CWNA Guide to Wireless Lans, Second Edition10-1

CWNA Guide to Wireless Lans, Second Edition10-1

CWNA Guide to Wireless LANs, Second Edition10-1

Chapter 10

Managing a Wireless LAN

At a Glance

Instructor’s Manual Table of Contents
  • Overview
  • Objectives
  • Teaching Tips
  • Quick Quizzes
  • Class Discussion Topics
  • Additional Projects
  • Additional Resources
  • Key Terms

Lecture Notes

Overview

In this chapter, students will explore some of the tasks involved in managing a wireless LAN. First, they consider how to monitor the network’s performance and then look at the steps necessary to maintain a wireless network. The students will also explore the steps for creating a wireless LAN security policy and procedures.

Chapter Objectives

  • List and describe the tools that are used to monitor a WLAN
  • Explain the procedures for maintaining a wireless network
  • Describe the components of a wireless security policy

Teaching Tips

Monitoring the Wireless Network

  1. Stress that network monitoring provides valuable data regarding the current state of the network, which can be used to generate a network baseline and detect emerging network problems.
  1. Explain that monitoring a wireless network can be performed with utilities designed specifically for WLANs and with standard networking tools.

WLAN Monitoring Tools

  1. Provide an overview of WLAN monitoring tools provided by wireless vendors, stressing that the amount of information provided by these tools varies greatly. Mention the two classifications of WLAN monitoring tools.

Device and Operating System Utilities

  1. Explain that most operating systems have basic tools for monitoring the WLAN. Illustrate the Windows Wireless Network Connection Status window with Figure 10-1, and discuss the information that it reports.
  1. Mention that some vendors provide utilities that give more detailed information. Illustrate with Figure 10-2. Explain that these utilities often include a facility to generate statistics by continually “pinging” the access point to test the link. Illustrate with Figure 10-3.

Teaching

Tip / Unfortunately, many vendors do not include device utilities with their products but force the user to rely upon operating system utilities, which do not provide the level of detail that may be needed.

Access Point Utilities

  1. Explain that all APs include utilities that give information about the wireless LAN. Stress that the "status” information reported is sometimes just a summary of the current configuration of the AP configuration and provides no useful information. Illustrate with Figure 10-4.
  1. Discuss the three types of information that can be reported by many enterprise-level APs. Describe in detail the information contained in the event log. Illustrate with Figures 10-5 through 10-7.
  1. Explain that data from the AP and wireless devices can provide information for monitoring the wireless network, such as revealing if there are transmission problems and if those problems relate to one device or several devices in the network.

Teaching

Tip / Another type of log that is important when maintaining a WLAN is a manual log that contains a record of all activities, problems, solutions, and configuration changes. Wireless system administrators should develop the habit of keeping a regular technical “diary” of the system.

Standard Network Monitoring Tools

  1. Stress that, although data from the AP and devices can be beneficial, there are drawbacks to relying solely on these sources of information. Using the list of page 332 of the text as a guide, enumerate these drawbacks.
  1. Explain why some “standard” network monitoring tools are useful in monitoring WLANS. Stress that these tools are standard in that they are used on wired networks and have proven to be reliable. Explain that the two tools often used are SNMP and Remote Monitoring RMON.

Simple Network Management Protocol (SNMP)

  1. Explain that SNMP is a protocol that allows computers and network equipment to gather data about network performance. Mention that it is part of the TCP/IP protocol suite.

Teaching

Tip / Another protocol for gathering network statistics is the Common Management Interface Protocol (CMIP), which is part of the OSI model and was proposed as a replacement for SNMP. However, CMIP requires more resources to operate: the RAM requirement for CMIP is 1.5 MB, while SNMP only needs 64 KB. CMIP has not been widely adopted.
  1. Discuss the role of a software agent in SNMP, and explain the purpose of the MIB. Explain that an SNMP management station must be located on the network. Illustrate with Figure 10-8.
  1. Explain how the SNMP management station gathers data, and describe the types of data that it collects and stores.
  1. Define the term SNMP trap. Explain how the trap is communicated to the management station, and what the management station does in response to this message.
  1. Mention that several “higher-end” APs support SNMP. Illustrate with Figure 10-10.
  1. Stress that implementing SNMP provides an excellent means of acquiring wireless data that can be used for establishing a baseline as well as to generate alerts regarding abnormal network conditions.

Teaching

Tip / The original version of SNMP, SNMPv1, had a serious security deficiency. The second version, called SNMPv2, addresses these concerns and offers some protocol enhancements. It provides encryption as well as faster data transmission and an ability to retrieve more information at one time. However, vendors could not agree on how to implement these security enhancements so they were largely ignored. The current version is SNMPv3 and addresses security and remote configuration.

Remote Monitoring (RMON)

  1. Explain that RMON is a SNMP-based tool used to monitor LANs connected via a WAN. Discuss the concept of a WAN.
  1. Explain that RMON allows a remote network node to gather network data at almost any point on a LAN or a WAN. Mention that it uses SNMP but also incorporates a special database for remote monitoring that includes different groups of statistics.

Teaching

Tip / Some access points support only a limited number of RMON statistical groups due to a lack of memory.
  1. Explain how an AP on a WLAN can be monitored using RMON. Discuss the information that can be collected using RMON, and how it can be used.

Teaching

Tip / Like SNMP, RMON capabilities are generally only found on enterprise-level access points.

Quick Quiz 1

  1. True or False: Most operating systems have basic tools for monitoring the WLAN.

Answer: True

  1. True or False: APs are unable to report information about the connection to the wired Ethernet network.

Answer: False

  1. ______is a protocol that allows computers and network equipment to gather data about network performance and is part of the TCP/IP protocol suite.

Answer: Simple Network Management Protocol (SNMP)

  1. ______is an SNMP-based tool used to monitor LANs that are connected through a wide area network (WAN).

Answer: Remote Monitoring (RMON)

Maintaining the Wireless Network

  1. Stress that wireless networks are not static, and need to be continually modified, adjusted, and tweaked. Explain that the modifications and adjustments are often made in response to data gathered by network monitoring.
  1. Explain that two of the most common functions involve updating the access point firmware and adjusting antennas to enhance transmissions.

Upgrading Firmware

  1. Define the term firmware, and explain its importance to a hardware device. Discuss the purpose of EEPROM in a hardware device, explaining that it is used to store the firmware.

Teaching

Tip / Flash memory is a later form of EEPROM. EEPROMs are byte-wise writable memories, compared to block-wise writable flash memories. EEPROM chips are larger than flash memory for the same capacity because each EEPROM cell usually needs both a read and a write transistor where flash memory needs only one.
  1. Mention that most APs have a browser-based management console. Explain that the html pages are stored on the AP's EEPROM chip.
  1. Stress that new versions of firmware can generally be downloaded and installed on an AP. Using the steps listed on page 336 of the text as a guide, describe the procedure generally followed to update an AP's firmware. Illustrate with Figures 10-11 and 10-12.

Teaching

Tip / Firmware is sometimes available to update wireless NICs.

Teaching

Tip / It is important that the process not be interrupted when a firmware upgrade is taking place. A loss of electrical power may stop the upgrade and make the device unusable.

Teaching

Tip / Firmware upgrades can also be placed on a file server and distributed to each AP.
  1. Explain that enterprise-level access points may often have enhanced firmware update capabilities. Illustrate with Figure 10-13.
  1. Explain that with many enterprise-level APs, once a single AP has been upgraded to the latest firmware, this firmware can then be easily distributed to all other access points on the WLAN. Using the list on page 338 of the text as a guide, describe how the receiving APs must be configured to accomplish this firmware update replication.
  1. Discuss the concept of RF site tuning, describing when and why it is performed. Using the list on page 339 of the text as a guide, discuss some of the RF site tuning setting that may be adjusted after upgrading the firmware of the APs' on a WLAN.

Teaching

Tip / Make sure that the students understand the importance of documentation during RF site tuning. Mention that the documentation should be in both electronic and hard-copy form.

Adjusting Antennas

  1. Discuss the reasons why antenna adjustments are periodically necessary.

RF Transmissions

  1. Using the first list on page 340 of the text as a guide, and using Figure 10-14 to illustrate, discuss the elements involved in a radio frequency link between a sender and receiver.
  1. Define the term link budget. Using the second list on page 340 of the text as a guide, discuss the information needed to calculate the link budget.
  1. Describe the acceptable values for a link budget. Define the term fade margin.
  1. Discuss the concept of attenuation. Using the list on page 341 of the text as a guide, review the various factors that may influence RF loss.

Teaching

Tip / Antennas, radio wave transmissions, and the factors that result in RF loss are discussed and illustrated in Chapter 3.
  1. Explain that antenna adjustments to compensate for attenuation due to new objects in the wireless coverage area or a negative SOM are part of maintaining the wireless network.

Antenna Types

  1. Explain that the type of antenna most typically used on a wireless LAN is a rod antenna, and describe the characteristics of a rod antenna. Mention that they are omnidirectional and that the radiation pattern of the signal is a full 360 degrees around the antenna. Also mention that the transmission pattern of a rod antenna is focused along the horizontal plane, and explain the result of lengthening the antenna. Illustrate with Figure 10-15.
  1. Explain that a sectorized antenna “cuts” the standard 360-degree pattern into four quarters. Mention that each quarter has its own transmitter and antenna, and that the power can be adjusted independently for each sector.
  1. Explain that a panel antenna is typically used in outdoor areas. Illustrate with Figure 10-16. Mention that they provide a tight beamwidth, and are often pole-mounted or surface-mounted.

Teaching

Tip / Antennas can also be mounted to produce a maximum vertical or horizontal signal by a simple change to the bracket mounting.
  1. Describe the concepts of a phase shifter and a beam steering antenna. Stress that by incorporating a network of phase shifters, a phased array antenna can be pointed electronically in microseconds, without any physical realignment or movement of the antenna or its elements.
  1. Explain that the radiation pattern emitting from antennas travels in a three-dimensional “donut” form. Explain how the azimuth and elevation planes can be used to describe this "donut" form. Illustrate with Figure 10-17.

Antenna Accessories

  1. Explain that transmission problems can sometimes be resolved by adding “accessories” to the antenna system, and mention what function these accessories can provide.

RF Amplifier

  1. Explain that an RF amplifier increases the amplitude of an RF signal. Mention when it may be necessary to boost the signal of an antenna, and define the term gain.

Teaching

Tip / Sometimes gain is used synonymously with amplification. However, gain is technically the measure of amplification.
  1. Describe the difference between a unidirectional amplifier and a bidirectional amplifier. Mention that most amplifiers for APs are bidirectional.
  1. Discuss the FCC regulations of 802.11 amplifiers, and explain how these regulations changed in 2004.

Teaching

Tip / At the same time the FCC changed the RF amplifier package requirements, it also clarified that under the Communications Act the FCC has exclusive authority to resolve matters involving RF interference (RFI) when unlicensed devices are being used, regardless of the venue. The FCC also affirmed that the rights that consumers have under the FCC rules to install and operate antennas one meter or less in size apply to the operation of unlicensed WLAN equipment. This means that local municipalities, cities, or neighborhood groups cannot impose restrictions on installations of 802.11 WLAN products on property controlled by a user, except where public safety is a concern.

RF Attenuators

  1. Explain that RF attenuators decrease the RF signal. Mention that an RF attenuator can be used when the gain of an antenna did not match the power output of an access point.
  1. Discuss the difference between fixed-loss and variable-loss attenuators. Stress that only fixed-loss attenuators are allowed by the FCC for use with WLANs.

Cables and Connectors

  1. Stress that connecting antennas, amplifiers, and attenuators to an access point or wireless device requires that the correct cables and connectors be used. Using the list on page 345 of the text as a guide, discuss the rules that govern the selection of cables and connectors.

Lightning Arrestor

  1. Explain the purpose of a lightning arrestor. Stress that an antenna can inadvertently pick up high electrical discharges from a nearby lightning strike or contact with a high-voltage electrical source. Illustrate with Figure 10-18. Mention that if it is installed outdoors, the cable should be connected to a ground rod.

Teaching

Tip / A lightning arrestor will not protect equipment from a direct lightning strike.

Establishing a Wireless Security Policy

  1. Stress that establishing a wireless security policy is one of the most important acts in managing a wireless LAN. Explain that without one, there is no effective security for the wireless network.

General Security Policy Elements

  1. Explain that a security policy is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.
  1. Mention that, because new assets are continually being added to the organization and new threats appear against the assets, compliance monitoring and evaluation must be conducted regularly.

Risk Assessment

  1. Explain that the first step in creating a security policy is risk assessment, which attempts to determine the nature of the risks to the organization’s assets.
  1. Define the term asset. Using the first list on page 347 of the text as guide, describe the various types of assets that an organization may have.
  1. Convey the importance of fully describing an organization's assets when creating a security policy, no matter how lengthy of a process it becomes.
  1. Explain that assets should be assigned relative numeric values indicating their relative value to the organization. Using the second list on page 347 of the text as a guide, discuss the criteria that should be considered when assigning these values.
  1. Explain that the last step is to determine the threats against the assets. Mention that a threat is not limited to those from attackers, but also includes natural disasters, such as fire or severe weather.
  1. Using Table 10-1 to illustrate and as a guide, discuss one method to classify threats.

Security Auditing

  1. Explain that security auditing is the process of determining what security weaknesses in the organization can expose the assets to the threats defined during the risk assessment phase. Mention that security auditing involves taking a snapshot of the current state of the organization's security mechanisms and procedures.
  1. Stress that each threat examined can reveal multiple vulnerabilities.

Teaching

Tip / Determining vulnerabilities often depends upon the background and experience of the assessor. It is recommended that teams composed of diverse members be responsible for listing vulnerabilities instead of only one person.
  1. Explain that vulnerability scanners can be used to compare the asset against a database of known vulnerabilities, and produce a discovery report that exposes the vulnerability and assesses its severity.

Impact Analysis

  1. Explain that an impact analysis involves determining the likelihood that the vulnerability is a risk to the organization.
  1. Mention that not all vulnerabilities pose a significant risk. Using the list on page 349 of the text as a guide, discuss the ranking scale that be used during impact analysis.
  1. Explain that the next step is to estimate the probability that the vulnerability will actually occur.
  1. Explain that the final step is to determine what to do with the risk. Using the list on pages 349 and 350 of the text as a guide, discuss the possible options for dealing with a risk. Mention that, while it is desirable to diminish all risks to some degree, if this is not possible, the risks for the most important assets should be reduced first.

Functional Security Policy Elements

  1. Explain that baseline practices establish the benchmark for actions using the wireless network. Mention their importance in creating design and implementation practices. Stress that design and implementation practices form the foundation of what conduct on the wireless LAN is acceptable.
  1. Stress that a security policy must specifically identify physical security, and that the primary goal of physical security is to prevent unauthorized users from reaching the equipment in order to use, steal, or vandalize it. Mention that one of the difficulties with WLAN physical security is the nature of RF signals.
  1. Discuss the concept of social engineering. Explain the ways in which social engineering can be defeated.

Quick Quiz 2

Top View