Download presentation
Presentation is loading. Please wait.
Published byDoris Whitehead Modified over 9 years ago
2
QoS and Security Decisions in WiFi Telephony Jonathan Zarkower Director – Product Management The Intelligent Wireless Networking Choice
3
Agenda Setting a Framework Next Generation Requirements/Architectures Summary Q&A
4
Setting a Framework
5
WLAN Adoption Trends Pervasive clients Strong, standards based foundation; adequate security broadly available Business cases established Management model and tools exist Large-scale deployment successes Interoperability enforced (WiFi) Early Adopters 1998-2000 Large-Scale Adoption 2001-2004 Limited client availability Standards emerging; proprietary implementations Technology push vs. business pull Trials, pilots, “islands” of limited deployment Interoperability and scalability not proven out Multi-purposed “smart” clients Next Gen Standards;.11n,.11k,,TR-59, etc. WLAN-based Triple Play; QoS enabled Wholesaling, client Auto- provisioning, Managed WLAN Services “WiFi Everywhere” MultiService Generation 2005+ Over the Next Two Years, WLANs will represent the emerging point of convergence for other leading technology sectors including Security, VoIP and RFID
6
Fourth Generation WLANs
7
Typical Multi-Service WLAN System Access devices integrate with wireline network and deliver core WLAN services Controller/Switch enables enhanced WLAN services Centralized management system provides scalability WLAN Management Central Site/Campus VLAN Switch/Router Controller/Switch Access Points AAA, VPN, DHCP Servers LAN/WAN Backbone Remote Sites Secure WLAN Gateway
8
A View of Current WLAN Services Multi-Service Operating System Public & Guest Access Secure Data Voice Multi- Media Mobile Business Apps WLAN Services Networking Functions Multi- Layer Security WLAN RF Wireline/ Wireless Integration End-To-End Management Network QoS Multi-Service OS can deliver multiple WLAN services per network Separate SSID/BSSID per service ensures client interoperability Each service tunable for optimum application performance Multiple Instances of any service provides flexibility
9
Key System Service Features Secure Data Layer 2 (802.1x, WPA, WEP, MAC auth) Layer 3 (complete VPN security, IP filtering) Integrates with corporate AAA database Voice Flexible handset support Service-Aware soft-phone support (SIP, H.323) Fast hand-off/roaming, extended battery life Multimedia 802.11e EDCA and Service-Aware QoS Wireline QoS integration (802.1p, TOS/DiffServ) Mobile Business Apps Configurable QoS and security policies for specialized client devices Public and Guest Access “Zero-config” client ease-of-use Multiple security and QoS profiles Support for major back-end billing services
10
Secure Data Services Layer 3 IP address filtering limits destination addresses VPN termination, aggregation, or filtering Stateful Firewall provides session-aware security Layer 2 Traffic segregation and VLAN mapping per SSID 802.1x authentication leverages existing AAA db Layer 2 Isolation provides security at the client level SSID=Employee Security=VPN LAN/WAN WLAN Gateway Data Center AAA VPN Server
11
Toll-Quality Voice Broad QoS support for VoWLAN handsets SpectraLink, 802.11e, Vocera, SIP and H.323 soft phones Transparent client subnet roaming support Traffic segregation and IP filters reinforce security Support for 3 rd party power- save modes Employee Server VoIP Gateway SSID=VOICE Security= WEP IP Filter=VoIP G/W QoS=P1 Router Data Center Subnet “A”Subnet “B” Seamless Subnet Roaming
12
Multimedia 802.11e EDCA QoS protocol support Four classes of service enable rich multimedia applications Service-Aware QoS for non- protocol client devices Enables legacy devices to access QoS Mapping to wired network QoS policies 802.1p and TOS/DiffServ integration Switch/Router Video Server SSID=VIDEO Security=Open Filter=Video server QoS=P2 SSID=Multimedia Security=WPA QoS=802.11e SurveillanceVideo Conference Internet
13
Mobile Business Applications Configurable security policy MAC authentication and IP filters provide strong security for weak client devices Separate SSID/BSSID per service Ensures compatibility with 3 rd party devices Configurable Power Save signaling Configurable QoS policy Enables applications to be prioritized Per AP flexibility enables tuning per RF footprint Barcode scanners Asset Tracking Tablet Computer Specialized Client Devices Any client device, user category, application type
14
Public/Guest Internet Access “Zero configuration” user interface Adapt to client PC configuration (IP add., web proxy, etc.) Web redirect and authentication simplifies login Adaptive NAT TM ensures user access to VPN applications Flexible AAA support Interoperates with 3 rd party billing services Supports variety of business models (scratch card, credit card, etc) Usage or elapsed time session accounting Rich access control features Captive portal support enables private content delivery Web proxy redirect and black list support controls user destinations Configurable bandwidth management limits access to Internet bandwidth per user, or per service
15
Centralized WLAN System Management Optimizes total cost of ownership Centrally managed WLAN device and security policies Auto discovery, configuration and firmware management Group policies simplify network operation Scalable to manage 1000’s of devices and users Must work with distributed campus and branch topologies 3 rd party NMS integration Centralized WLAN Monitoring Comprehensive Rogue AP detection Performance and troubleshooting tools Multi-vendor AP management Ease of migration from legacy to next generation
16
Management Tools Reduce TCO Ease of Deployment Tools Automatic channel selection Auto Power Ongoing RF optimization to ensure consistent client performance Strong Network Operations Tools Packet capture Remote debug tool to work with standard protocol analyzers Client data rate matrix Quickly identify client performance problems and optimize RF coverage Client authentication trace Identifies complex association and authentication problems with plain English messages Syslog Provides real-time information to network operators SNMP Standards-based Fault Management, Configuration, Accounting, Provisioning, Security
17
Next Generation Requirements/Architecture
18
Next Gen WLAN Requirements Scalability – Single architecture fits centralized and distributed organizations, large and small facilities “WLAN adoption will accelerate over the next two years, with more than 50% of organizations deploying WLAN by 2006”…Meta Group High performance – >100 Mbps client bandwidth with QoS for multimedia applications 802.11n (MIMO), VoWLAN QoS Reduced cost – TCO competitive with wired Ethernet Installation, operation and equipment costs Rich services – Business mobility applications, plus access to wired network services NAC, location-based applications, RFID
19
Current WLAN Architectures Layer 2 security Strong access control and privacy Seamless roaming with security Ease of deployment and operation Centralized management Automatic RF configuration Scale Sq ft “sweet spot” doesn’t fit very small or large facilities Performance 10 VoWLAN session limit Fork-lift upgrade for 802.11n Cost $1.10 per sq ft. AdvantagesChallenges
20
Fourth Generation Architecture Distributed intelligence increases performance and scalability X more voice sessions 10x larger networks 50% better QoS (jitter and latency) Data processing at WLAN edge reduces cost by ½ $0.5 per sq ft Separate WLAN control and management appliances provide smooth upgrade to 802.11n Distributed processing increases service reliability LAN DataPlane ControlPlane ManagementPlane Client packet Forwarded Client access & QoS control, roaming WLAN RF & system mgt. Switch/Controller NMS Access Points
21
Summary Voice is one of many services being added to WLAN Unique requirements exist for WLAN voice, as well as other services WLAN leverages existing wired LAN QoS for end to end toll quality voice Current architectures provide benefits, add challenges Fourth Generation approach answers the challenges
22
Thank You! Questions?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.