Wireless networking hits its stride with 802.11b standard

Wireless Ethernet

http://www.internetweek.com/reviews01/rev030601.htm

Cut The Cord
Wireless networking hits its stride with 802.11b standard
By CURTIS FRANKLIN, InternetWeek

The future is wireless, or so we're told. While vendors work out the
formula for devices and services that will put wireless clients into
every consumer's hands, at least one wireless networking technology has
moved out of the early-adopter stage. Wireless Ethernet, defined by the
802.11b standard, is coming into its own as a common technique to
connect clients to networks. It is this genuine maturity that new
technologies are pushed to achieve. This is the magic place on the
product life curve when companies can begin ordering and installing the
technology as a solution rather than as an experiment. 

We took five separate 802.11b systems to the Review Bunker at the
University of Hawaii's Advanced Network Computing Lab to see whether
these products truly are as mature as they seem. We wanted to see
whether the wireless networking systems would be easy to integrate into
an existing network and easy to forget once they were installed. In
short, we wanted to find out whether wireless networking systems can
replace standard 10Base-T with no performance or management penalties
for users and administrators.

Five companies accepted our invitation to this lab test. Cisco,
Enterasys Networks, Intel, Proxim and Symbol Technologies brought
network access devices, management software and wireless PC cards to the
Review Bunker and helped us put the systems through their paces. (See
"How We Tested," below.) In the end, we found that there's a lot of good
news in wireless networking, along with one little detail that will
cause you some trouble.

The good news is that every one of the systems we tested works. All of
them performed the basic functions we asked of them, and it's unlikely
that choosing any of them would lead to your immediate dismissal from
your current position. With all this happiness, what's the bad news?
There are significant differences in the way each system works into an
overall network architecture, and even more significant differences in
the management software provided with each system. You'll have to look
at each product and see how it fits in with your current network--as you
would any other mature networking product.

The Heart Of Wireless
In 1997, a standards committee of the IEEE defined a wireless networking
service with the musical name "802.11." Standard 802.11b uses
frequencies in the 2.4-GHz band to transmit data at up to 11 Mbps,
though lower rates of 5.5, 2 and 1 Mbps are defined in the standard for
situations in which the signal conditions won't allow full network
speed. While the signal strength and speed are not solely dependent on
distance between access point and client, the two are tied together in
such a way that many potential buyers will ask: Will my users notice a
performance difference if they are using wireless rather than cabled
network access? How far will a wireless system allow users to roam
without the need for cables?

The first question is the easier one to answer. We found that in all our
tests, the performance of all five wireless systems matched what we
would have expected from a cabled system. This means that the transfer
rates we saw were controlled by the application rather than by network
transport limitations. It's important to remember that the performance
of 802.11b is comparable to that of 10Base-T--if you have users who
depend on a 100-Mbps link to move large files around the company, you
should leave them attached to the cable. 

Distance is a much more difficult issue to pin down. If the question is,
"How far will a wireless network stretch?" then the answer is, "It
depends." In our tests, we found that some systems lost connectivity
with the roaming workstation much more quickly than others. In some
situations, systems can hit the limits of usable signal strength within
50 feet of the access point. On the other hand, special-purpose
directional antennas can extend the reach of the network to more than 20
miles under ideal conditions. We didn't require our five vendors to
demonstrate a 20-mile reach. 

In our more limited tests, we found that there were some differences in
the range of the systems. As we circled the floor at the lab, three of
the systems--Enterasys, Intel and Symbol--demonstrated similar
performance. In each case, we walked away from the first access point,
down a hallway about 70 feet long. The signal remained strong all the
way down the hall and around a corner, until we walked another 20 feet.
There, the signal would fade, and we were out of network contact until
we rounded the next corner, when the signal from a second access point
was raised. The scenario was repeated with the second access point as we
continued the circuit around the third corner and back to the beginning.

The two other systems in our test showed a different performance
profile. In the case of Proxim, the client lost signal strength long
before it diminished with any other system. It was apparent that the
antenna Proxim included as standard on the tested units didn't have the
radio gain exhibited by other antennas. Cisco's system went in the other
direction for performance, never losing touch for more than a couple of
seconds as we toured the test circuit. Cisco didn't have magic
antennas--it seemed that Cisco's units gracefully stepped down network
speed to cope with diminished signal strength without entirely losing
contact.

There was no significant difference in the systems' performance in the
long-range separation test, which involved a connection dropped for at
least 10 minutes to 15 minutes. In every case, the client would lose
contact with the access point soon after the elevator doors closed at
the lab and re-establish contact when the elevator doors opened on the
floor housing the distant access point. There was a bit of good-natured
discussion among vendor representatives about precisely when
connectivity was lost: If one system lost connectivity as soon as the
elevator doors closed while another held connectivity until the elevator
descended three or four feet, does that represent a "significant
difference"? We decided that it doesn't. If your regular pattern of
computer use requires connectivity in an elevator, you should plan to
install an access point on the elevator's ceiling--and probably develop
a new pattern of computer use.

The Software Side
When we looked for significant differences between the systems, we found
them in the management software accompanying each company's solution.
Intel and Symbol presented solutions that were nearly identical--not
surprising, since there are deep cross-licensing and cooperative
development agreements between the two companies. The software
accompanying both companies' products shows the influence of Intel's
experience in the consumer market. Among all the software we saw, that
of Intel and Symbol did the most to help users understand the radio
portion of the system, providing Site Survey functions that record
signal strength in various locations so that users can plan the final
positioning of network components.

Proxim's software bore the influence of a huge installed base of much
lower-bandwidth (1 Mbps), earlier-generation equipment. Proxim's
greatest strength was the wide variety of filtering and routing provided
by the software, so that unnecessary packets aren't sent to clients.
It's a set of functions that should be of tremendous interest to the
government and institutional users that historically have been heavy
Proxim users.

Both Cisco and Enterasys aim their software at the large enterprise
user. Enterasys, for example, doesn't do the site survey that Intel and
Symbol perform--its assumption is that the professionals on staff
already know where equipment should be located. The vendor does provide
separate survey tools for use by resellers and installers, and those
tools are quite powerful, to the point of helping to generate proposals.
Enterasys includes features that make it easy to propagate policies and
settings over a large number of access points and clients, easing the
load on administrators and managers.
Cisco also looks out for the large corporate user, with software that
facilitates downloading settings from the policies already established
on the enterprise Cisco backbone.

Cisco Aironet 350
Cisco's wireless networking system is designed to extend Cisco's
dominance in enterprise networking out through the ether into the
radio-frequency realm. To this end, Cisco has presented a solid system
with features aimed at enterprise deployment, especially if the
enterprise already has Cisco routers on its backbone.

The Aironet access points were installed quickly by the Cisco team,
connecting to the ANCL network via an autosensing 10/100Base-T port and
drawing power through the Ethernet cable. Since our infrastructure
components aren't power-enabled, Cisco provided line power injectors to
deliver electricity to the devices. Once we began testing, the Aironet
APs worked well, providing the only standout performance on our
local-roam test. Virtually all 802.11b access points will step
throughput from 11 to 5.5, 2 and finally to 1 Mbps as the signal
strength degrades. Cisco was the only system to do so automatically and
gracefully, maintaining a link through virtually the entire transit of
the local roaming course.

There are a number of ways to configure the software for the Aironet
system: An administrator may use Telnet, SNMP, FTP, TFTP, HTTP or a
direct serial connection to link with the access point. In addition, the
Aironet can automatically configure through receipt of BOOTP or DHCP
commands. Setting up the access points was straightforward using
parameters we supplied to the Cisco team. Had the ANCL infrastructure
been heavily stocked with Cisco backbone components (it wasn't--the
lab's infrastructure is a testament to the power of interoperability),
setup would have been much easier: Aironet access points can retrieve
virtually all their operating parameters from tables established in core
Cisco routers. Security keys (either 40-bit or 128-bit) are among the
parameters that can be managed either through the core Cisco routers or
through management software on the access point. Key management is a
crucial issue in wireless security, and Cisco has optimized its
management scheme for enterprise applications in which tens to hundreds
of access points will be under central control.

Aironet installations can be extended through the use of multifunction
or workgroup wireless bridges. The multifunction bridge is designed to
link network segments, providing connectivity between access points
separated by as much as 18 miles. Workgroup bridges can be configured as
either a segment-to-segment bridge, or a combination bridge and access
point for up to eight wireless clients.

We were impressed by the combination of excellent roaming performance
and enterprise-ready management software. If your enterprise network
infrastructure is already heavily populated with Cisco devices, the
Aironet system will make propagating policies and keys a painless,
nearly invisible process. If not, this is still a solid performer that
will provide users wireless connectivity at wired speeds. For the
combination of features and performance, the Aironet 350 has earned both
InternetWeek Approved and Best of Breed awards in this lab test.

Enterasys RoamAbout
Like the rest of the products we handled in this lab test, the RoamAbout
system is competent across a wide range of deployments, but seems
particularly suited to a crucial niche. While Cisco seems to target the
large enterprise, Proxim the government and institution and Intel/Symbol
the remote installation, Enterasys seems to have the
management/industrial crossover market squarely in its sights with its
design of the RoamAbout. From the decidedly industrial appearance of its
access points to case studies detailing installations on forklifts and
robots, Enterasys has designed a system optimized not just to eliminate
cables, but to make portability a possibility.

RoamAbout demonstrated local roaming performance that placed it in the
mainstream of the tested systems. On the long-distance roaming test, it
displayed one interesting characteristic: The client was able to briefly
connect to the initial access point when we were outside the ANCL
building. We didn't have to walk very far before the signal was lost,
but it was a performance differentiator.

Management software was a crucial issue in the test, and Enterasys once
again showed an enterprise/industrial bias in the interfaces and
functions of the software. While the Enterasys software is not difficult
to use for a single access point, it's strong points are facilities for
propagating configuration details--especially security keys and
filtering rules--across networks of wireless access points. Other setup
details, such as the "site survey" that measures signal strength and
throughput at various locations, are handled by a separate program
designed for use by system integrators and commercial installers. The
survey software is powerful and complete, but it is not designed with
the end user in mind.

The philosophy of the survey tool is evident throughout the RoamAbout
software. This is a package designed with a network professional, not a
first-time user, in mind. For example, most of the systems we tested
will do access point discovery--a process of polling through specified
IP address ranges to see which devices identify as wireless access
points. Enterasys software doesn't perform discovery--it assumes that
the network administrator knows where the devices and their addresses
are, and hence will find it easier to simply enter them into the
software than to let new pieces of software query the network. While the
wireless system can benefit from the features of certain Enterasys
switches--drawing, for example, electrical power from the
powered-Ethernet ports of some models--it doesn't seem quite so tightly
tied to the Enterasys core devices as the Aironet is to a Cisco
infrastructure.

RoamAbout systems can be extended through the use of high-gain antennas,
with RoamAbout access points acting as both wireless hubs and bridges
between segments. Security for the connections is the same as with the
other units we tested, either 40- or 128-bit Wired Equivalent Privacy
(WEP) security.

Strong hardware performance and software that delivers features friendly
to the enterprise network manager earned the RoamAbout system the
InternetWeek Approved badge, and let it share the Best of Breed award
with Cisco's Aironet.

Intel PRO/Wireless, Symbol Spectrum24 Intel and Symbol each sent teams
to the Review Bunker for this lab test. They had adjacent testing slots,
and performance that was essentially identical--appropriate results for
systems that contained identical hardware and almost identical software.
The two companies have signed a number of joint development agreements
with the idea of combining Symbol's experience in wireless devices with
Intel's expertise in developing and marketing systems for large markets.
Both the PRO/Wireless and Spectrum24 seem to bear some fruits of the
union.

Both systems performed capably in all our tests, defining the middle of
a fairly narrow range of behavior in both device range and speed. The
systems come with a pair of "rubber duck" antennas attached to the
access points with BNC connectors. The ducks can be replaced with a wide
variety of third-party antennas to extend the access points' range,
focus the beam to avoid interfering with other devices, or both. Unlike
the other systems we tested, the Intel and Symbol access points do not
draw their power from the Ethernet connection; they come with a
country-specific wall adapter for electrical power.

The management software shipped with the Spectrum24 and PRO/Wireless
seeks to make setup and initial administration as simple as possible,
even (or perhaps especially) for those with limited wireless networking
experience. While there are facilities for propagating security keys and
configuration data across large numbers of access points, the emphasis
is clearly on ease of use. Site survey tools are built into the
administration software, providing signal strength, throughput, and best
channel and address information to an individual making deployment
decisions for the system. Once the physical locations are chosen, the
software will go out and discover other access points and wireless
clients on the network, to help decide how the topology should be
created and which clients should be associated with which access point.

The discovery process is helpful but, like many helpful tools, should be
used carefully. During setup, the Intel team decided to search for other
wireless devices on an IP address range that was fairly large. The
process involved probing every address within the range for information.
When the addresses probed ran through the server farm in the CIS
department, TripWire alarms started going off. The IT center's
administrator came flying into the lab, convinced that a major hacker
attack was under way until we figured that Intel was just trying to see
whether the large SP2 data center had lots of hidden wireless network
ports. Unless you want to test the efficacy of your server admin's blood
pressure medication, we recommend carefully limiting the IP range on
discovery probes.

A combination of solid hardware and easy-to-use software earned the
InternetWeek Approved badge for both of these systems. Were your
deployment plans to call for remote offices to self-install wireless
systems, either of these would make a very good choice--as would be the
case if you were preparing to install your first wireless system.

Proxim Harmony
Proxim's Harmony was the outlier in our test, and it's important to
understand why. First, while there were a couple of areas of performance
in which the Harmony system hardware was at the bottom of the list, it
was at the bottom of a very narrow range of performance. Next, Proxim
has a unique position in the market that it designs systems around, and
that position had an impact on our particular testing regimen.

Proxim has a number of different access points in its product stable.
The model the vendor brought to our test is a small access point with an
interesting antenna configuration. Rather than the rubber duck antennas
seen on most of the other products tested, the Harmony used a pair of
antennas molded into a plastic bridge that looks like a handle. While
unobtrusive--in an office environment, it might blend in with many other
features--the antennas didn't seem as effective as the classic ducks in
our environment. Proxim sells the same device with a duck-type antenna,
so potential customers should be careful talking about particulars when
designing an order.

The Harmony software was the only package we looked at that will provide
many of the roaming features in NetMotion. Unfortunately, the ability to
do this collided with the way some of the production network at the
University of Hawaii is set up. Proxim's software uses broadcast packets
(UDP) for access point discovery--you can't simply tell the software
where the access points are; it must do the discovery. In order for the
process to work, UDP must be enabled. Given the open nature of the
university's network (there isn't a single firewall point between the
network and the Internet), the administrators have disabled UDP for
security reasons. While our lab staff and the Proxim team both worked
with the university's IT department to find a work-around, time ran out
before the problem was resolved. When we discussed the issue with Proxim
after the test, the vendor noted that a long-term fix would involve
using a DHCP server to provide specific addresses for the access points,
and that this would be done in future releases of the software.

The software issue, in particular, seems a result of Proxim's position
as a longtime supplier of wireless networking products. There are
millions of earlier-generation Proxim systems in the field, many in
secure installations at military, government or institutional sites.
While Harmony is a system that embodies all current standards, it can't
run off and leave its legacy behind. Security and administration with
this system are on a par with the other systems in the test--as we
stated at the beginning of this article, there were no bad systems
brought to the Review Bunker. However, the consequences of  Proxim's
long history held this system back in our ratings. Harmony, looked at as
a complete system, earned a B+ in our overall grading chart--a good
score, but half a step behind the others. The new version of the
software, which uses DHCP rather than UDP, would likely bump Proxim up a
half letter, making it a better choice for more customers, and making
our job as reviewers that much harder.