Presentation is loading. Please wait.

Presentation is loading. Please wait.

QoS and Security Decisions in WiFi Telephony Jonathan Zarkower Director – Product Management The Intelligent Wireless Networking Choice.

Published byDoris Whitehead Modified over 9 years ago

Similar presentations

Presentation on theme: "QoS and Security Decisions in WiFi Telephony Jonathan Zarkower Director – Product Management The Intelligent Wireless Networking Choice."— Presentation transcript:

1

2 QoS and Security Decisions in WiFi Telephony Jonathan Zarkower Director – Product Management The Intelligent Wireless Networking Choice

3 Agenda  Setting a Framework  Next Generation Requirements/Architectures  Summary  Q&A

4 Setting a Framework

5 WLAN Adoption Trends  Pervasive clients  Strong, standards based foundation; adequate security broadly available  Business cases established  Management model and tools exist  Large-scale deployment successes  Interoperability enforced (WiFi) Early Adopters 1998-2000 Large-Scale Adoption 2001-2004  Limited client availability  Standards emerging; proprietary implementations  Technology push vs. business pull  Trials, pilots, “islands” of limited deployment  Interoperability and scalability not proven out  Multi-purposed “smart” clients  Next Gen Standards;.11n,.11k,,TR-59, etc.  WLAN-based Triple Play; QoS enabled  Wholesaling, client Auto- provisioning, Managed WLAN Services  “WiFi Everywhere” MultiService Generation 2005+ Over the Next Two Years, WLANs will represent the emerging point of convergence for other leading technology sectors including Security, VoIP and RFID

6 Fourth Generation WLANs

7 Typical Multi-Service WLAN System  Access devices integrate with wireline network and deliver core WLAN services  Controller/Switch enables enhanced WLAN services  Centralized management system provides scalability WLAN Management Central Site/Campus VLAN Switch/Router Controller/Switch Access Points AAA, VPN, DHCP Servers LAN/WAN Backbone Remote Sites Secure WLAN Gateway

8 A View of Current WLAN Services Multi-Service Operating System Public & Guest Access Secure Data Voice Multi- Media Mobile Business Apps WLAN Services Networking Functions Multi- Layer Security WLAN RF Wireline/ Wireless Integration End-To-End Management Network QoS Multi-Service OS can deliver multiple WLAN services per network Separate SSID/BSSID per service ensures client interoperability Each service tunable for optimum application performance Multiple Instances of any service provides flexibility

9 Key System Service Features Secure Data  Layer 2 (802.1x, WPA, WEP, MAC auth)  Layer 3 (complete VPN security, IP filtering)  Integrates with corporate AAA database Voice  Flexible handset support  Service-Aware soft-phone support (SIP, H.323)  Fast hand-off/roaming, extended battery life Multimedia  802.11e EDCA and Service-Aware QoS  Wireline QoS integration (802.1p, TOS/DiffServ) Mobile Business Apps  Configurable QoS and security policies for specialized client devices Public and Guest Access  “Zero-config” client ease-of-use  Multiple security and QoS profiles  Support for major back-end billing services

10 Secure Data Services Layer 3 IP address filtering limits destination addresses VPN termination, aggregation, or filtering Stateful Firewall provides session-aware security Layer 2 Traffic segregation and VLAN mapping per SSID 802.1x authentication leverages existing AAA db Layer 2 Isolation provides security at the client level SSID=Employee Security=VPN LAN/WAN WLAN Gateway Data Center AAA VPN Server

11 Toll-Quality Voice  Broad QoS support for VoWLAN handsets  SpectraLink, 802.11e, Vocera, SIP and H.323 soft phones  Transparent client subnet roaming support  Traffic segregation and IP filters reinforce security  Support for 3 rd party power- save modes Employee Server VoIP Gateway SSID=VOICE Security= WEP IP Filter=VoIP G/W QoS=P1 Router Data Center Subnet “A”Subnet “B” Seamless Subnet Roaming

12 Multimedia  802.11e EDCA QoS protocol support  Four classes of service enable rich multimedia applications  Service-Aware QoS for non- protocol client devices  Enables legacy devices to access QoS  Mapping to wired network QoS policies  802.1p and TOS/DiffServ integration Switch/Router Video Server SSID=VIDEO Security=Open Filter=Video server QoS=P2 SSID=Multimedia Security=WPA QoS=802.11e SurveillanceVideo Conference Internet

13 Mobile Business Applications  Configurable security policy  MAC authentication and IP filters provide strong security for weak client devices  Separate SSID/BSSID per service  Ensures compatibility with 3 rd party devices  Configurable Power Save signaling  Configurable QoS policy  Enables applications to be prioritized  Per AP flexibility enables tuning per RF footprint Barcode scanners Asset Tracking Tablet Computer Specialized Client Devices Any client device, user category, application type

14 Public/Guest Internet Access  “Zero configuration” user interface  Adapt to client PC configuration (IP add., web proxy, etc.)  Web redirect and authentication simplifies login  Adaptive NAT TM ensures user access to VPN applications  Flexible AAA support  Interoperates with 3 rd party billing services  Supports variety of business models (scratch card, credit card, etc)  Usage or elapsed time session accounting  Rich access control features  Captive portal support enables private content delivery  Web proxy redirect and black list support controls user destinations  Configurable bandwidth management limits access to Internet bandwidth per user, or per service

15 Centralized WLAN System Management  Optimizes total cost of ownership  Centrally managed WLAN device and security policies  Auto discovery, configuration and firmware management  Group policies simplify network operation  Scalable to manage 1000’s of devices and users  Must work with distributed campus and branch topologies  3 rd party NMS integration  Centralized WLAN Monitoring  Comprehensive Rogue AP detection  Performance and troubleshooting tools  Multi-vendor AP management  Ease of migration from legacy to next generation

16 Management Tools Reduce TCO  Ease of Deployment Tools  Automatic channel selection  Auto Power  Ongoing RF optimization to ensure consistent client performance  Strong Network Operations Tools  Packet capture Remote debug tool to work with standard protocol analyzers  Client data rate matrix Quickly identify client performance problems and optimize RF coverage  Client authentication trace Identifies complex association and authentication problems with plain English messages  Syslog Provides real-time information to network operators  SNMP Standards-based Fault Management, Configuration, Accounting, Provisioning, Security

17 Next Generation Requirements/Architecture

18 Next Gen WLAN Requirements  Scalability – Single architecture fits centralized and distributed organizations, large and small facilities  “WLAN adoption will accelerate over the next two years, with more than 50% of organizations deploying WLAN by 2006”…Meta Group  High performance – >100 Mbps client bandwidth with QoS for multimedia applications  802.11n (MIMO), VoWLAN QoS  Reduced cost – TCO competitive with wired Ethernet  Installation, operation and equipment costs  Rich services – Business mobility applications, plus access to wired network services  NAC, location-based applications, RFID

19 Current WLAN Architectures  Layer 2 security  Strong access control and privacy  Seamless roaming with security  Ease of deployment and operation  Centralized management  Automatic RF configuration  Scale  Sq ft “sweet spot” doesn’t fit very small or large facilities  Performance  10 VoWLAN session limit  Fork-lift upgrade for 802.11n  Cost  $1.10 per sq ft. AdvantagesChallenges

20 Fourth Generation Architecture  Distributed intelligence increases performance and scalability  X more voice sessions  10x larger networks  50% better QoS (jitter and latency)  Data processing at WLAN edge reduces cost by ½  $0.5 per sq ft  Separate WLAN control and management appliances provide smooth upgrade to 802.11n  Distributed processing increases service reliability LAN DataPlane ControlPlane ManagementPlane Client packet Forwarded Client access & QoS control, roaming WLAN RF & system mgt. Switch/Controller NMS Access Points

21 Summary  Voice is one of many services being added to WLAN  Unique requirements exist for WLAN voice, as well as other services  WLAN leverages existing wired LAN QoS for end to end toll quality voice  Current architectures provide benefits, add challenges  Fourth Generation approach answers the challenges

22 Thank You! Questions?

Download ppt "QoS and Security Decisions in WiFi Telephony Jonathan Zarkower Director – Product Management The Intelligent Wireless Networking Choice."

Similar presentations

Responsive Communications for the Mobile Worker Making Wireless as Good as Wired Micky Tsui, Vice President & General Manager, Converged Systems Division.

Responsive Communications for the Mobile Worker Making Wireless as Good as Wired Micky Tsui, Vice President & General Manager, Converged Systems Division.
Designing for Pervasive Network Security. Designing for Security Our aim in this section will be to concentrate on how campus Networks can be designed.

Designing for Pervasive Network Security. Designing for Security Our aim in this section will be to concentrate on how campus Networks can be designed.
MP-252 – All-in-One July 2010.

MP-252 – All-in-One July 2010.
Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)

Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)
Agenda Product Overview Hardware Interfaces Software Features

Agenda Product Overview Hardware Interfaces Software Features
Application Guide For Mesh AP – MAP-3120

Application Guide For Mesh AP – MAP-3120
SV9100 Business Mobility (Migration)

SV9100 Business Mobility (Migration)
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
1 Tainet IP PBX solutions Tainet Communication System Corp.

1 Tainet IP PBX solutions Tainet Communication System Corp.
All Rights Reserved © Alcatel-Lucent 2010 1 | Enterprise mobility | 2010 Laurent Bouchoucha October, 2010 Seamless mobility in a secure and controlled.

All Rights Reserved © Alcatel-Lucent | Enterprise mobility | 2010 Laurent Bouchoucha October, 2010 Seamless mobility in a secure and controlled.
Wireless Design for Voice Last Update 2011.06.11 1.0.0 1Copyright 2011 Kenneth M. Chipps Ph.D. www.chipps.com.

Wireless Design for Voice Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.
Protection notice / Copyright notice HiPath MobileConnect Delivering on the Promise of Enterprise FMC February 2007.

Protection notice / Copyright notice HiPath MobileConnect Delivering on the Promise of Enterprise FMC February 2007.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.
7.1 © 2007 by Prentice Hall 7 Chapter Telecommunications, the Internet, and Wireless Technology.

7.1 © 2007 by Prentice Hall 7 Chapter Telecommunications, the Internet, and Wireless Technology.
1 © 2004 Cisco Systems, Inc. All rights reserved. In-Building Wireless Conference – Feb.’04 “DUAL-MODE” WIRELESS TELEPHONY: THE CONVERGENCE OF VoIP + WI-FI.

1 © 2004 Cisco Systems, Inc. All rights reserved. In-Building Wireless Conference – Feb.’04 “DUAL-MODE” WIRELESS TELEPHONY: THE CONVERGENCE OF VoIP + WI-FI.
All Rights Reserved © Alcatel-Lucent 2010 1 | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
Motorola Document Classification, File Name, Rev Number Add additional legal text here if required by your local Legal Counsel. MOTOROLA and the Stylized.

Motorola Document Classification, File Name, Rev Number Add additional legal text here if required by your local Legal Counsel. MOTOROLA and the Stylized.

Similar presentations

Ads by Google