A reliable wireless network is invaluable to businesses as their workforce becomes more mobile. You may be designing a new network as part of an upgrade to 802.11ac technology or as part of a physical expansion of your company. Today’s post provides tips for designing a rock solid wireless network. By building in security, planning for access and capacity and factoring in the specifics of your location and business, you’ll create a wireless network that keeps your users mobile and productive. Read on to learn how.

We’re listing this one first because security should be thoroughly integrated into all the other steps of your network design. It can sometimes be too easy to let security become an afterthought. Business needs, like access and cost control, are usually apparent to all stakeholders. But the threat of a security breach can seem like a distant possibility until it happens. Don’t make the mistake of letting security measures take a backseat to your other requirements.

Here are a few things to build into your wireless network from the initial design:

Encryption: WPA2 with enterprise authentication is the most-recommended option. A pre-shared encryption (WPA2 Personal) key might work for very small companies. But enterprise encryption not only avoids some potential vulnerabilities of pre-shared encryption; it is also much easier to manage as employees come and go from your organization.

Physical Security: Consider physical security when determining where to place your access points (APs). They should be hidden and secured in a way to prevent theft and accidental or intentional damage.

Prevent Intrusion and Rogue APs: Wireless intrusion prevention systems (WIPS) can prevent a host of security incidents. Deploy a WIPS from the start to monitor for attacks on your network. Rogue APs can also become an issue in some companies. Occasionally, a tech-savvy employee will add an unauthorized AP that opens the network to security breaches. Your WIPS can help detect these as well. Another threat to be aware of is “WiFi honeypots” like WiFi Pineapple. Educate your users on the threat that this poses if doing business over open WiFi networks, and invest in a WIPS that can help you detect them.

BYOD Policy: Inevitably, employees and guests will want to connect to your wireless network using their personal devices. In some companies, bring-your-own-device (BYOD) is one of the ways that technology needs are met for the organization. Either way, you’ll need a clear policy for who and how these personal devices can connect to the network. In many cases, the best and simplest solution is to have a secured network for company devices and business, and an open network for BYOD users and guests. This will allow them to connect to the Internet without accessing proprietary company applications.

Segment Older Devices: If your business depends on legacy devices like older wireless printers, then more recent and secure forms of encryption might not be available on them. Put these devices on a virtual network of their own with its own SSID to avoid compromising the rest of your network.

Access-points-capacity-needs

Your wireless network is only as good as the convenience it provides. If users are wandering around trying to find the best connection or standing around waiting for their downloads, you’re going to have unhappy clients and possibly re-work to do. Some research and planning up front will help you determine the right number of APs, their placement, and the capacity you need.

You’ll want to gather data on:

Number of Users: Determine how you expect this number to change over time. Find out whether different departments will be growing or working in a more dense environment due to a remodel or location change.

Applications and Device Types: Are some departments doing a lot of video streaming? How much email volume needs to be supported? Will users be implementing new applications in the future, like video conferencing? Look into the kinds of applications and devices that will be used on the network and the volume of required throughput they’ll contribute.

If you’re designing a new network to replace an older one, you can use data from your existing network to determine your bandwidth and AP needs. You should also set up time to interview managers and stakeholders in all departments to get an idea of how these numbers could fluctuate over the expected life of your wireless network. Find out about business plans and changes that users might not realize could affect WLAN requirements. For instance, if the marketing department intends to bring some of their work from an agency to an in-house team, they may need to be able to email or transfer a lot more graphics and video content than they do now. Or, the accounting department might want to implement a more powerful database down the road. Make sure you are clued in to these plans so you can support the business’s needs over time.

If you’ve determined that you need more than a handful of APs, then you will want to utilize a wireless controller. This will simplify management, making it an investment that will save you time and money in the long run. It can also make your network more reliable by automatically shifting traffic if an AP fails.

Interference Sources

Dense building materials, metal pipes, water, electronics, and overlapping signals can all interfere with your wireless network. To overcome these, you’ll need to place your APs properly and choose the right types of antennas for your environment. Some testing and planning ahead of time will help you minimize interference.

Make sure your APs are properly spaced from one another and try to avoid setting APs to the same channel if they’re in close proximity. Using the 5GHz band (your only option if using 802.11ac technology) means you’re less likely to have interference from devices. However, if the primary issue in your environment is thick walls and floors or dense building materials, then 2.4GHz might be a better choice. You’ll lose speed, but the trade-off may be worthwhile to improve coverage.

Business-Equipment

Smaller businesses sometimes make the mistake of thinking they can buy consumer-grade APs. But these aren’t usually built for the kind of security and scalability that businesses need. Avoid the risk by investing in equipment made for enterprise networking, not home networking.

If you’re in a certain industry like healthcare or retail, there are APs specifically designed for your type of business. Consider, too, whether you will want to place APs outside or in an area that has extreme conditions like hot or cold temperatures. You’ll need the right equipment to function in these environments.

Cisco, Cisco Meraki, and Aruba are brands that Summit frequently recommends to our customers who want the right equipment for their unique business needs. For companies that have U.S. operations, note that all newly-manufactured Cisco APs sold in the U.S. are now -B domain in order to comply with FCC rules changes; these can operate in the same network as your existing -A domain APs.

Resources-wireless-network

If you’re new to wireless network design or you’re making a big change, it can be worthwhile to hire an experienced consultant to assist with your site survey and network design. While there are free and low-cost software tools to aid you in placing your APs, like so many things, you usually get what you pay for when you choose a low-cost option for a complicated job. If in doubt, consider hiring a trusted consultant to work with you. Spending a bit more budget up front and getting it right the first time can save you a lot of hassle and money in the long run.

With adequate security measures, research, and planning, you can design a solid wireless network that will keep your business mobile and performing smoothly. When you’re ready to look at your equipment options, experienced Summit representatives are available to help you make the right choice for your unique business.