Advanced business Wi-Fi–what needs to be done

OpenMesh managed access point product picture courtesy of OpenMesh

OpenMesh managed wireless access point

A class of Wi-Fi network setup that is appearing in the business networking market is what I would describe at best, “advanced” Wi-Fi. This typically is positioned as “managed Wi-Fi” or “virtualised Wi-Fi” due to the way these systems can be managed to suit business requirements or set up to serve multiple networks.

What does advanced Wi-Fi offer

But what does it offer? These networks are dependent on a Wi-Fi network controller that connects to compatible Wi-Fi access points using a Cat5 Ethernet wired backbone which also links them back to the Internet and other business network resources. Some of these systems may provide this kind of management through a cloud-hosted controller rather than a controller appliance installed on the premises.

The IT department can control these systems using a single dashboard, whether this is in the form of a Web-based front-end or a native client program.

The tricks that these systems have up the sleeve include:

  • the ability to adjust the operating channel, transmit power and other parameters of the access points to achieve the desired network coverage and bandwidth for the whole network;
  • to implement a combination of VLAN (virtual local area network), multiple ESSIDs (wireless network names) and related technologies to allow the same group of Wi-Fi access points to serve multiple networks thus creating a “neutral-host” or “multiple-host” Wi-Fi network; and
  • to work as Wi-Fi intrusion-detection/prevention systems to protect the network’s users against rogue wireless-network activity.

What are the current limitations

But there are limitations that need to be looked at to make this technology viable across all business types.

Lack of vendor independence

One is the lack of vendor independence and interoperability. Here, most of these systems are dependent on hardware and software offered by the same vendor which can be very limiting when a business wants to expand their Wi-Fi network’s footprint or replace end-of-life equipment in their system. It can be especially very frustrating for situations where their vendor doesn’t have an access point that ticks the necessary boxes for a particular application such as, for example, a weatherproof outdoor design that supports dual-band 802.11ac or the software doesn’t support the functionality that a customer is so after.

The same situation can be very frustrating whenever a vendor declares end-of-life for a particular managed-wireless-network platform, ceases to trade or is taken over by someone else. This can raise various support issues whenever you need to replace older equipment or improve on your existing system.

Here, you could end up dumping all of the access points that you bought for an advanced-WiFi setup if you had to change to a new platform or vendor, rather than allowing for a gradual changeover where you can keep existing equipment going.

Systems placing small business out of the equation

As well, not many systems are designed to cater to small-business users who want to effectively “start small” and “grow up”. A classic situation that may occur is for the business to use a single access point or router but as they grow, they add another access point to obtain an increased footprint such as to cover the neighbouring shop they just leased.

Typically, most of the managed Wi-Fi systems require the use of an access-point controller and the compatible access points for them to work. But this could be facilitated through the use of software-based enablement of this functionality for business-grade access points and routers where you only need to download particular software to these devices to add on this functionality.

Such a concept can be facilitated through network-hardware vendors adopting an “app-store” approach where they can offer additional software that a user can download to their network hardware, similar to what happens for smartphones and tablets.

Lack of secure inter-network data exchange abilities

Small businesses - Belgrave shopping strip

Shopping strips and similar developments could benefit from open-frame advanced Wi-Fi setups

Another missing feature is the ability to exchange data between multiple managed wireless networks to permit cohesive operation amongst the multiple networks. What could this feature offer?

Such a feature would benefit building-wide or development-wide wireless-network optimisation for multiple-occupancy developments including to create a “ring of protection” around the building for the occupants’ wireless networks. But it would require that the individual occupants can be able to have control of their networks.

The feature can also support secure authenticated access to private wireless networks via other trusted wireless networks. Such a setup could cover a multiple-occupancy building’s communal areas like lobbies, food courts or garden areas; or for extending private Wi-Fi coverage to business partners’ offices or local “watering holes” like hotels, bars and cafés. The concept here is about creation of a “neutral-host” or “multiple-host” Wi-Fi network in the communal areas or “watering holes” where all of the occupants have access to their networks in the same manner as what would happen when they discover and log in to the Wi-Fi network on their premises.  This situation is becoming increasing real as an increasing number of multiple-occupancy developments are heading towards the “mixed-use” direction where there is office, shopping, entertainment, residential, hotel and/or other space within the same development.

This functionality would require the use of tag-based or port-based VLANs (virtual local-area networks) as a way to link private LANs to the access points, and this may be already in place with multi-occupancy buildings where a business may occupy office and/or retail space across differing floors. Or it can be facilitated on a WAN-based effort through the use of box-to-box VPNs, typically used to link business locations across the world.  There could be the opportunity to have this kind of private-network-access enabled on a long-term basis such as through one’s tenancy or business partnership; or on an “ad-hoc” basis where it is enabled as required such as for a conference.

Less relevance to home-network users

Yarra's Edge apartment blocks

Apartment blocks and other residential developments can benefit from advanced Wi-Fi setups

At the moment, advanced Wi-Fi network technology is not being perceived or pitched as being relevant to home network users even though there is a use case for this technology amongst this user class.

This technology can be made relevant for home networks established in high-density or multiple-dwelling environments including the “mixed-use” development reality that I have outlined above. This is because these kind of environments involve many home and other Wi-Fi networks operated close together through that development.

Such networks can be set up for automatic channel and signal-strength optimisation across a block or street while these networks can be integrated with access points installed in common areas that can provide access to the development’s occupants’ networks on an ad-hoc basis. As well, if a development has one or more businesses or facilities of benefit to all the occupants like a food court, café or bar, the households could “extend” their Wi-Fi network to the meeting place for the duration they are in that location.

What needs to happen

Standardised secure data exchange within and between networks

The main requirements that would improve advanced business Wi-Fi would be the network to exchange configuration and instrumentation data in XML files that are defined by the industry for this application.

Rydges Melbourne

Hotels can also benefit from an open-frame managed wireless network so that it is easier for businesses to securely “extend” their networks to these places when they organise events or lodge employees at these facilities

As well, the established secure-data-interchange standards need to come in to play for exchanging data between the devices in a managed Wi-Fi network and between managed Wi-FI networks. For inter-network access, the ability to implement VLAN connections via Ethernet, xDSL or fibre-optic setups using the same physical link as an Internet service link can be investigated for intra-building setups while manufacturers need to research simple-yet-secure VPN setup procedures for setups that traverse multiple buildings and logical networks. This also can appeal to convention / exhibition facilities and hotels which businesses make use of very frequently to host their events or lodge employees who are attending business events.

The secure-data interchange could be based on SSL standards for data-in-transit encryption while a set of XML data schemas and filetypes can be used for defining the data that is transferred.

Similarly, a system of trust needs to be established to permit exchange of data between networks especially where inter-network instrumentation is involved. It also includes determining an effective “range of influence” for managing Wi-Fi networks from outside the logical network. This could be based on a “hop-count” or similar mechanism for inter-network data exchange and may require that a high-density or multiple-occupancy development be equipped with its own network electronics that covers all services in that development.

Shared network discovery

In the case of high-density or multiple-occupancy developments which have common areas, there needs to be a way to discover the existence of configurable common-area wireless networks that cover these areas. Once such a network is discovered by a building occupant’s network, it could then be feasible for the occupant to establish or configure an extension network to cover the communal area.

This would primarily be about a “publish-and-subscribe” arrangement where the building’s management or businesses who want to offer fellow occupants use of their Wi-Fi networks can share the data about these networks on a development-wide basis while the occupants can discover the communal networks they can benefit from when they configure their network equipment.

To make it work effectively as far as the end-user is concerned, it may involve knowledge of a particular Internet-based URL which may carry the data for a particular communal network or a particular development with many communal networks. A “hop-count” discovery protocol may also have to be investigated for automatic development-wide discovery of these networks.

Conclusion

So it seems like that there needs to be a lot of work to make the advanced Wi-Fi wireless network earn its keep amongst a large user base rather than just a sole-occupied corporate office.

Update (1 December 2016): A reference to “neutral-host” Wi-Fi networks which are a single Wi-Fi infrastructure set up at the order of a venue, but is set up to provide a logical-network link to other networks like business-partners’ / occupants’ own networks or public-access Wi-Fi networks.

Leave a Reply