Module 12
Module Objectives
- WLAN Concepts: Explain how WLANs enable network connectivity.
- Introduction to Wireless: Describe WLAN technology and standards.
- Components of WLANs: Describe the components of a WLAN infrastructure.
- WLAN Operation: Explain how wireless technology enables WLAN operation.
- CAPWAP Operation: Explain how a WLC uses CAPWAP to manage multiple APs.
- Channel Management: Describe channel management in a WLAN.
- WLAN Threats: Describe threats to WLANs.
- Secure WLANs: Describe WLAN security mechanisms.
Introduction to Wireless
- Benefits of Wireless:
- WLANs provide mobility in homes and businesses.
- Adapt to changing needs and technologies.
Types of Wireless Networks
Wireless Personal-Area Network (WPAN):
- Range: 20-30 feet (6-9 meters)
- Based on IEEE 802.15; frequency: 2.4 GHz.
- Examples: Bluetooth, Zigbee.
Wireless LAN (WLAN):
- Range: Up to 300 feet; based on IEEE 802.11; frequencies: 2.4 or 5.0 GHz.
Wireless MAN (WMAN):
- Covers large geographic areas; specific licensed frequencies.
Wireless WAN (WWAN):
- National/global communication; uses specific licensed frequencies.
Wireless Technologies
Bluetooth:
- Range up to 300 ft (100m); embodies WPAN standard.
WiMAX (Worldwide Interoperability for Microwave Access):
- Broadband connectivity; operates up to 30 miles (50 km).
Cellular Broadband:
- Used by mobile devices; includes GSM and CDMA standards.
Satellite Broadband:
- Requires clear line of sight; typically used in rural areas.
802.11 Standards Overview
| IEEE Standard | Radio Frequency | Description |
|---|---|---|
| 802.11 | 2.4 GHz | Up to 2 Mb/s |
| 802.11a | 5 GHz | Up to 54 Mb/s; incompatible with 802.11b/g |
| 802.11b | 2.4 GHz | Up to 11 Mb/s; better range than 802.11a |
| 802.11g | 2.4 GHz | Up to 54 Mb/s; compatible with 802.11b |
| 802.11n | 2.4 & 5 GHz | 150 – 600 Mb/s; MIMO technology required |
| 802.11ac | 5 GHz | 450 Mb/s – 1.3 Gb/s; supports up to 8 antennas |
| 802.11ax | 2.4 & 5 GHz | High-Efficiency Wireless (HEW); uses up to 1 GHz and 7 GHz frequencies |
Operating Frequencies
- 2.4 GHz (UHF): Used by 802.11b/g/n/ax
- 5 GHz (SHF): Used by 802.11a/n/ac/ax
Wireless Standards Organizations
- ITU (International Telecommunication Union): Regulates radio spectrum allocation.
- IEEE (Institute of Electrical and Electronics Engineers): Specifies modulation standards.
- Wi-Fi Alliance: Promotes WLAN interoperability among vendors.
WLAN Components
Essential WLAN Components
- Wireless NICs: Allow devices to communicate wirelessly.
- Wireless Router: Serves as an access point, router, and switch.
- Access Points (APs): Discoverable by wireless clients for connectivity.
- Autonomous APs: Configured manually; operates independently.
- Controller-based APs: Managed by a Wireless LAN Controller (WLC).
Antenna Types
- Omnidirectional: 360-degree coverage;
- Directional: Focus signal in one direction (e.g., Yagi, parabolic dish);
- MIMO: Multiple Input Multiple Output - uses multiple antennas for increased bandwidth.
WLAN Operation
Topology Modes
- Ad hoc Mode: Peer-to-peer connection without AP;
- Infrastructure Mode: Connects clients via AP;
- Tethering: Allows devices to share cellular data.
Basic and Extended Service Sets
- Basic Service Set (BSS): Single AP for interconnecting clients (clients on different BSSs cannot communicate);
- Extended Service Set (ESS): Multiple BSSs interconnected via wired network, allowing communication between clients.
802.11 Frame Structure
- The 802.11 frame format extends the Ethernet frame format with additional fields.
Collision Avoidance Framework
- CSMA/CA: Wireless clients proactively manage data transmission to avoid collisions:
- Listens for idle channels;
- Sends RTS message to acquire channel;
- Waits for CTS before transmission.
CAPWAP Operation
Overview of CAPWAP
- CAPWAP: IEEE protocol enabling a WLC to manage multiple APs.
- Utilizes Datagram Transport Layer Security (DTLS) for security.
- Operates over both IPv4 and IPv6.
Split MAC Architecture
- Distributes AP functions between AP MAC and WLC MAC:
- AP: Manages beacons, authentication, and client associations;
- WLC: Handles packet prioritization, encryption, and traffic termination.
DTLS Security
- DTLS: Secures control and management traffic between AP and WLC.
Flex Connect AP Modes
- Connected Mode: WLC managed;
- Standalone Mode: AP can manage local client traffic when disconnected from WLC.
Channel Management
Frequency Channels
- 2.4 GHz Band: Non-overlapping channels recommended: 1, 6, 11;
- 5 GHz Band: Non-overlapping channels 36, 48, 60.
Channel Saturation Mitigation Techniques
- DSSS: Spreads signal over wider bandwidth to prevent interference;
- FHSS: Quick transitions between frequency channels;
- OFDM: Uses multiple adjacent frequencies for better signal quality.
WLAN Threats
Common Threats to WLANs
- Interception of Data: Unauthorized access to data transmitted over the network;
- Wireless Intruders: Attackers gaining illegitimate access to the network;
- DoS Attacks: Disruption of the network service;
- Rogue APs: Unauthorized access points connected to the network.
Rogue APs and Man-in-the-Middle Attacks
- Rogue AP: Threat from APs connected without approval;
- MITM Attack: Attackers intercept data between two entities by mimicking legitimate devices.
Secure WLANs
Security Mechanisms
- SSID Cloaking: Hides the SSID to prevent unauthorized access;
- MAC Address Filtering: Controls access based on device MAC addresses.
Authentication Methods
- Open Authentication: No password required (e.g., public Wi-Fi);
- Shared Key Authentication: Requires a pre-shared key for data security.
Key Security Protocols
- WEP: Early and insecure; deprecated;
- WPA: Uses TKIP for enhanced security;
- WPA2: Uses AES for strong encryption;
- WPA3: Introduces further security advancements required to boost overall security.
Authentication Options in Home Networks
- WPA/WPA2 Personal: Pre-shared keys for authentication;
- WPA2 Enterprise: Requires a RADIUS server for authentication (use of 802.1X).