • Access Point asks the device for credentials to transmit data (WPA2 and RADIUS for example)(Security)

    • Device provides credentials and system grants it permissions (Security)

    • Device starts sending and receiving data via the Access Point (Throughput)

    • Data is processed and directed by the network (Throughput)

    • Data flows from the access point along the path all the way to the handoff point:

  • • Into the Access Point

    • Through the First Network Switch

    • Through the Wireless Bridge (PTP or PtMP)

    • Through the Central Network Switch

    • Processed and Handed Off via Router (usually direct ethernet hand off, formerly ADSL)

  • Internet Service Providers

    An Internet Service Provider is just a company with a lot of networking hardware. They own a lot of routers, computers, servers (big data storage units designed for fast access to information) and high-performance switches.

  • The Request and the Answer

    Let's assume for a second that the 'client device' trying to access the network wirelessly is a smartphone. The smartphone is just a device that stores and sends data.

    The Request: A user interacts with the phone which sets a chain reaction in motion. Imagine again that you're a piece of data (a string of 1s and 0s ordered in a way that the computer understands as a command) - the user sends you to the web server through the access point, through the switch, router etc to the destination server (for instance contains the web page you're trying to access). The routers along that path direct you the fastest way to the destination server.

    The Answer: Once you get to the server, you set in motion another process which sends another packet of data back to the phone.

    This process of sending data back and forth is how computers communicate.

  • Different Devices - Different Languages

    Complexity of data journeys beyond this is pretty much everything you do on your computer or smartphone over the internet. Some code is better than others and the languages all have to be unified. You can just imagine how many different computers and servers are used to process all that information and send it to the right places in 30-70 milliseconds on average.

  • Security and Responsibility

    As soon as you connect your devices to the internet, they are secured initially from other devices by your service provider with service provider grade security but you’ll want to have your own security for devices that want access to your network. If sensitive data is lost or accessed by the incorrect individuals on your network due to unreasonable security flaws - you're liable! Fortunately, unless you're operating as a financial or government network operator standard WPA2-PSK with a guest portal (to record the names/emails of your users) is enough to keep you on the right side of the law, but you might want to add security yourself.

  • Hardware Introduction

    In Wireless Local Area Networking (WLAN) there’s a lot of different hardware to account for. We’ll just cover the bits in the infographic for now as it’s more than enough information required to decide what you need to build your own network.

    It’s important to remember that no matter what wireless device you’re learning about, it’s just a radio that transmits data over the electromagnetic spectrum – specialized for a specific environment. No need to overcomplicate them.

    They will have different ranges, features, coverage angles, speeds, mounting methods and applications.

    Flashlights

    An easy way to visualize it is to imagine wireless devices as flashlights instead of radios, instead of processing radio waves, they process light waves. Flashlights can be bright (high dBi), they can be focused (narrow beamwidth) which makes them stronger. The sensors that recieve the light waves can have many features that make them process information faster.

    All that light flying around would make it impossible to see anything, right? That's why we use invisible radio waves.

  • Access Point

  • Wireless Standard (Wi-Fi): This is the and indicates maximum throughput over a network as well as supported frequencies, reasonably expected ranges and other features.

    • 802.11a – 5GHz up to 54Mbps, 25-75ft

    • 802.11b – 2.4GHz up to 11Mbps, up to 150ft

    • 802.11g - 2.4GHz up to 54Mbps, up to 150ft

    • 802.11n – 2.4GHz up to 600Mbps, up to 175ft (relatively modern)

    • 802.11ac – 5GHz up to 1.3Gbps, up to 90ft (current)

    • 802.11ac wave 2 – 5Ghz up to 2.34-3.47Gbps, 120ft+ (newest)

  • Throughput: The maximum amount of data that can be handled by the access point measured in megabits or gigabits per second (i.e. 1300Mbps for 802.11ac products)

  • MIMO: Short for Multiple Input, Multiple Output. Allows one device to use multiple antennas to make use of multiple spatial streams to transmit more data.

  • Gain: This is the ‘volume’ of the radio wave that the access point produces. The louder it is, the further it will travel and the stronger the signal will be. This is measured in dBi.

  • MU-MIMO: Short for Multi-User, Multiple Input, Multiple Output. Allows multiple devices to use multiple antennas to make use of multiple spatial streams to transmit more data.

  • Spatial Stream: Number of defined incoming and outgoing spatial streams (imagine a flashlight beam). A 3 antenna by 3 antenna system therefore (3x3) can have 1 stream (3x3:1), 2 streams (3x3:2) or 3 streams (3x3:3).

  • QAM: Short for Quadrature Amplitude Modulation which further complicates the Wi-Fi wave form to carry more data across the wireless network. Requires more processing power from the AP.

  • PoE Support: Power over ethernet cable support.

    • Passive: 24v Always On

    • 803.11af or PoE: 48V, 15.4V

    • 802.11at or PoE+: 48V, 25.5W

  • Frequency: Access Points currently use 2.4GHz and 5GHz. Most modern devices support both frequencies. 2.4GHz currently carries less data but penetrates further, 5GHz carries more data but penetrates less. Additionally, the 2.4GHz band is usually more heavily used (more congestion in urban areas) and 5GHz, less so.

  • Switch

    Switches handle sending data packets to their destination ports via ethernet or SFP ports (port destination is whatever device you plug into the port). SFP ports are essentially big ethernet ports that you can plug other modules into such as fiber optics for faster uploads. Switches do come with a lot of features but they are quite simple, the main features are:

  • Throughput: How much data the switch can process

  • Number of ports: How many devices can be plugged into it

  • Stackability: How expandable it is, when you use all the ports, you can just stack another one

  • Power over Ethernet (PoE): Some switches can power access points over ethernet

  • Total Power (W): How much power the switch can put out over PoE

  • Point to Point (PtP) or Point to Multi Point (PtMP) Radio

    This is a type of radio specialized for backhauling data back to the station where it will be processed. It’s usually the second stage that data reaches after an access point or CCTV camera but they can come with many of the same features as access points.

    They can also operate in much higher frequencies to carry more data but these frequencies have very poor penetration, therefore line of sight is essential. Here are some key features to watch for:

  • Frequency (GHz): As with the access point, PtP or PtMP can operate on more than one frequency. Frequencies for PtP and PtMP are optimized for range and data capacity over large distances but high frequencies require licensing fees.

    • 2.4GHz, 5GHz, 60GHz Unlicensed

    • 11GHz, 18GHz, 23GHz, 24GHz, 70, 80/95GHz Licensed

    • mmWave - 30-300GHz

  • Range: Typically range increases with frequency but higher frequencies require line of sight. Always pick the correct link for your purposes. There’s no need to get a mmWave 10km link with gigabit throughput to enable data backhaul for 5 CCTV cameras.

  • Packets per Second: Data is usually broken up into packets, no matter what the Throughput of the unit says, the packet processing speed is also important. Data packets can be very small, even as small as a few bits, this means that 700Mbps can be broken down potentially into hundreds of thousands of packets. if your radio can't process lots of packets then it doesn't matter if the radio can process a large 'volume' of pure data per second.

  • Extra Features

    • Mounting Brackets: To point your radio signal precisely

    • Custom Antennas: To manage the shape and strength of your wireless signal

    • Spectrum Analysers: To measure radio waves from other devices to help with deployment and interference mitigation

    • Dual Band: Access to standard 2.4GHz freqencies for direct access to radio config without climbing a ladder or using cloud interfaces

    • IP Rating: How resistant is your device to dust and water? IP-67 is perfect for outdoor use.

  • Controller

    Designed to manage a network of access points and usually have their own brand specific features. They’re used for higher end and technical networks that require extra features and easy central management.

    When you have a huge WLAN you need to manage potentially thousands of access points, it is much easier to change their settings without visiting every single one since they could be located all around the world

    WLAN Controllers tend to have the following features:

  • Throughput: How much data it can process (usually Gbps).

  • Max Wireless Networks (WLANs): Total number of separate Wireless Networks it can manage. For example it could manage 20 completely different networks each with 50 access points on them.

  • Max Virtual Networks (VLANs): Number of Virtual Networks it can manage. You can create subcategories within your physical networks called Virtual LANs. These tend to be used for keeping user access separate within the controller itself. You might have a public VLAN, private VLAN and admin VLAN. They could all have different levels of security and different access permissions.

  • Max Access Points: Total number of Access Points it can manage. Controllers are used to manage access points when you would prefer to manage them all from one location.

  • Interfaces: The number and types of ports it uses (what you can plug into it).

  • Power Consumption: Usually the high performance products require more power. This is because they use faster processors to process data more quickly.

  • Certifications and Standards: For businesses with security compliance guidelines such as government and financial institutions.

  • Analytics: Features for tracking the behavior of clients and usage of network. For example your controller could show you access points that get used more than others and you can then see where to upgrade your network.

  • Router

    This is the top-level piece of equipment that handles all the devices attached to the network and assures that the data requested and sent from those devices all reaches the correct locations.

    The router’s primary function is to use its algorithm to find the easiest and fastest route through the spaghetti of networks across the world for your data. This starts at your router, pings off at least one or more routers and then ends up at its destination (a server or another device). They can be very complex pieces of equipment in terms of features but their main selling point is throughput. The more data they can process, the better.

  • How do you prevent data leaks?

    • Protect the Wireles Network (WLAN)

    • Security for the client device (phone, laptop, etc)

    • Countermeasures for cybercriminals

    Wireless security is not necessarily just to protect the WLAN, responsibility also falls on the access point provider to allow security for the end user’s device as well.

    If the access point is not using the most up to date encryption then cyber criminals could intercept wireless communications and decrypt any confidential information coming from the client’s device OR the server they’re accessing such as bank details or financial passwords as the user connects to your access point.

    Here are the most up-to-date encryption methods

  • WPA2/WPA2-PSK (PSK is Pre-Shared-Key)

    Usually used for Personal use and is the strongest consumer wireless encryption standard, all modern devices should have and support it as it has been mandatory since 2006 for any Wi-Fi branded product.

    The longer and more random your password or passphrase, the longer it will take for a someone to crack it. This security is only as strong as you make it though, simple passwords or common phrases can still be cracked with brute force.

    For example, if you have a 14-digit random password encrypted by WPA2 it will protect you against almost all potential hackers for much longer than you will ever maintain a connection.

  • Extended Authentication Protocols used within WPA and WPA2:

    • TKIP (Temporal Key: Mixes up your keys, checks data for integrity and sequences data. (WPA)

    • AES (Advanced Encryption Standard): Algorithm that encrypts your data (WPA2)

    • CCMP: Improved, more complex version of TKIP (WPA2)

  • RADIUS

    This advanced authentication protocol that uses Authentication, Authorization and Accounting (AAA or Triple A) to do the following:

    Identify the client, authorize the client’s permissions and account for their activity. In basic terms you’ll log into the access point, then be prompted for a username and password which the server will check against its own records. It may ask you for more details or it may let you on the network.

    This adds many layers of security for many reasons, but as an example it provides security against people with old passphrases to your access points.

    RADIUS is used by WLAN networks that want another layer of authentication on top of the WPA2 layer and it can be installed on a variety of systems.

  • Simple Deterrants

    So we're through the main meaty methods of security in the WLAN business. Here are some other simple, surface level methods you can increase your basic security levels.

    • SSID management: SSID stands for 'Service Set Identifier' and is essentially the 'name' that you set for your access point. You can manage your SSIDs by naming them random strings of numbers so that they don't stand out, or you can hide them completely from public scans. Hiding them will not work versus someone who knows how to look for them.

    • MAC filtering: Every device has a MAC (Media Access Control) address, you could have a list of addresses to authenticate hardware and only allow hardware onto the network if it is on the approved 'MAC Address List'. This keeps private servers much safer.

    There are other security layers that provide higher encryption with higher processing power requirements such as WPA2-Enterprise. This is a higher level version of WPA2-PSK