Wireless LAN (WLAN) is a term used in computing that refers to any type of local area network that uses high-frequency radio waves to provide wireless connectivity between devices, such as computers and printers.
A WLAN can be used in a home, office, or another public place. Devices that can connect to a WLAN include laptops, tablets, smartphones, game consoles, digital cameras, smart TVs, and printers.
To connect to a WLAN, the device must have a built-in wireless adapter or be connected to an adapter that is plugged into the device.
A WLAN allows users within the electromagnetic range of a wireless access point to connect to the network using Wi-Fi technology. The coverage area of a single WLAN depends on the power output and antenna type of the access point, as well as the number, type, and power output of client devices. All components must be within line of sight of each other for proper operation.
What is the primary advantage of a wireless LAN?
The primary advantage of a wireless LAN is that it allows users to connect to the network without being physically connected to it. This can be convenient for users who need to move around the office or campus, or who want to access the network from outside the building.
Additionally, because wireless LANs use radio waves to transmit data, they are less likely to be affected by interference than wired networks.
How does a WLAN benefit a business?
Aside from general day-to-day operations like downloading documents or sending emails internally, WLAN systems serve other functions like digitizing the commercial building public address system for distributing announcements over speakers throughout an entire building; supporting proximity detection; and reducing end-user configuration parameters.
A WLAN can benefit a business in many ways. For example, a WLAN can improve communication among employees, allow employees to work from home, and improve security.
A WLAN can improve communication among employees by allowing them to access the network from anywhere in the office. This can be especially helpful for businesses with multiple locations.
A WLAN can also allow employees to work from home by connecting to the network through their laptop or smartphone. And finally, a WLAN can improve security by encrypting data transmissions and setting up firewalls.
Is a WLAN secure?
As we previously mentioned, a wireless local area network (WLAN) is a localized computer network that connects devices using wireless techniques.
A WLAN uses low power radio waves to transmit and receive data, as opposed to a cell phone which uses high-power radio waves for both transmitting and receiving data. There are several different security protocols used in all different types of WLANs.
In general, most secure WLAN protocols use encryption with the goal of preventing unauthorized users from accessing your network without permission. When people think about security, they tend to focus on the security measures put in place by the owner of a given device or system.
However, it’s important to remember that hackers have access to plenty of information about how WLANs work and how they can be compromised, making them a major security risk for all users.
How does roaming work on a WLAN?
Roaming on a WLAN is a feature that allows a wireless client to switch from one access point to another without losing the connection. This provides for seamless handoff or roaming of a wi-fi device from one wireless network to another within an area such as an office building or campus (which may include multiple buildings).
When the user roams they move into range of another access point with stronger signal strength, and if allowed by configuration settings automatically connect to that access point.
The initial association and authentication are performed by the existing infrastructure. After authentication and association have occurred, any unique security policies must be applied again before data communication can begin. If the new AP is configured with different WEP keys, SSID’s etc… then all security policies will need to be re-applied.
Roaming should not be confused with inter-SSID roaming which is a feature of some wireless controllers. Inter-SSID roaming allows an access point connected to one SSID (Service Set Identifier) and operating on a particular VLAN or subnet, to switch the AP’s behaviour and transmit data traffic over another SSID and change its own IP address accordingly.
This is only possible when the controller managing both SSIDs has been configured for inter-SSID roaming; it cannot be performed by individual access points themselves. Roaming is different from transferring between two non-ad hoc networks because this would require breaking down the 802.11b/g link and reestablishing the connection with the new AP. Roaming happens without any loss of connectivity to the user, only loss of signal strength or availability of other APs if they are out of range.
There are two different methods for roaming between access points available on many wireless infrastructure devices today:
Pros and cons for both types:
– L2 – Low-latency handoff; no support for RSN ie WPA2/AES which is desired by most enterprise customers; fast data rates possible with 802.11g clients; battery life issues
with i.e. laptops because they need to maintain a connection to an Access Point while moving around.
– L3 – Supports RSN; maintains a connection allowing sending and receiving of data packets while moving around; does not interfere with other clients on the same AP, but
has an increased latency because it needs to reestablish the link to the new AP.
What is a mesh network?
Mesh network operates as a large group of nodes that form a network.
What is a node?
In this context, a node is any device that becomes part of the mesh network by connecting to one or more other devices on the mesh network. Each of those devices then becomes another node in the network, and so on. Mesh networks can also contain nodes known as gateways.
What are gateways?
Gateways function as the entry/exit point for traffic coming from outside the mesh network.
What happens if I’m not using a gateway?
If you aren’t using a gateway, your data will be sent over multiple nodes until it reaches its final destination (the person or system with which you are communicating). What’s interesting about this process is that it ensures that the data will always travel the shortest possible route.
What happens if I use a gateway?
If you are using a gateway, your data is sent to the node with which the destination system has established its connection, and then it is sent from there.
What does this mean?
This means that traffic coming into or leaving the mesh network will always travel over multiple nodes instead of just one (and thus reduces vulnerability to attack).
What else should I know about mesh networks?
Mesh networks can also be created using wireless technologies like 2G 1 , 3G 2 , 4G 3 , LTE 4 , WiMAX 5 , and WiFi 6.
WLAN architecture Explained
In the WLAN architecture, access points are connected to a wired LAN infrastructure, allowing wireless clients within the range of one or more WLANs to exchange data.
WLANs can operate in a peer-to-peer fashion without a network administrator and allow users to share files and printers, surf the Internet and chat via Instant Messaging.
WLAN is also used for applications such as WIDS or Wireless Intrusion Detection System that monitor the WLAN activity for security purposes.
Here we will briefly explain WLAN architecture from a client perspective
A wireless client has no means other than software to determine if an AP is out of range other than by attempting association with it which fails because the client’s signal is too weak or by being told by a WLAN administrator that the WLAN is unavailable in a particular location. If you wish to check WLAN availability or WLAN signal strength, use Wifi Analyzer.
A wireless client can only authenticate with an AP after the association has been completed successfully. The client must also be configured for security before it will be able to communicate on the WLAN using IPSec or 802.11i authentication protocols. WEP doesn’t provide enough encryption strength and is no longer considered secure since its vulnerabilities have been discovered and documented. Therefore it is important to use strong WPA2 passwords for more reliable WPA/WPA2 security implementation on a small business network or Wi-Fi network at home that Internet access to guests is not restricted.
The WLAN architecture is made up of the following elements
WLAN controller – controls APs and wireless clients on WLAN. A WLAN controller can support multiple access points, each of which behaves like an autonomous switch that
provides network connectivity to wireless stations. The WLAN controller software manages user authentication, association and roaming with the assist of a policy manager
for traffic management. WDS (Wireless Distribution System) is used for controlled configuration of APs by WISP or ISP over radio interface using bridging. It enables an 802.11-based WAN to operate as if it were one large extended LAN area covered by a single WLAN.
The following image is a great reference guide:
Access point (AP) – acts as a wireless client and provides access to the wired LAN. The AP has an antenna and radio for conducting communication with wireless clients that are within range of the AP’s signal, and also contains Twisted-Pair cabling to extend connections from its 802.11 interface to devices connected at the other end of the cable such as a switch or router port.
APs can be put in standby mode when they are not active in order to save power. This is done by configuring a feature available on most enterprise-class AP platforms called “Auto-RF”, which ensures that the frequency used by APs – called their channel – are not being utilized by “rogue WLAN devices”. WLANs are frequently subject to interference from microwave ovens, cordless phones and other WLANs in use nearby. Wireless networking gear also supports dynamic channel scanning so that WLAN clients can roam seamlessly between access points based on environmental conditions or regulatory rules.
The following diagram shows how WAP is connected to the WDS bridge link:
WDS bridge link – WDS bridges wireless data traffic between two wireless LAN segments. WDS uses point-to-point links where one device acts as a transmitter and receiver for bridging data traffic onto the wired network, while the second device only transmits data packets across the WLAN. WDS bridges the wireless data traffic between multiple WLANs and is transparent to users on each WLAN.
WDS can be used with WPA2 encryption without any problems. WEP WEP and WPS (Wi-Fi Protected Setup) security measures lack encryption strength and are not considered secure nowadays due to vulnerabilities that have been documented in them. Therefore it is important to use strong WPA2 passwords for more reliable WPA/WPA2 security implementation on a small business network or Wi-Fi network at home that Internet access to guests is not restricted.
The following image shows how AP-B acts as both a wireless client of AP-A, while also acting as a transmitter and receiver of bridging WDS link between WLAN segments:
WLAN architecture is an important element in WLAN design. For more articles on Wifi Security Explained, WLAN controller configuration, WAP wireless bridge links, WISP network setup and other related topics stay tuned to our blog!
WPA security has replaced the old standard WEP because it provides more reliable encryption strength of data traffic sent over wireless LANs (WLANs). As the name suggests, WPA uses both Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) for 802.11 data packet encryption. TKIP was developed as a stopgap measure to address serious weaknesses in WEP without having to replace legacy hardware. WPA uses RC4 for data encryption with TKIP, which makes WPA less efficient than WPA2.
WPA2 is more secure than WPA because it provides an AES 128 bit encryption that is considered “very strong”. WPA was developed by the Wi-Fi Alliance (WFA) in response to serious weaknesses found in WEP. At this time, there are three different versions of WPA; WPA-PSK (also known as WPA Personal), WPA2-PSK (also known as WPA2 Personal), and WPA/WPA2 Enterprise. Networks implementing 802.1x will typically use an authentication server such as RADIUS to handle network access requests.
Endpoint –
The endpoint is an end-user station, such as a computer (MAC or PC), mobile device, printer, or Internet of Things (IoT) device.
Basic Service Set (BSS) –
A BSS defines an area of wireless coverage within which all devices can communicate directly. Each BSS is identified by a Service Set Identifier (SSID) which you will often see in your wireless client’s list of available access points. You may have multiple overlapping BSSs on the same channel, each with its own SSID.
Distribution system
A distribution system is primarily used as a wired backbone to connect access points together within an extended service area. Distribution systems are typically high-bandwidth cabling, such as Ethernet local area network.
WDS links between WAPs can use different wireless link standards allowing for backwards compatibility with your legacy 802.11b/g devices. This is important because while most new wireless devices will support both 5GHz and 2.4GHz bands, not all legacy devices do. To ease deployment, some WAP vendors offer a single-band “access point” that can be used to extend wireless coverage without adding an additional access point or WDS capable controller.
