Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)

Similar presentations


Presentation on theme: "© 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)"— Presentation transcript:

1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)

2 5-2 802.11 Wireless LANs (WLANs) Wireless LAN Technology –802.11 is the dominant WLAN technology today –Standardized by the 802.11 Working Group –Popularly known as Wi-Fi

3 5-3 802.11 Wireless LANs (WLANs) Wireless hosts connect by radio to access points Wireless hosts connect by radio to access points

4 5-4 802.11 Wireless Access Points and NICs

5 5-5 802.11 Wireless LANs (WLANs) WLANs usually supplement wired LANs instead of replacing them. The access point connects wireless users to the firm’s main wired LAN (Ethernet) WLANs usually supplement wired LANs instead of replacing them. The access point connects wireless users to the firm’s main wired LAN (Ethernet) This gives the mobile client access to the servers on the wired LAN and the firm’s router for Internet access This gives the mobile client access to the servers on the wired LAN and the firm’s router for Internet access 1

6 5-6 802.11 Wireless LANs (WLANs) Transmission speed: up to 300 Mbps but usually 10 Mbps to 100 Mbps. Distances between station and access point: 30 to 100 meters. Transmission speed: up to 300 Mbps but usually 10 Mbps to 100 Mbps. Distances between station and access point: 30 to 100 meters.

7 5-7 Recap of Radio Propagation Concepts Frequency –Radio waves are measured in terms of frequency –Measured in hertz (Hz)—the number of complete cycles per second Most Common Frequency Range for WLANs: –High megahertz to low gigahertz range

8 5-8 The Frequency Spectrum, Service Bands, and Channels

9 5-9 Channel Bandwidth and Speed Channel Bandwidth –Channel bandwidth is the highest frequency in a channel minus the lowest frequency –An 88.0 MHz to 88.2 MHz channel has a bandwidth of 0.2 MHz (200 kHz)

10 5-10 Channel Bandwidth Speed Broadband and Narrowband Channels –Broadband means wide channel bandwidth and therefore high speed –Narrowband means narrow channel bandwidth and therefore low speed –Today, any speed, whether in channels or not, is called narrowband or broadband Narrowband is below 200 kbps Broadband is above 200 kbps

11 5-11 Licensed and Unlicensed Bands Licensed Radio Bands –If two nearby radio hosts transmit in the same channel, their signals will interfere –Most radio bands are licensed bands, in which hosts need a license to transmit –The government limits licenses to avoid interference –Television bands, AM radio bands, etc., are licensed –In cellular telephone bands, which are licensed, only the central transceivers are licensed, not the mobile phones

12 5-12 Licensed and Unlicensed Bands Unlicensed Radio Bands –Some service bands are set aside as unlicensed bands –Hosts do not need to be licensed to be turned on or moved –802.11 operates in unlicensed radio bands –This allows access points and hosts to be moved freely

13 5-13 802.11 in the 2.4 GHz and 5 GHz Unlicensed Bands The 2.4 GHz Unlicensed Band –Defined the same in almost all countries (2.400 GHz to 2.485 GHz) –This sameness reduces radio costs –Propagation characteristics are good –For 20 MHz 802.11 channels, only three nonoverlapping channels are possible Channels 1, 6, and 11

14 5-14 Mutual Interference in the 2.4 GHz Unlicensed Band If two nearby access points operate on the same channel, the access points and their stations will interfere with each other

15 5-15 802.11 in the 2.4 GHz and 5 GHz Unlicensed Bands The 5 GHz Unlicensed Band –Radios in the 5 GHz band are expensive because frequencies in different countries are different and because higher-frequency technology is more expensive than lower-frequency technology –Also, smaller market sales mean more expensive devices –Shorter propagation distance than in the 2.4 GHz band because of greater absorptive attenuation at higher frequencies –Deader shadow zones because of higher frequencies

16 5-16 802.11 in the 2.4 GHz and 5 GHz Unlicensed Bands The 5 GHz Unlicensed Band –More bandwidth than in the 2.4 GHz band, so between 11 and 24 non-overlapping channels –Allows many nearby access points to operate on non- overlapping channels –Or, some access points can operate on two channels They serve some clients with one channel, some with the other This allows them to serve more clients with good throughput

17 5-17 Spread Spectrum Transmission Methods Early spread spectrum products used one of two slow methods. In frequency hopping spread spectrum, the signal was kept narrow, but it hopped around in frequency every two or three frames. In direct sequence spread spectrum, the signal is spread over The entire spread spectrum band. Both have technical limits and all newer 802.11 standards use a different type of spread spectrum transmission.

18 5-18 Spread Spectrum Transmission Methods Newer 802.11 standards use OFDM: Orthogonal Frequency Division Multiplexing. OFDM divides the entire channel into smaller subcarriers (subchannels). It sends part of the signal in each subcarrier. Information is sent redundantly among the subcarriers, so the whole message will get through even if some subcarriers are bad Using smaller channels gives more precise signal spreading than spreading the signal over the entire channel. This in turn allows much faster transmission speeds.

19 5-19 Typical 802.11 Wireless LAN Operation with Wireless Access Points 802.11 and 802.3 have different frames 1. The access point receives an 802.11 frame carrying the packet 2. The access point removes the packet, places the packet into an 802.3 frame and passes the frame on to the Ethernet switch 3. The Ethernet switch sends the 802.3 frame to the server.

20 5-20 Hosts and Access Points Transmit in a Single Channel The access point and all the hosts it serves transmit in a single channel If two devices transmit at the same time, their signals will collide, becoming unreadable Media access control (MAC) methods govern when a device may transmit; It only lets one device transmit at a time

21 5-21 CSMA/CA+ACK in 802.11 Wireless LANs CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) –Sender listens for traffic 1. If there is traffic, the sender waits 2. If there is no traffic: –2a. If there has been no traffic for less than a present amount of time, waits a random amount of time, then returns to Step 1. –2b, If there has been no traffic for more than a preset amount of time, sends without waiting –This avoids collision that would result if hosts could transmit as soon as one host finishes transmitting Box

22 5-22 CSMA/CA+ACK in 802.11 Wireless LANs ACK (Acknowledgement) –Receiver immediately sends back an acknowledgement If sender does not receive the acknowledgement, retransmits using CSMA –CSMA/CA plus ACK is a reliable protocol CSMA/CA+ACK must be reliable because radio transmission is unreliable Box

23 5-23 Request to Send/Clear to Send

24 5-24 Specific 802.11 Wireless LAN Standards Characteristic802.11802.11a802.11b802.11g802.11n802.11ac Spread Spectrum Method, etc. FHSSOFDMDSSSOFDMOFDM + MIMO Unlicensed Band 2.4 GHz 5 GHz 2.4 GHz 2.4 GHz and 5 GHz 5 GHz only RemarksDead and gone Little market accep- tance Bloomed briefly Now obsolete Today’s dominant 802.11 standard Growing rapidly

25 5-25 Specific 802.11 Wireless LAN Standards Characteristic802.11802.11a802.11b802.11g802.11n802.11ac Rated Speed2 Mbps 54 Mbps 11 Mbps 54 Mbps 100 to 600 Mbps 433 Mbps to 6.93 Gbps Actual Throughput, 3 m 1 Mbps 25 Mbps 6 Mbps25 Mbps 70-80 Mbps Closer to rated speed than earlier standards Actual Throughput, 30 m ?12 Mbps 6 Mbps20 Mbps 50 Mbps 70-100 Mbps

26 5-26 Specific 802.11 Wireless LAN Standards 802.11g –Obsolete today –54 Mbps rated speed with much slower throughput –Generally sufficient for Web browsing –Inexpensive –All access points support it

27 5-27 Specific 802.11 Wireless LAN Standards 802.11n –Uses MIMO to give higher throughputs and longer transmission distances –Also uses 40 MHz channels instead of normal 20 MHz 802.11 channels to further increase throughput –100 Mbps throughputs are common –Today, the dominant 802.11 standard –802.11ac growing, the wave of the future.

28 5-28 Mesh Wireless Network In mesh wireless networks, the access points do all routing There is no need for a wired network The 802.11s standard for mesh networking is under development In mesh wireless networks, the access points do all routing There is no need for a wired network The 802.11s standard for mesh networking is under development

29 5-29 Smart Antenna

30 © 2009 Pearson Education, Inc. Publishing as Prentice Hall 802.11 Security

31 5-31 WLAN Security Threats Drive-By Hackers –Sit outside the corporate premises and read network traffic –Can send malicious traffic into the network –Easily done with readily available downloadable software War Drivers –Merely discover unprotected access points—become drive-by hackers only if they break in

32 5-32 802.11 Core Security Standards Provide Security between the Wireless Station and the Wireless Access Point –Client (and perhaps access point) authentication –Passes key to client –Subsequent encryption of messages for confidentiality Authentication Protected Communication

33 5-33 802.11 Core Security Standards Protection Does Not Extend Beyond Access Point –Only protects the wireless client—access point connection Protected Communication No Protection

34 5-34 802.11 Core Security Standards Wired Equivalent Privacy (WEP) –Initial rudimentary core security provided with 802.11 in 1997 –Everyone shared the same secret encryption key, and this key could not be changed automatically –Because secret key was shared, it does not seem to be secret Users often give out freely –Key initially could be cracked in 1–2 hours; now can be cracked in 3–10 minutes using readily available software

35 5-35 802.11 Core Security Standards Wireless Protected Access (WPA) –The Wi-Fi Alliance Normally certifies interoperability of 802.11 equipment –Certified products get to use the Wi-Fi logo Created WPA as a stop-gap core security standard in 2002 until 802.11i was finished

36 5-36 802.11 Core Security Standards 802.11i (WPA2) –Uses AES-CCMP with 128-bit keys for confidentiality and key management –Gold standard in 802.11 core security –But companies have large installed bases of WPA- configured equipment –Now that WPA has been partially cracked, companies should upgrade to 802.11i

37 802.11 Security in 802.1X and PSK Modes 802.1X Mode –Uses a central authentication server for consistency –Wi-Fi Alliance calls this enterprise mode –Both WPA and 802.11i use 802.1X mode 5-37

38 802.11 Security in 802.1X and PSK Modes 802.1X Mode –However, with wireless transmission, protection is needed between the wireless supplicant and the access point because radio transmissions are easy to tap 5-38

39 5-39 WLAN Security Threats Rogue Access Points –Unauthorized access points that are set up by a department or an individual –They often fail to implement core security –This gives drive-by hackers free access to the internal network, bypassing both the border firewall and access point security –Often operate at high power, attracting many hosts to their low-security service

40 5-40 Evil Twin Access Point An attacker makes his or her computer act as an access point. It operates at very high power. Victim wireless clients within the victim building associate with the evil twin access point instead of with a legitimate access point within the building. An attacker makes his or her computer act as an access point. It operates at very high power. Victim wireless clients within the victim building associate with the evil twin access point instead of with a legitimate access point within the building.

41 5-41 Evil Twin Access Point 1. The victim sends its authentication credentials to the evil twin. 2. The evil twin passes the credentials on to the legitimate access point. 3. The legitimate access point sends back a secret key. 4. The evil twin remembers the key, then sends it to the client.

42 5-42 Added Wireless Protection: VPNs and VLANs Virtual Private Networks (VPNs) –VPN protection defeats evil twins because the two devices preshared a key that is never transmitted EAP Protected Communication VPN Protection Preshared VPN Key Preshared VPN Key Frustrated Evil Twin

43 5-43 Added Wireless Protection: VPNs and VLANs Virtual LANs (VLANs) –With VLANs, clients can only talk to some servers –Wireless clients who first come can be assigned to a VLAN in which they can only connect to a single server- an authentication server –When the client authenticates itself to the authentication server, they are taken off the restrictive VLAN Pre- Authentication VLAN Rest of the network Authentication Server


Download ppt "© 2009 Pearson Education, Inc. Publishing as Prentice Hall Wireless LANs (WLANs)"

Similar presentations


Ads by Google