Scribd Logo
Hochladen

Willkommen bei Scribd!

  • WLAN

    Hochgeladen von

    Yugo Wibowo
    49 Ansichten15 Seiten
    Wireless LANs have four huge weaknesses: the useable bandwidth is very limited. The connection to the network is not visible. Wireless LAN is a shared media. The built in security mechanisms are useless.

    Originalbeschreibung:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Wireless LANs have four huge weaknesses: the useable bandwidth is very limited. The connection to the network is not visible. Wireless LAN is a shared media. The built in security mechanisms are useless.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    49 Ansichten15 Seiten

    WLAN

    Hochgeladen von

    Yugo Wibowo
    Wireless LANs have four huge weaknesses: the useable bandwidth is very limited. The connection to the network is not visible. Wireless LAN is a shared media. The built in security mechanisms are useless.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 15

    1

    ETH Informatikdienste

    Wireless LAN (IEEE802.11b)


    @ ETH Zürich

    Armin Brunner
    Informatikdienste ETHZ

    Armin Brunner 14.6.2002


    Agenda 2
    ETH Informatikdienste

    u The Project “Wireless LAN”


    u Why are WLANs useless
    u Why WLANs make sense
    u The WLAN concept of ETHZ
    u The future of WLAN at ETHZ

    Armin Brunner 14.6.2002


    The project „Wireless LAN“ 1/2 3
    ETH Informatikdienste

    u Better use of existing physical space:


    Development of „public“ areas like:
    • Cafeterias and refectories
    • popular areas for learning and studying
    • Libraries
    • Meeting rooms

    u Enabling of new forms of teaching:


    • Development of lecture halls with WLANs

    Armin Brunner 14.6.2002


    The Project „Wireless LAN“ 2/2 4
    ETH Informatikdienste

    u Project-start: summer 2000


    u Project-end: spring 2002
    u Proposed volume:
    • 60 WLAN access-points
    • 600 WLAN client cards
    u Budget: 480kFr
    u Installed volume (spring 02):
    • 90 WLAN access-points
    • 1000 WLAN client cards
    u The client-cards are sold for 100Fr to students
    and employees. (1 card per person)

    Armin Brunner 14.6.2002


    Why are WLANs useless 5
    ETH Informatikdienste

    Wireless LANs have four huge weaknesses:

    u The useable bandwidth is very limited.

    u The connection to the network is not visible.

    u Wireless LAN is a shared media.

    u The built in security mechanisms are useless.

    Armin Brunner 14.6.2002


    The problems of bandwidth 1/2 6
    ETH Informatikdienste

    u year 2002
    • Wire-based standard-access is 100MBit/s dedicated.
    • WLAN: for each Access-Point ~5MBit/s shared for 10-20 users.

    • a difference of factor 200-500 in bandwith today.

    u year 2004
    • Wire-based standard-access is 1‘000MBit/s dedicated.
    • WLAN: for each Access-Point ~20MBit/s shared for 10-20 users.

    • a difference of factor 500-1000 in bandwith 2004.

    Armin Brunner 14.6.2002


    The problems of bandwidth 2/2 7
    ETH Informatikdienste

    The bandwidth in a „room“ is not scalable .

    License free ISM Band


    2.40 2.41 2.42 2.43 2.44 2.45 2.46 2.47 2.48 GHz

    Channel 1
    Channel 2
    Channel 3
    Channel 4
    Channel 5
    Channel 6
    Channel 7
    Channel 8
    Channel 9
    Channel 10
    Channel 11
    Channel 12
    Channel 13

    Armin Brunner 14.6.2002


    The problems of the unvisible connection 8
    ETH Informatikdienste

    u The area of a WLAN cell is not definable.


    The coverage depends on:
    • Building structure
    • Transmit power of access-point and client-card
    • Antenna-quality of access-point and/or client-card

    u Misconfigurations of the access-points show no immediate


    effect.

    u The usergroup is controlable only with additional mechanisms.

    u The connection is sensitve.

    Armin Brunner 14.6.2002


    The problems of sharded medias 9
    ETH Informatikdienste

    u Performance depends on the number of clients and access-


    points and on the fairness of the driver implementation.

    u Wiretapping of WLANs is very easy.

    Armin Brunner 14.6.2002


    The problems of security 10
    ETH Informatikdienste

    There are three built in security mechanisms in the


    IEEE802.11b standard. All of them are virtually useless:

    u Radio Service Set Identification (SSID)


    • SSID is included in every beacon-packet
    • With unconfigered SSID the client will accept every AP

    u Wired Equivalent Privacy (WEP)


    • Not solvable problems with Keymanagement/-distribution

    u Control of the allowed MAC-addresses


    • Useable only for very small number of clients

    Armin Brunner 14.6.2002


    Why WLANs make sense 11
    ETH Informatikdienste

    Wireless LANs can make sense if all the problems


    are addressed. Therefore we recommend:

    u WLANs are never a replacement of a good wire


    infrastructure. It‘s only a supplement.
    u High bandwidth demanding application are not suitable for
    WLANs.
    u There must be an experienced coordination for AP
    positions and frequencies.
    u User-validation is essential.
    u There must be a secure and practicable encryption of the
    wireless connection.

    Armin Brunner 14.6.2002


    The WLAN concept of ETHZ 1/2 12
    ETH Informatikdienste

    u http://www.id.ethz.ch/Publikationen/WLAN-Konzept/WLAN-
    Konzept_2002.pdf

    u There is no unprotected access-points.


    • WEP or MAC-list with small working groups or autonomous computers
    • Else User-validation with the central validation service

    u Every access-points must have a configuration with a


    correct SSID.
    • SSID=„public“ in installationen based on user-validation
    • SSID based on subnet name in installationen with WEP/MAC list

    u The configuration and position of all access-points are


    coordinated by the Informatikdienste

    Armin Brunner 14.6.2002


    The WLAN Concept of ETHZ 2/2 13
    ETH Informatikdienste

    User validation in the „public“ area:


    Radius
    request

    VPN-server Radius-server

    Radius
    ETH-Campus-Netz request

    IOS-router dynamic
    IPSec access-liste
    tunnel
    Public docking subnet
    SSH
    session
    for
    AP AP AP validation

    WLAN Docking WLAN


    client client client

    Armin Brunner 14.6.2002


    The future of WLAN at ETHZ 14
    ETH Informatikdienste

    u 50% job dedicated for installation and management of the


    „public“ WLAN

    u Today ca. 90 Access-Points installed und


    ca. 1000 client-cards sold.
    u Until end of 2002 about 150 access-points in the public
    area.

    u Future plans for the installation of access-points in all


    lecture halls, seminar rooms and „public“ meeting rooms.

    Armin Brunner 14.6.2002


    15
    ETH Informatikdienste

    Thank you

    Armin Brunner 14.6.2002

    Das könnte Ihnen auch gefallen