Best practice design

Post Reply
Posts: 1
Joined: Thu Jul 15, 2021 11:18 am

Best practice design

Post by stamour547 »

- Spectrum analysis as part of pre-deployment survey

- What is the market vertical
- Security Requirements
- Regulatory compliance
- Security requirements
- Passphrase vs 802.1x/EAP

- What type of traffic needs to be supported
- Primary/Secondary cell coverage
- Power output based on client power output
- Measuring attenuation of walls
- Power difference between freq bands
- Band steering

- Minimum Recommended SINR:
- Data: 18db
- Voice: 25db

- Common oversubscription ratios

- Outdoor wireless links
- 1st fresnel zone calculation
- Earth bulge for 7+ mile links

- Port-deployment validation survey
- Primary cell coverage
- Secondary cell coverage
- Regulatory compliance
- Security compliance
- Roaming requirements

Obviously this is a list that changes over time as practices change and we learn better ways of doing wireless design, etc. This is not an absolute or exhaustive list for every possible scenario. It was written/made as a general document to help create a path of sorts while we do a design. There is always things that are specific to a site that have to be taken into consideration. Lets briefly go over each of these points and see what is being addressed. In this post I will go through to band steering and then pick up the rest in my next post to break things up as it's a fairly long list.

Spectrum analysis in terms of a pre-deployment/site survey. This should be something that is fairly straight forward for those of us that have done wireless deployments. Spectrum analysis is important. With spectrum analysis we can see trouble areas. If you have an access point, whether existing or an access point on a stick (APoS) you can see areas where there maybe bad/no coverage because of a lack of access points or high attenuation. You can also identify and locate devices that may be producing radio frequency interference. With this information you can remove the device if possible or design around the problem device/area as needed. Depending on the device it might be possible to shield the device. A spectrum analyzer is preferred for a site survey as it can indicate non-wifi interference whether that is a different protocol of wireless like bluetooth, zigbee, 802.15.4 and other wireless communication protocols along with non-wireless interference like a poorly shielded microwave as one example.

What is the market vertical? This is can have a fairly decent impact on how the wireless design goes forward. What this means simply is the type of business will affect the demands required for the network. As an example, a hospital will have a very different set of requirements than a small town law firm. The law firm might need reliable data connectivity and possibly some streaming media. Now lets take the hospital. Hospitals tend to have higher client density as nurses have laptops/tablets/etc. There are medical devices that have or require wireless access. Then, depending on the specific facility, there is the facilities that use RFID and/or location/hyperlocation services to track hospital property, patients, etc. In general this is going to require higher access point density especially with location/hyperlocation.

Security requirements, lets take these 3 points individually. Regulatory compliance is the first point. What is this for those that haven't had to take this into consideration? Well lets first look at what are some of these regulatory guidelines. Three examples of regulatory guidelines are HIPAA, PCI-DSS, and FIPS. Most of us have heard of HIPAA, it involves protecting health information. We have all probably signed HIPAA release forms at your doctor's office or hospital. PCI-DSS is focused on the retail market and the protection of sensitive data such as credit card information. FIPS are standards and guidelines focused on federal government computer systems and information. Needless to say it's fairly easy to understand the reasoning for these guidelines and protections. Security requirements point under security requirements might justify slight clarification. This isn't just wireless security but the security that in inherently coupled with wireless (and wired) networks that is sometimes overlooked. That is the ideal of physical security of links and equipment. Like most things this is dependent on the environment. As an example a military/government facility is more than likely going to have stricter physical security measures in place than say a school. Physical security in the sense I'm referring to isn't armed security and the like. In this scope we are talking about physically securing equipment. That is dependent on what we are securing obviously. From the standpoint of of wireless we want to secure equipment and infrastructure. Lets start from the access point and work backwards. Access points can be physically secured with an enclosure or they could be mounted in a secure area if the design allows for it. Securing the wired network gear that supports the wireless infrastructure (switches, etc) many times can be done by having them in a dedicated room, secured cabinet or the like. The physical cabling that runs from the access points to the switches can be an issue also. If a line is cut, a hub or switch could be placed in line that could allow an attacker to capture data. Not just that but, although a more technical attack, it is the ability to measure the magnetic radiation that is emitted from a wire when electrical current is active over said wire. Chances are that isn't something that would be a concern for almost any of us in the wireless field. Other than the normal physical security that should probably be in place like questioning unfamiliar people and the like, I have personally seen structured cabling installed in metal piping much like electrical might be installed in within commercial environments.

Types of traffic is the next point. I think we all know the different types of wireless traffic that a network couple need to support. The three main categories of traffic would be streaming voice, streaming video and data. We know that streaming voice commonly referred to as VoIP is very sensitive to latency and jitter on the network. Streaming video, sometimes referred to as Video over IP, is also sensitive to lantecy and jitter like VoIP but tend to not be quite as much. Data on the other hand can be very insensitive unlike VoIP and video OR it could be effected depending on the specific application. As an example, HTTP requests and like traffic is very forgiving of a little latency and/or jitter as would be expected. On the other hand I have worked in healthcare and I have seen medical/electronic record applications that required a near constant connection to the server. This meant that even though VoIP wasn't a big concern at the time, the wireless network needed to support the same type of reliability and rapid roaming times that we associate with a VoIP reliant network. Even though types of traffic that will occupy the network have some preconceived assumptions, as has been mentioned before, every environment is different and needs to be treated as such.

Primary and secondary cell coverage are an obvious important thing. A primary cell is the cell that provides wireless coverage for a given area. The cell is the area that a particular access point services. If you are only familiar with wireless in terms of a home then there is a good chance that you have either a router/access point/switch all in one device or have a single access point that services your whole home. This isn't uncommon but in a business there are many access points, sometimes over 1,000. A single access point can't service the whole enterprise for the simple fact that it can't cover such a large area, along with client density and other variables. Because of the number of access points in a company there is going to be overlap of cell coverage. The amount of overlap needed is really going to depend on the type of wireless network that needs to be supported although ideally we would like to see somewhere around 18-20% cell overlap. With ~20% cell overlap between primary and secondary cells is the goal as that typically allows for fast roaming and we all know that VoIP about the most sensitive type of traffic we will typically handle.

If you are following the above list the next point we come to is power output and that it should be based on client output. Why do we want to base our access point power output on our client, and more importantly the lowest output important client? You may think "Well don't we want to turn the power up on our access points to give best coverage?" No we don't want that. What we ideally are looking for is wireless that gives acceptable performance. I like to look at the power output scenario with the analogy of a parent, playing the role of the access point, and a child, playing the role of the client, on a city block trying to communicate. While the parent and child can communicate easily while right next to each other that isn't the case as they get farther away. It's a reasonable assumption that the child can not speak/yell as loud as the parent at distance and most likely the parent can hear the child better at distance. If you look at the volume of the parent and child as the power output of the access point and client respectively, you can probably see the reason for doing wireless design based on the client. A wireless client is more likely to have a power output that is less than that of the associated access point. The access point having a high output capability can send information to the client at greater distance than the client can send information to the access point. Because the client can still associated with the access point, traffic is effected. For the sake of not splitting hairs, access points should have their power output adjusted to the output of the aforementioned lowest output important wireless client. This helps to facilitate good, proper data transfers and as an extension of that, proper roaming if it's needed.

Our next point on the list is attenuation and more specifically attenuation regarding construction materials. Walls tend to be about the biggest source of attenuation within a facility. Obviously the affect of walls and their material can, and will, play a very large factor in a wireless design. Some examples of things that can greatly effect a wireless design in the commercial setting are things like metal studs in the walls which is going to effect the RF signal more than the standard wood studs of a residential structure. On the other end would be lead lined walls in hospital radiology departments for personnel protection during x-rays and the like. These are just two examples of things that can be experienced. These are not the only things though as any material, or none in the case of FSPL, will have an effect on an RF signal. Yes there are values that are generally associated with certain materials regarding the amount of loss or attenuation that a given material with induce. This makes things easier when you know exactly what you are dealing with, such as new construction. This isn't as easy when you are working with an existing structure. Various remodels over the years can hide little secrets that could have a great impact on your wireless design if you don't take them into consideration. Just as one example, you might be doing a site survey/wireless design for an older building. As you walk in you see a fairly new interior with typical sheet rock walls as you would see most places. Being an older building though what you don't see if what is underneath said sheet rock. It could be nothing if that area of the building was gutted OR you might have brick or even concrete underneath. Obviously there is a large difference between nothing and a solid building material. This will have a huge impact on your design regardless of if you are doing an active site survey or a predictive with your software of choice. A fairly accurate way of measuring the attenuation of a wall can be done though so fear not. During your active site survey you can place an access point on a stick, aka APoS, about 6-10 feet from the wall you plan on measuring the attenuation for. You can then stand right next to the wall and with your laptop and/or your RF measuring equipment, measure the signal strength of the wireless signal. Now leave the access point where it is and walk to the other side of the wall and stand about 6-10 feet away. Now you can use your equipment and measure that same wireless signal. You now have a measurement with and without the wall as a source of attenuation. With some fairly easy math, you do remember the rule of 10s and 3s don't you?, you should be able to calculate the attenuation of the wall. This will give you a much more accurate representation than the assumption of wall, and building construction. With this fairly accurate information you are able to more accurately calculate and design a proper wireless plan which will save on troubleshooting later during the validation later.

Next we come to power difference between frequency bands. I guess we can say it's not as much about the power output but more along the lines of what power output is needed to get roughly the same coverage area for 2.4ghz and 5ghz. There is definitely a difference. It isn't that 5ghz will travel a shorter distance than 2.4ghz but that it is effected by attenuation more than 2.4ghz and so seems to travel less. Unburdened signals will travel much farther than we can reasonably utilize it when in a vacuum. Unfortunately we do not live in an ideal world and so we have to design for the attenuation that we have mentioned previously.

As we progress down the list, our next topic is band steering. I know I had went over this in a previous post so you can refer that that but I will briefly go over it again here. While talking about band steering we are going to assume that an SSID is enabled on both the 2.4ghz and 5ghz band. The basic purpose of band steering is for an access point to essentially force a client device to associate to the choosen SSID on the 5ghz band instead of the same SSID (yet different BSSID) on 2.4ghz. There is no standardized was for this to happen but a common method is for the access point to initially only reply to the client with the BSSID on the 5ghz band. This allows more devices to use the 4ghz band which is generally less congested and supports higher transmission speeds compared to the 2.4ghz band. If said client does not associate with the 5ghz BSSID then a delayed BSSID on 2.4ghz can be sent to the client.

Today we will be starting off talking about minimum recommended SINR. Some of you might be asking "Justin, I know what SNR is but what is SINR?" That's and excellent question and I'm glad you asked. In the wireless world we all know (or should know) that SNR stands for Signal to Noise Ratio and that is the value of the difference between the noise floor and the wireless signal. It's a fairly good way to evaluate the RF in an environment but SINR takes things one step further. SINR stands for Signal and Interference to Noise Ratio. Noise in general tends to be fairly consistent. Interference on the other hand can very much be sporadic and/or random. This many times can, and most likely will, provide a better picture of the environment during a site survey. Obviously a better picture is going to be a bonus, and sometimes a large one, but it doesn't come without a caveat. That caveat is that more than one pre-design site survey is needed at different times during the day in order to find/see/measure the interference. A basic and fairly well know example I'll use for this is the lunch area. We all know that microwaves can wreak havoc on the RF in the 2.4ghz band when in operation. That would be interference that isn't going to show up if a site survey is completed at say 0800 but most likely would show up if the survey is done at 1200. As such I try to design a wireless network based on SINR and not SNR when possible. Obviously we want to get the best SINR values we reasonably can but there are minimums that have

been agreed upon by the industry as acceptable thresholds for both data and voice traffic. For data, a minimum SINR of 18db is needed for reliable communication. That being said, I prefer to aim for a minimum of 20db both because a minimum is just that and I don't like to shoot for that where possible and the second reason is I don't trust an environment to stay the way it is at the time of a wireless design. Things change as new sources of interference

get introduced in the future. It doesn't seem like much but that extra 2db can be that little extra buffer that might save you from support calls if someone brings in a device that causes interference into the office. For voice the accepted SINR is 25db. Voice is more sensitive and so a more robust wireless environment is needed to prevent unwanted latency and jitter. As with data, I like to use a personal minimum SINR of 27db (an extra 2db) for the same reasons as I stated for data. I think it's more important with voice capable networks compared to data networks not only because voice traffic is effected so much by latency and jitter but because voice traffic is typically UDP transmissions so there is no resending of dropped/lost frames. A large amount of data packets are TCP which allows for retransmission of a lost frame.

If you are following along, next on the list is over subscription ratios. Over subscription ratios are ratios that are used as a baseline for full utilization of network resources, typically WAN circuits. This is normally done because all clients are not transmitting 100% of the time. The ratios I'm going to site are 2 things. They are ratios outlined per the CWNP organization for various market verticals and 2, and probably more importantly as with most hard numbers, is a baseline. The over subscription ratios are as follows below:

Large Public Venues 10:1 - 20:1

Education 10:1

Healthcare 20:1

Retail 20:1

Warehouses 30:1

Hospitality 10:1

Student Housing 20:1

Outdoor Environments 20:1

Government 20:1

These are not arbitrary numbers. They have been determined through real world evaluation and are not just guesses. The environment you are designing for can, and most likely will, have it's own idiosyncrasies that may change the over subscription ratio for that site. The more reasonable use of these ratios is to give you an idea of where to start so you can save time compared to trying to find the ratio that works for you with no prior information.

Outdoor wireless links is next on our list. The first point regarding outdoor links is accounting for the fresnel zone of the wireless link. "What is a fresnel zone, Justin?" Well I'm glad you asked. By definition, "A Fresnel zone is one of a series of confocal prolate ellipsoidal regions of space between and around a transmitter and a receiver.", credit to wikipedia for the proper definition. Now for those of us that are not familiar with physics, think of a fresnel zone as the rough shape of a football compared to a small thin laser accurate beam. There is more than 1 fresnel zone for a wireless link but for the most part we are concerned about the first fresnel zone which is the inner most one. Obstruction of the first fresnel zone will cause degredation of the wireless link. At a minimum we will need 60% of the first fresnel zone clear of any obstructions currently and in the future. Also something to remember, fresnel zones are not just vertical. They also are horizontal so in urban areas where you might have to have a wireless link shoot between building, you will have to calculate the space between those buildings. From a vertical perspective you have to take into consideration of buildings you shoot over along with things like trees which may grow to become an obstruction in the future. I mentioned the fresnel zone as 60% free as a minimum but like most things, the more the better. We should be aiming for 100% clear air for that first fresnel zone. The next big thing to consider with outdoor wireless links is something called earth bulge. Obviously this isn't something that needs to be taken into consideration for all wireless links. Many wireless links will be fine without worrying about earth bulge. In terms of wireless, any long wireless links will have to have earth bulge taken into consideration. Earth bulge becomes a factor at about the 7 mile mark. At 7 plus miles our target/receiving endpoint is very likely hidden by the horizon. A calculation for additional height for our directional antennas will be needed to overcome that with an antenna mast, small tower, etc to assist with additional height. Now I'm sure that from our previous topics that I don't like to ride the minimums so I will tend to start calculating for earth bulge at about the 6 mile mark just to be safe. Earth bulge is something to keep in the back of your head as a consideration but there are many wireless engineers that may never have to worry about earth bulge depending on the positions that they may hold.

Lastly on the list is the post deployment validation survey. A validation survey is very important and I have seen people not do one and to be honest, it worries for for the client's sake. There are a few subpoints for a validation survey that should be done for just basic verification. Lets looks at the 'non-technical' points first. Regulatory compliance usually covers regional/national/etc regulations that the client needs to abide by depending on their market vertical that they service. This could be HIPAA, DSS-PCI just to name a couple. These don't need someone to walk around a facility to verify per say but a table review and comparison of the requirements and how they have been addressed. This goes hand in hand many times with the security requirements and many times can be reviewed at the same time. Security requirements many times in terms of wireless will cover things like WEP/WPA1/2/3 and dot1x/EAP solutions. I think we all know that WEP and WPA should not be used. There are other mechanisms that can be included as needed also. The other points are a little more on the technical side. Primary and secondary cell coverage should be done to make sure that they wireless cells have about a 20% overlap. This is important to make sure all areas that are supposed to be serviced with wireless are. It's also important for testing our last point, roaming. Some software may have certain latency thresholds before a disconnect which I have seen while working in healthcare. It's also very important if the design was expected to support voice. When testing data roaming, a device that will commonly be used would be pretty ideal for this part of the survey since it will provide real world results. When testing voice roaming, a commonly used VoIP phone used at the facility would be good to use and for the same reasons... real world results. This shows the wireless has been designed for the specific hosts and environment.
Post Reply