26.01.2021

Wifi what is it

Unlike home, Wi-Fi corporate (office) with all the external similarities is completely different. It’s all about network management and security. And in the number of access points.

Home Wi-Fi Corporate Wi-Fi Security requirements are standard, the “price” of the transmitted data is usually very low. That is, even if an attacker can break into the protection (which means it was badly configured), he cannot intercept anything important and confidential. High security requirements – a wireless network should be as secure as a wired network of an enterprise. Clearly, passive protection of access points does not limit the security system. Protection must be proactive and proactive. All control comes down to setting up one access point. Some external system is not needed. There are tens or even hundreds of access points. It is necessary: ​​to update the software — to make changes to the settings of several or all points — to track whether all points are “legal” —to have the ability to visually plan the radio coverage of the building — to monitor the location of users in the building — to provide guest access besides corporate access — quickly and conveniently, and much more. ..It is clear that this is possible only with centralized management of all access points. This is what the controller serves for. There is no seamless roaming between access points – and it is not needed – just one point. Roaming is desirable. So that the subscriber, moving inside the office, does not feel switching between access points. Although often in the office, employees work on the go? These are the most basic differences, in fact, there are much more. That is why companies deploying a network inside the office understand that it should be safe and convenient – and are willing to pay. But not all. After all, the cost of a network of 20 points, for example, on a Cisco Aironet can easily exceed 000. And more than half is the price of a controller – a specialized appliance, a server that passes all the Wi-Fi network traffic through itself and manages all access points connected to it. Such costs are too tough for only the largest and richest companies. But what about the rest? And Ubiquiti found the answer by launching UniFi, the first enterprise Wi-Fi system with a free controller. Actually, this is just software that you put on any computer on the network and get the opportunity to: manage all points, change configuration, add new software, see the state of access points on the building plan, organize Guest Access – the secretary has a special link for generating temporary passwords in a network for visitors – to see all associated users, as well as get full statistics on the operation of a Wi-Fi network. That is, with this piece of iron any office can afford real corporate Wi-Fi with all its amenities and security with a deep sleep. And for integrators, a truly bottomless market for small and medium-sized offices opens up – know yourself, put it in. When we saw it all and saw the price (and this is an 802.11g / n access point), I wanted to quickly hold this happiness in our hands. So, we keep: It looks very nice, the plastic is matte, very pleasant, the point itself is made in the form of a compact flat “pancake” and looks stylish on an ordinary office suspended ceiling. And if you do not know, it is easy to take UniFi for a speaker or a fire alarm sensor. With fasteners, too, everything is fine – for installation, you only need a Phillips screwdriver and a drill (although you can also screw three small holes in the panel of the suspended ceiling with a screwdriver, but a drill is more correct). UniFi can also be mounted on the wall, dowels are included. In addition to the point and fasteners, the box has a cord and a power injector (like other Ubiquiti devices, UniFi is powered by a twisted pair cable through the injector. I must say right away that the injector is not of the 802.3af standard, but of its own). And the most interesting thing is the disk with the controller. As I said, the entire UniFi network and the computer with the controller should be within the L2 network (or its simulation, for example, EoIP. And ports 8080 and 3478 should be available on this network). We turn on the UniFi point itself and begin to install software. We installed on Windows, but just a few days ago Ubiquiti released a version for Linux, which is nice. Installation is very simple, the interface is made in the form of a Java applet that runs in a browser. After entering the standard login password, we see: As soon as we turned on the point, the controller saw it and reflected it in the Pending column, and also issued Alert with the question – register the seen point on the controller. That is, whoever does not connect to the controller, only UniFi and only by the will of the network administrator. Reasonable. Upon initial connection, the controller finds out the software version of the point and updates it if necessary. By the way, this can be disabled and updated only if necessary according to the “golden rule of an IT-employee”. After a successful connection, the LED ring lights up in a pleasant green light on the access point. Now we take the plan of our office, for example, as a jpg image and upload it to UniFi. And we place on this plane where what point is. Yes, the plan can be scaled and the controller will draw an approximate coverage radius. And, if any point is disconnected – you will see on the office plan where it is. Convenient. Now what can we configure: 1. Within one physical environment, up to 4 independent Wi-Fi networks with different SSIDs (Multi SSIDs) can be made 2. Three of these networks can be translated into separate VLANs3. Guest network – VLAN only on the Internet, for example. 4. Encryption for each SSID, supported by WEP, WPA-PSK, WPA-TKIP, WPA2 AES, 802.115. Priority traffic for each SSID. So that for example your guests do not slow down the work of employees when using the same access point. Of course, the functionality is not the richest. But in ordinary life, more than enough.

Leave a Reply

Your email address will not be published. Required fields are marked *