 IEEE
802.11 (sometimes called "Wi-Fi") is a set of protocols that
employ an unlicensed and unlimited radio ISM band for small Local Area
Networks. Another protocol called Bluetooth, which employ the same radio
ISM band, but it is only useful for very short ranges.
There are several
different protocols of IEEE 802.11 that could be choose from. The trailing
letters (i.e. 802.11a) indicate different speeds and frequency bands used.
The most commonly uses are listed below:
Wireless Networking
Standard
| Protocols |
802.11a |
802.11b |
Dual
Band |
802.11g |
| Frequency |
5
GHz |
2.4
GHz |
2.4
& 5 GHz |
2.4
GHz |
| Raw
Speed |
54
Mpbs |
11
Mbps |
11
& 54 Mbps |
54
Mbps |
| Average
Actual Throughput |
27
Mbps |
4.5
Mbps |
27
Mbps |
20-25
Mbps |
| Available
Spread Spectrum |
300
MHz |
83.5
MHz |
300
MHz |
83.5
MHz |
| Modulation
Encoding |
OFDM |
DSSS/CCK |
DSSS/CCK
& OFDM |
DSSS/PBCC |
| #
of Channels/ non-overlapping |
12/8 |
11/3 |
11/3
+ 12/8 |
11/3 |
| Compatibility |
None |
802.11g |
802.11a,
802.11b, & 802.11g |
802.11b |
| Standard
Ratified |
Sept
1999 |
Sept
1999 |
Sept
1999 |
May
2003 |
Wireless
Networking Equipments
 |
| Wireless
Router Access Point |
| ASI
SKU# 16873 |
|
Wireless router access point
provides all of the features of Broadband Router, but it can
connects network computers wirelessly thorough the use of wireless
card. Very similar to a switch, but it performs a number of useful
networking functions:
- It can separates networks and
share Internet or files without being dependent on one
computer's connection.
- Network printer can be plugged in and
share among workstation.
- It provides built-in firewall
capabilities that do not delay network performance.
- It can
share broadband connection without purchasing additional IP
addresses.
|
 |
| Wireless
Access Point |
| ASI
SKU# 20737 |
|
An
Access Point increases the distance between computers without
losing the connection. It ranges from
less than 100 feet to 1,000 feet, depending on technology and
configuration. It can plug into broadband-connected
computer, share files, and share high-speed Internet connection
with all of the other computers. An
access point controls encryption on the network and may bridge or
route the wireless traffic to a wired Ethernet network (or the
Internet). Access points that act as routers can also assign an IP
address to PC's using DHCP services. |
 |
| Wireless
PCI Adaptor |
| ASI
SKU# 22986 |
|
Only
used for desktops. Like a Ethernet PCI card but instead of
employing with RJ45 port it has an antenna, which transmit data
packets wirelessly. It come in two shapes, as an adaptor (to
carry a PCMCIA card) or as a native WiFi PCI card. |
 |
| Wireless
PCMCIA Card |
| ASI
SKU# 8767 |
|
Commonly
used with laptops and PDA's. Most laptop has at least two PCMCIA
slot, which occupy this card. Sometimes it is used in
combination with a PCI adaptor or as an addon for some routers. |
 |
Intel
PRO/Wireless Pro2100 MiniPCI Adaptor
|
(currently in
802.11b only)
|
|
|
Only
used with laptops that support Intel Centrino chipset (i855GM or
i855PM) motherboard. |
  |
| Wireless
USB Adaptor |
| ASI
SKU# 23264, 21833 |
|
Commonly
available as a dongle. It can directly inserted into the USB
port or as a separate device connected with a cable to the USB
port. USB devices are commonly used with desktops, laptops, and
some PDA's can handle them as well |
 |
| Wireless
Compact Flash Card |
|
These
are commonly used with PDA's. PDA's that can hold CF's usually
have a slot on the PDA for such a card. |
Wireless
Networking Topology
|
Ad-hoc
|
Ad-Hoc
mode is also called peer-to-peer mode or an Independent Basic
Service Set (IBSS). It requires a
minimum of two PCs equipped with wireless adapter cards to
form a simple peer-to-peer network, enabling the PCs to share
resources. This basic topology is
useful in order to quickly and easily set up a wireless network
anywhere where a wireless infrastructure does not exist. This
type of network requires no access point and administration or
pre-configuration.
Equipments required: Wireless
PCMCIA Card, Wireless PCI Adaptor, Wireless USB Adaptor, and
Wireless Compact Flash Card.
|
|
Infrastructure
|
In
infrastructure mode, the wireless network consists of at least one
access point (AP) connected to the wired network infrastructure
and a set of wireless end stations.
This configuration is called a Basic Service Set (BSS). An
Extended Service Set (ESS) consists of two or more BSSs forming a
single subnetwork. Traffic is forwarded from one BSS to another to
smooth the progress of movement.
Equipments
required: Wireless PCMCIA Card, Wireless PCI Adaptor, &
Wireless Access Point or Router Access Point.
|
First
Generation Wireless Networking Security
The
802.11b security standard was not meant for enterprise level security.
Still, there are some basic security that can be employed to help make a
network more secure. With each security feature, the potential for making
the network either more secure or more open to attack exists.
|
Service Set
Identifier (SSID)
|
The
Service Set Identifier (SSID) is meant to differentiate networks
from one another. By default the Access Point broadcasts the
SSID every few seconds in what are known as 'Beacon Frames'. This
makes it easy for authorized users to find the correct network,
but also makes it easy for unauthorized users to find the network
name. Changing the SSID
settings should be considered the first level security. In it's
standard state, it may not offer any protection to who gains
access but configuring make it harder for intruders to know what
exactly they are looking at. |
|
Shared Key
Authentication or Open authentication
|
Before
wireless network can talk to each other there is a layer of keyed
security. This feature can be set to either shared key
authentication or open authentication. The
simplest and default setting is open authentication. It allows
anyone to begin a conversation with the access point, and provides
no security. Shared key mode provide WEP authentication
security before the client is allowed to communicate with the AP,
and move on to the next layer of security. However, attacker
can obtain two of the three variable in the authentication
equation and used RC4 code to hack it. Ironically, the most secure
is 'open authentication', which allow anyone to associate with the
access points, and relying on other methods to handle security. |
|
Wired Equivalent
Privacy (WEP)
|
WEP,
a security protocol for wireless local area networks defined in
the 802.11b standard. WEP is designed to provide the same
level of security as that of a wired LAN. WLANs, which are over
radio waves, do not have the same physical structure and therefore
are more vulnerable to tampering. WEP encrypt data over radio
waves as it is transmitted from one end point to another. However,
it has been found that WEP is not as secure as once believed. WEP
is used at the two lowest layers of the OSI mode - the data link
and physical layers; it therefore does not offer end-to-end
security. |
|
Media Access
Control (MAC)
|
MAC
address filtering is another way to secure networks over and above
the 802.11b standards but still it's not 100% proof. The MAC
address of a network card is a 12 digit hexadecimal number that is
unique to each and every network card. Each card has its own
individual address, which can be assign to authorize user on the
AP. This can easily shut out everyone who should not be on
the network. However, there are several problem to this security.
The biggest problem is management.
Wireless LAN administrator must keep a database of every device
allowed to access the network. This database must be kept either
on each AP individually, or on a special RADIUS server that each
AP looks at. Any time a device is added, lost, stolen, or changed
in any way the WLAN administrator must update the database(s) of
allowed devices. Despite the management nightmare, attacker with
the right tools can pick MAC addresses of valid users through the
airwaves and break the encryption and modify the MAC address.
WLAN administrator still have to deal with the management
nightmare even though security is broken. |
|
Virtual Private
Network (VPN)
|
VPN
is the most secure for handling wireless network. All wireless
network traffic is segmented behind a firewall. Each client is
then configured with a VPN client and tunneled over the wireless
network to a VPN concentrator on the wired network. This security
setup uses a secure, proven technology to prevent outsiders from
gaining access to wired network. |
|