Section 6: Wireless Networks

Wireless Network

• Technology that has revolutionized connectivity, offering flexibility and scalability

• Eliminates the need for physical cables

Wireless Network Types (4)

• Ad Hoc

• Infrastructure

• Point-to-point

• Mesh

Ad Hoc Network/ Independent Basic Service Set (IBSS)

• Network where devices connect directly to each other rather than through a central access point

• Like peer-to-peer networks

• Ideal for quick, temporary setups without relying on existing infrastructure

• Allows for direct file sharing between devices within a range

• Doesn’t provide internet access

Infrastructure Network

• More organized setup where devices connect to a network via wireless access points (APs) into wired local area networks (LANS)

• Configuration

  • Basic Service Set Identifier (BSSID)

    • Unique identifier which is set, by default, to the MAC address of the wireless AP

  • Service Set Identifier (SSID)

    • Alphanumeric name given to the network

• Larger set up configurations

  • May require multiple APs with an Extended Service Set (ESS)

  • Extended Service Set (ESS)

    • Creates a larger network that shares the same SSID to allow for seamless connectivity

Point-to-Point Networks

• Connects two distinct locations over longer distances using high-gain antennas

• Static in nature with fixed locations at each end

• Offers dedicated bandwidth, ideal for linking buildings or areas without feasible cabling options

Mesh Networks

• Versatile and resilient, with nodes connecting to multiple others, creating infinite paths for data

• Self-healing capability, reconfigures around broken pathways

• Two types:

  • Uses ESS config operating in infrastructure mode

  • Involves multi-network integration

Autonomous vs. Lightweight Access Points

• Autonomous AP

  • Standalone devices handling wireless functions independently

  • Useful in small setups where centralized controller is unnecessary

• Lightweight AP

  • Managed by a wireless controller, simple and cheap

  • Offloads processing to the centralized controller, facilitating easier management in large networks

Considerations in Choosing Wireless Network Types

• Performance, reliability, and ease of use vary based on the network type

• Assess specific environment requirements and tasks when selecting the appropriate type

• Each has its advantages and ideal use cases, ranging from simplicity to robustness

Antennas

• Dictate the directionality and range of the signal that is being transmitted

Wireless Antennas

• Devices that are designed to send and receive radio frequency signals

  • Types:

    • Omni-directional Antennas

      • Transmits and receives signals equally in all directions

      • ideal for broad coverage with uniform signal strength

      • Commonly used in:

        • Wireless APs

        • Mobile hotspots

        • Public networks

    • Uni-directional Antennas

      • Focuses energy in a single direction for a concentrated signal beam

      • Best suited for directing signals toward specific areas or remote locations

      • Often used in point-to point connections, linking distant buildings or areas

    • Yagi Antennas

      • Specific type of directional antenna providing high signal gains

      • Utilizes a narrow beam for long-distance communication in specific direction

      • Commonly used for remote areas connecting to cell towers or television transmitters

Considerations in Antenna Selection

• Tailor choice to specific needs of the wireless system

• Factors include:

  • Desired coverage area

  • Signal range

  • Physical environment

• Selection impacts network performance and user experience

Benefits of Proper Antenna Selection

• Ensures strong and reliable connectivity

• Tailors network to user needs and spatial constraints

• Enhances performance and efficiency of wireless communication system

Types of Antennas (4)

• Omnidirectional

• Unidirectional

• Yagi

• Parabolic

Omnidirectional Antenna

• Sends and receives data in all directions with equal power

• Commonly embedded in devices

  • E.g. wireless access points, cell phones, etc.

• Used when the signal direction is unknown or needs to reach multiple devices

Unidirectional Antenna

• Focuses power in a single direction

• Useful for long-distance communication or when limiting signal bleed-over is important

• Variants

  • Unidirectional right

  • Unidirectional left

Parabolic Antenna

• Specialized unidirectional antenna with a curved dish

• Often used for microwave signals and satellite TV to focus energy toward a specific point

Yagi Antenna

• A type of directional antenna, used for point-to-point

• Provide a focused, directional beam of signal

Exam Preperation

• When to use each type of antenna

• Know about patch antennas for building to building communication

• Recognize antenna types based on their characteristics (omnidirectional, unidirectional, parabolic, Yagi)

Wireless Frequencies

• Refer to different frequency bands used to transmit and receive radio waves in wireless networks

• Each frequency band has specific characteristics related to speed, coverage, and regulations to prevent interference

Types of Frequency Bands (3)

• 2.4 GHz

• 5 GHz

• 6 GHz

2.4 GHz

• Widely used since 1997

• Long range and better penetration through solid objects

• Frequencies from 2.400 to 2.495 GHz

• Divided into channels with overlapping, causing interference

  • Up to channel 11 to 14

    • Channel

      • Physical medium through which wireless networks can send and receive data

  • Channels that don’t overlap are advisable for use to avoid interference

    • Channel 1

    • Channel 6

    • Channel 11

5 GHz

• Offer faster data transfer speeds with shorter range compared to 2.4 GHz

• Frequencies from 5.7 GHz to 5.875 GHz, providing up to 24 non-overlapping channels

• Channel Bonding

  • Creates a wider channel by merging two or more neighboring channels into a single wider channel

  • Increases bandwidth, becomes more susceptible to interference due to increased channel widths

6 GHz

• Newest spectrum for wireless networking, offers more channels and bandwidth

• Frequencies range from 5.925 GHz to 7.125 GHz, providing faster connections with less congestion

• Allows for channels of 20, 40, 80, or 160 GHz in width, accommodating up to 59 channels

Government Regulations and Standards

• Government allocates portions of the wireless spectrum for wireless networks, with regulations varying globally

• 802.11h Standard

  • Comply with European regulations

  • Features

    • Dynamic Frequency Selection (DFS)

      • Requires devices to actively monitor the environment for radar signals

    • Transmit Power Control (TPC)

      • Allows devices to adjust their transmitting power to the minimum required for maintaining a good quality connection

Dynamic Frequency Selection (DFS)

• Requires devices to actively monitor the environment for radar signals

Transmit Power Control (TPC)

• Allows devices to adjust their transmitting power to the minimum required for maintaining a good quality connection

Band Steering

• Technology that optimizes the distribution of client devices across different frequency bands

• Relevant for environments where two or more frequency bands are being utilized

• Can result in more efficient use of available bandwidth

Comparative Analysis of Frequency Bands

• 2.4 GHz

  • Slow speed, greater coverage

• 5 GHz

  • Fast speed, shorter coverage and increased susceptibility to interference with wider channels

• 6 GHz

  • Fastest speeds but shortest distances and less solid object penetration

IEEE 802.11 Standard

• Defines technologies for wireless local area network (WLAN) communication

• Evolved over time to meet demands for faster data transfer speeds and more reliable networks

802.11 Standards (6)

• Wireless a

• Wireless b

• Wireless g

• Wireless n

• Wireless ac

• Wireless ax

Wireless a (802.11a)

• Frequency band - 5GHz

• Speed - up to 54 Mbps

• Range - around 35 meters

• Mainly used by business users due to cost, introduced in the 1990s

Wireless b (802.11b)

• Frequency band - 2.4GHz

• Speed - initially 11 Mbps

• Range - around 140 meters

• Developed to be cheaper and more accessible than Wireless a, leading to widespread adoption

Wireless g (802.11g)

• Frequency band - 2.4GHz

• Speed - up to 54 Mbps

• Range - around 140 meters

• Similar speed and range as Wireless a but utilizes cheaper frequency bands

Wireless n (802.11n / Wi-Fi 4)

• Frequency Band

  • 5 GHz

    • Speed - up to 600 Mbps

    • Range - about 35 meters

  • 2.4 GHz

    • Speed - up to 300 Mbps

    • Range - up to 70 meters

• Introduced to meet demands for faster networking speeds

• Multiple-Input Multiple-Output (MIMO)

Wireless ac (802.11ac / Wi-Fi 5)

• Frequency band - 5GHz

• Speed - up to 6.9 Gbps or more

• Multiple-User Multiple-Input Multiple-Output (MU-MIMO)

Wireless ax (802.11ax / Wi-Fi 6)

• Frequency band - 2.4GHz, 5GHz, and 6GHz (Wi-Fi 6e)

• Speed - up to 9.6 Gbps or more

• Uses MU-MIMO tech for enhanced simultaneous user access

• Fully backwards compatible with previous standards

Multiple-Input Multiple-Output (MIMO)

• Technology that allows access point to use multiple antennas to send and receive data at faster speeds than it could with a single antenna

• Acts like a hub

• Used in Wireless n

Multiple-User Multiple-Input Multiple-Output (MU-MIMO)

• Multipath wireless communication technology that allows multiple users to access the wireless network and access the access point at the same time

• Acts like a switch

• Used in Wireless ac

Important Exam Points

• Supported Frequencies

  • 2.4GHz

    • b, g, n, and ax

  • 5GHz

    • a, n, ac, or ax

  • 6GHz

    • ax

• High speed = reduced coverage, with a single access point

• Check considerations for compatibility and frequency bands in troubleshooting scenarios

• Caution against relying on marketing materials for exam answers

• Stick to official standards

Wireless Networks Security Considerations

• Offer convenience but pose security risks due to easy access within signal range

• Proper authentication and encryption are crucial for network security

Authentication Mechanisms (2)

• Pre-shared key

• Enterprise authentication system

Pre-Shared Key (PSK)

• Shared key between access point and client devices, typically a string of characters

• Challenges with shared key

  • Scalability issues in large environments

  • Lack of user accountability

  • Not practical for large office settings due to shared key usage

Enterprise Authentication

• Utilizes individual user credentials managed by an authentication server (e.g. RADIUS)

• 802.11X Authentication System

  • Most widely-used enterprise-grade authentication method

  • Relies on authentication server (e.g. RADIUS) for managing user credentials

  • Provides individual user authentication and better security protocols

Wireless Security and Encryption Options (5)

• WEP

• WPA

• WPA2

• WPA3

• WPS

Wired Equivalent Privacy (WEP)

• Original wireless security standard introduced in 1999, insecure due to weak encryption and vulnerability

• Relies on a pre-shared key

  • 40-bit

  • 64-bit

  • 128-bit

• Utilizes the Rivest Cipher 4 (RC4) encryption mechanism, weak

• Initialization Vector (IV)

  • 24-bit sent in plain text

  • Vulnerability in WEP allows attackers to reverse engineer encryption keys

• Capture of enough initialization vectors enables attackers to crack WEP encryption in minutes using tools like Air-cracking

Wi-Fi Protected Access (WPA)

• Replacement for WEP to address IV vulnerabilities

• Uses TKIP instead of Initialization Vectors (IV) to enhance security

  • Temporal Key Integrity Protocol (TKIP)

    • New type of vector that uses a 48-bit vector compared to WEP’s IV

• Employs RC4 encryption like WEP but introduces additional features for enhanced security

  • Message Integrity Check (MIC)

    • Integrity checking to prevent On-path attacks

    • Hashes data before transmission to verify integrity during transfer

  • Enterprise Mode

    • Function for individual authentication using unique usernames and passwords via authentication server (e.g. RADIUS)

    • Stronger encryption methods

    • Better scalability

    • Centralized key management

Wi-Fi Protected Access 2 (WPA2)

• Replaced WPA due to vulnerabilities, introduced in 2004 as part of the 802.11i standard

• Stronger integrity checking, better encryption, improved authentication

• CCMP

  • Countermode with Cipher Blockchain Message Authentication Code Protocol for enhanced security

  • Combines message integrity checks with comprehensive encryption protocols for confidentiality and integrity assurance

• Advanced Encryption Standard (AES)

  • Replaced the less secure RC4 encryption algorithm

  • 128-bit

    • Used by most WPA2 networks, security and confidentiality

  • 192-bit

  • 256-bit

• Personal mode

  • Pre-shared key, common in home or small office networks

• Enterprise mode

  • Better for large environments, centralized authentication servers for user validation

Wi-Fi Protected Access 3 (WPA3)

• Improves on WPA2 with enhanced features

• Simultaneous Authentication of Equals (SAE)

  • Security protocol designed to enhance the handshake process in Wi-Fi authentication

  • Replaces pre-shared key methods with a more secure authentication based on the Dragonfly key exchange

  • Ensures secure initial key exchange between client and access point, preventing attacker interception

  • Slows brute force attacks by requiring active interaction with the access point for each password attempt

  • Offers forward secrecy, past communications remain securely encrypted if a session key is compromised

Wi-Fi Protected Setup (WPS)

• Simplifies secure network setup using a PIN or push button

• Vulnerable to brute force attacks due to PIN vulnerability

• Recommended to disable WPS for higher security

Wireless Security Tips For Exam

• Open network - no security

• WEP - Initialization Vector (IV) vulnerabilities

• WPA - linked with TKIP and RC4 encryption

• WPA2 - uses CCMP for integrity and AES for encryption

• WPA3 - introduces SAE and dragonfly key exchange

• WPS - involves push-button config, should be disabled for security

• Pre-shared key - personal mode authentication

• Enterprise mode - individual user authentication via centralized server (e.g. RADIUS with 802.1X)

Captive Portals

• Webpages used in modern wireless networks for guest access

• Commonly found in public networks like hotels, airports, coffee shops, and business guest networks

• Functions by intercepting user’s network connection then redirecting to a special webpage

  • Authentication - verifies user’s access rights through login credentials

  • Policy acceptance - users agree to terms of service or usage policies

  • Data collection - collect user data like email address for marketing

Captive Portal usage scenarios

• Guest networks

  • Separate access points for visitors without access to the main network

• Enhance security

  • Control network access and track usage

• Branding opportunity

  • Customize login page with business logo and information

Captive Portal design considerations

• User Considerations

  • Ensure easy navigation and clear instructions

• Compliance

  • Comply with data protection laws (e.g. GDPR)

• Compatibility Testing

  • Ensure functionality across different devices and browsers

Captive Portal key points

• Crucial for public and guest wireless networks

• Balance user access and network security

• Enhances user experience and aids in legal compliance

• Requires careful consideration of design, security, and compliance aspects