Why is a Controller required in a wireless network

What can you do with a controller based centralized wireless networks of today? Read on to find out the features and functionality provided by controller based wireless (Wi-Fi) networks for medium and large institutions/ enterprises.

First of all, a wireless controller is a centralized Wi-Fi management device that manages all the access points in a campus. The following points illustrate why a controller is inevitable for larger networks.

Centralized Authentication:

No more individual MAC address tables and updation in each access point, controller provides for a centralized authentication mechanism through individual user name-password based Radius Server/ Active Directory/ LDAP Integration , centralized MAC address filtering or certificate/ shared key based authentication for all the clients from a central location.

Centralized-Authentication

Centralized Radio Management for all Access Points:

  1. Interference Mitigation: Adjacent Access Points are always maintained to operate in different non-overlapping channels by the controller so that there is no loss of packets due to interference in a dense wireless network. Avoiding same channel interference in dense wireless networks. Interference-Mitigation
  2. Load Balancing: The users are automatically shifted to adjacent access points if the load (number of users connecting) on one access point is high and the neighboring access point is lesser. Load balancing of users across access points in a controller based wireless networkloadbalancing
  3. Radio Balancing: 802.11n enabled clients are connected to the 802.11n radios, 802.11a enabled clients are connected to 802.11a radios; 802.11b/g enabled clients are connected to 802.11b/g radios in a multi-radio enabled access point.
  4. Fail Over: Clients are automatically shifted to neighboring access points if any access point suddenly fails, thereby introducing redundancy in the network. Controller based Access Points shift all wireless users to neighboring access points in case if any access point failsautofailover

RF Visualization: Another advantage of today’s centralized wireless networks are the visualization capabilities of the Controller. Once the Floor plan of the campus is integrated with the controller, the coverage pattern, signal strength, users associated in each access point and various parameters can be viewed LIVE over a PC monitor (through a web based application) sitting in a central location. This makes monitoring and trouble shooting of networks very easy. You can also locate any active Wireless client in the network map by just typing its MAC ID in the software.

RFLive1

RF Visualization in a wireless network

Network Access Control based on User Identity:

With today’s centralized Controller based Wireless networks, wireless users can be further segregated in to sub-groups and each group can be given separate network access policies. For example, all the wireless users accessing the network from the finance department can be given SAP/ERP access while the sales department can be denied the same. Internet access for the junior management staff can be blocked and guests can be given temporary internet access without giving access to internal network. IT department and senior management can be given full unrestricted access to the network resources. Certain laptops/ wireless clients can even be blocked network access if they do not have the latest versions of the anti-virus/ OS patch running on their systems. You thought all this is possible only with wired networks?? Not any more.

NAC

Security:

After authentication, all the wireless packets are encrypted end to end using 128 bit encryption technology making it difficult for any casual intruders to get in to your network.

Wireless Intrusion Detection/ Prevention Systems (Where dedicated access points can act as scanners for wireless threats) can identify and block a whole range of wireless attacks like:

  1. Ad-hoc network
  2. Mis-association of AP/Client to other network access points
  3. Rogue Access Points detection and prevention
  4. Multiple futile attempts to connect to the wireless network
  5. Honey pot attacks/ Man-In-The-Middle Attacks
  6. Denial of Service Attacks etc.

Branch offices and remote offices are also protected as the controller can form a Secure VPN tunnel between the HO and branch locations. Rogue Access Points and Laptop’s can be even located using location visualizers.

Mesh Connectivity:

Now you can connect even the Access Points without Cables!!

Wirelessmesharchitecture

Bandwidth Restriction per user/ per group:

You can prevent a few wireless users from clogging the entire network by restricting the bandwidth available to them at any point of time. You can also reserve a minimum bandwidth to all the critical users.

QoS:

Quality of Service through Traffic Prioritization: A centralized controller based wireless infrastructure can identify and differentiate between different types data packets and prioritize the critical traffic on the wireless network infrastructure – This is crucial for real time wireless traffic like voice, video etc.

Source: .excitingip |  Rajesh K. March 8, 2010

Wireless LAN Controller

From Wikipedia, the free encyclopedia

A wireless LAN (WLAN) controller is used in combination with the Lightweight Access Point Protocol (LWAPP) to manage light-weight access points in large quantities by the network administrator or network operations center. The wireless LAN controller is part of the Data Plane within the Cisco Wireless Model. The WLAN controller automatically handles the configuration of wireless access-points.

Features


• Interference detection and avoidance: RF power and channel assignment will be adjusted to the plan

• Load balancing: Disabled by default, high-speed load balancing can be used to connect an user to multiple access points for better coverage and data rates

• Coverage hole detection and correction: Part of the RF management is the ability to handle power levels. Power can be increased to cover holes or reduced to protect against cell overlapping

The WLAN controller also comes with various forms of authentication such as: 802.1X (Protected Extensible Authentication Protocol (PEAP), LEAP, EAP-TLS, Wi-Fi Protected Access (WPA), 802.11i (WPA2), and Layer 2 Tunneling Protocol (L2TP)

Wireless Access Point

From Wikipedia, the free encyclopedia

In computer networking, a wireless access point (WAP), or more generally just access point (AP), is a networking hardware device that allows a Wi-Fi device to connect to a wired network. The AP usually connects to a router (via a wired network) as a standalone device, but it can also be an integral component of the router itself. An AP is differentiated from a hotspot, which is the physical location where Wi-Fi access to a WLAN is available.

Contents
1 Introduction
2 Wireless access point vs. ad hoc network
3 Limitations
4 Security

OLYMPUS DIGITAL CAMERA

Linksys “WAP54G” 802.11g wireless access point

1024px-RouterBoard_112_with_U.FL-RSMA_pigtail_and_R52_miniPCI_Wi-Fi_card

Embedded RouterBoard 112 with U.FL-RSMA pigtail and R52 mini PCI Wi-Fi card widely used by wireless Internet service providers (WISPs) across the world

Introduction


Prior to wireless networks, setting up a computer network in a business, home or school often required running many cables through walls and ceilings in order to deliver network access to all of the network-enabled devices in the building. With the creation of the wireless access point, network users were able to add devices that access the network with few or no cables. An AP normally connects directly to a wired Ethernet connection and the AP then provides wireless connections using radio frequency links for other devices to utilize that wired connection. Most APs support the connection of multiple wireless devices to one wired connection. Modern APs are built to support a standard for sending and receiving data using these radio frequencies. Those standards, and the frequencies they use are defined by the IEEE.

Wireless Access Point vs. Ad Hoc Network


Some people confuse wireless access points with wireless ad hoc networks. An ad hoc network uses a connection between two or more devices without using a wireless access point: the devices communicate directly when in range. An ad hoc network is used in situations such as a quick data exchange or a multiplayer LAN game because setup is easy and does not require an access point. Due to its peer-to-peer layout, ad hoc connections are similar to Bluetooth ones.

But ad hoc connections are generally not recommended for a permanent installation. The reason is that Internet access via ad hoc networks, using features like Windows’ Internet Connection Sharing, may work well with a small number of devices that are close to each other, but ad hoc networks don’t scale well. Internet traffic will converge to the nodes with direct internet connection, potentially congesting these nodes. For internet-enabled nodes, access points have a clear advantage, with the possibility of having a wired LAN.

Limitations


It is generally recommended that one IEEE 802.11 AP should have, at a maximum, 15-25 clients per radio (most APs having between 1 and 4 radios). However, the actual maximum number of clients that can be supported can vary significantly depending on several factors, such as type of APs in use, density of client environment, desired client throughput, etc. The range of communication can also vary significantly, depending on such variables as indoor or outdoor placement, height above ground, nearby obstructions, other electronic devices that might actively interfere with the signal by broadcasting on the same frequency, type of antenna, the current weather, operating radio frequency, and the power output of devices. Network designers can extend the range of APs through the use of repeaters, which amplify a radio signal, and reflectors, which only bounce it. In experimental conditions, wireless networking has operated over distances of several hundred kilometers.

Most jurisdictions have only a limited number of frequencies legally available for use by wireless networks. Usually, adjacent APs will use different frequencies (Channels) to communicate with their clients in order to avoid interference between the two nearby systems. Wireless devices can “listen” for data traffic on other frequencies, and can rapidly switch from one frequency to another to achieve better reception. However, the limited number of frequencies becomes problematic in crowded downtown areas with tall buildings using multiple APs. In such an environment, signal overlap becomes an issue causing interference, which results in signal droppage and data errors.

Wireless networking lags wired networking in terms of increasing bandwidth and throughput. While (as of 2013) high-density 256-QAM (TurboQAM) modulation, 3-antenna wireless devices for the consumer market can reach sustained real-world speeds of some 240 Mbit/s at 13 m behind two standing walls (NLOS) depending on their nature or 360 Mbit/s at 10 m line of sight or 380 Mbit/s at 2 m line of sight (IEEE 802.11ac) or 20 to 25 Mbit/s at 2 m line of sight (IEEE 802.11g), wired hardware of similar cost reaches closer to 1000 Mbit/s up to specified distance of 100 m with twisted-pair cabling in optimal conditions (Category 5 (known as Cat-5) or better cabling with Gigabit Ethernet). One impediment to increasing the speed of wireless communications comes from Wi-Fi’s use of a shared communications medium: Thus, two stations in infrastructure mode that are communicating with each other even over the same AP must have each and every frame transmitted twice: from the sender to the AP, then from the AP to the receiver. This approximately halves the effective bandwidth, so an AP is only able to use somewhat less than half the actual over-the-air rate for data throughput. Thus a typical 54 Mbit/s wireless connection actually carries TCP/IP data at 20 to 25 Mbit/s. Users of legacy wired networks expect faster speeds, and people using wireless connections keenly want to see the wireless networks catch up.

By 2012, 802.11n based access points and client devices have already taken a fair share of the marketplace and with the finalization of the 802.11n standard in 2009 inherent problems integrating products from different vendors are less prevalent.

Security


Wireless access has special security considerations. Many wired networks base the security on physical access control, trusting all the users on the local network, but if wireless access points are connected to the network, anybody within range of the AP (which typically extends farther than the intended area) can attach to the network.

The most common solution is wireless traffic encryption. Modern access points come with built-in encryption. The first generation encryption scheme, WEP, proved easy to crack; the second and third generation schemes, WPA and WPA2, are considered secure if a strong enough password or passphrase is used.

Some APs support hotspot style authentication using RADIUS and other authentication servers.

Opinions about wireless network security vary widely. For example, in a 2008 article for Wired magazine, Bruce Schneier asserted the net benefits of open Wi-Fi without passwords outweigh the risks, a position supported in 2014 by Peter Eckersley of the Electronic Frontier Foundation.

The opposite position was taken by Nick Mediati in an article for PC World, in which he takes the position that every wireless access point should be protected with a password.

Wireless Router

From Wikipedia, the free encyclopedia

A wireless router is a device that performs the functions of a router and also includes the functions of a wireless access point. It is used to provide access to the Internet or a private computer network . It can function in a wired LAN (local area network), in a wireless-only LAN (WLAN), or in a mixed wired/wireless network, depending on the manufacturer and model.

Contents
1 Features
2 Notable manufacturers
3 Operating system
3.1 Open source firmware

1024px-D-Link_DI-524

An early specimen of a wireless router

896px-Linksys-Wireless-G-Router

The WRT54G wireless router supporting only 802.11b and 802.11g. Its OEM firmware gave birth to OpenWrt

1024px-RouterBoard_112_with_U.FL-RSMA_pigtail_and_R52_miniPCI_Wi-Fi_card

An embedded RouterBoard 112 with U.FL-RSMA pigtail and R52 miniPCI Wi-Fi card.

Features


Most current wireless routers have the following characteristics:

  • One or multiple NICs supporting Fast Ethernet or Gigabit Ethernet integrated into the main SoC
  • One or multiple WNICs supporting a part of the IEEE 802.11-standard family also integrated into the main SoC or as separate chips on the printed circuit board. It also can be a distinct card connected over a MiniPCI or MiniPCIe interface.
    • So far the PHY-Chips for the WNICs are generally distinct chips on the PCB.  Dependent on the mode the WNIC supports, i.e. 1T1R, 2T2R or 3T3R, one WNIC have up to 3 PHY-Chips connected to it. Each PHY-Chip is connected to a Hirose U.FL-connector on the PCB. A so-called pigtail cable connects the Hirose U.FL either to a RF connector, in which case the antenna can be changed or directly to the antenna, in which case it is integrated into the casing. Common are single-band (i.e. only for 2.4 GHz or only for 5 GHz) and dual-band (i.e. for 2.4 and 5 GHz) antennas.
  • Often an Ethernet switch supporting Gigabit Ethernet or Fast Ethernet, with support for IEEE 802.1Q, integrated into the main SoC (MediaTek SoCs) or as separate Chip on the PCB.
  • Some wireless routers come with either xDSL modem, DOCSIS modem, LTE modem, or fiber optic modem integrated.
  • IEEE 802.11n compliant or ready.
  • Some dual-band wireless routers operate the 2.4 GHz and 5 GHz bands simultaneously.
  • Some high end dual-band wireless routers have data transfer rates of at most 300 Mbit/s (For 2.4 GHz band) and 450 Mbit/s (For 5 GHz band).
  • The Wi-Fi clone button simplifies Wi-Fi configuration and builds a seamless unified home network, enabling Super Range Extension, which means it can automatically copy the SSID and Password of your router.
  • Some wireless routers have one or two USB ports. For wireless routers having one
  • USB port, it is designated for either printer or desktop/mobile external hard disk drive. For wireless routers having two USB ports, one is designated for the printer and the other one is designated for either desktop or mobile external hard disk drive.
  • Some wireless routers have a USB port specifically designed for connecting mobile broadband modem, aside from connecting the wireless router to an Ethernet with xDSL or cable modem. So, can be inserted a mobile broadband USB adapter into the router to share the mobile broadband Internet connection through the wireless network.

Notable Manufacturers

  1. Apple Inc.
  2. Arris
  3. Belkin
  4. Buffalo Technology
  5. Cisco
  6. D-Link
  7. HP Inc.
  8. Linksys (world market leader)
  9. MikroTik
  10. Motorola
  11. Netgear
  12. Swisscom
  13. TP-Link
  14. Ubiquiti Networks

Operating System


The most common operating system on such embedded devices is Linux. More seldomly, VxWorks is being used. The devices are configured over a web user interface served by a light web server software running on the device.

It is possible for a computer running a desktop operating system such as Windows to, with appropriate software, act as a wireless router. This is commonly referred to as a SoftAP, or “Software Access Point” (aka “virtual router”).

Open Source Firmware

In 2003, Linksys was forced to open-source the firmware of its WRT54G router series (the best-selling routers of all time) after people on the Linux Kernel Mailing List discovered that it used GPL Linux code. In 2008, Cisco was sued in Free Software Foundation, Inc. v. Cisco Systems, Inc due to similar issues with Linksys routers.

Since then, various open-source projects have built on this foundation, including OpenWrt, DD-WRT, and Tomato.

In 2016, various manufacturers changed their firmware to block custom installations after an FCC ruling. However, some companies plan to continue to officially support open-source firmware, including Linksys and Asus.

Wi-Fi

From Wikipedia, the free encyclopedia

Opera Snapshot_2017-11-13_180054_en.wikipedia.org

Wi-Fi or WiFi (/ˈwaɪfaɪ/) is a technology for wireless local area networking with devices based on the IEEE 802.11 standards. Wi-Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing.

Devices that can use Wi-Fi technology include personal computers, video-game consoles, phones and tablets, digital cameras, smart TVs, digital audio players and modern printers. Wi-Fi compatible devices can connect to the Internet via a WLAN and a wireless access point. Such an access point (or hotspot) has a range of about 20 meters (66 feet) indoors and a greater range outdoors. Hotspot coverage can be as small as a single room with walls that block radio waves, or as large as many square kilometres achieved by using multiple overlapping access points.

Wi-Fi

Depiction of a device sending information wirelessly to another device, both connected to the local network, in order to print a document

Wi-Fi most commonly uses the 2.4 gigahertz (12 cm) UHF and 5.8 gigahertz (5 cm) SHF ISM radio bands. Anyone within range with a wireless modem can attempt to access the network, because of this Wifi is more vulnerable to attack (called eavesdropping) than wired networks.

Contents
1 History
1.1 Etymology
1.2 Wi-Fi ad-hoc mode
2 Wi-Fi certification
3 IEEE 802.11 standard
4 Uses
4.1 Internet access
4.2 City-wide Wi-Fi
4.3 Campus-wide Wi-Fi
4.4 Wi-Fi ad hoc versus Wi-Fi direct
5 Wi-Fi radio spectrum
5.1 Interference
6 Service set identifier (SSID)
7 Throughput
8 Hardware
8.1 Standard devices
8.2 Embedded systems
9 Range
10 Multiple access points
11 Network security
11.1 Securing methods
11.2 Data security risks
11.3 Piggybacking
12 Health concerns
13 See also
14 References
15 Further reading

History


In 1971, ALOHAnet connected the Hawaiian Islands with a UHF wireless packet network. ALOHAnet and the ALOHA protocol were early forerunners to Ethernet, and later the IEEE 802.11 protocols, respectively.

A 1985 ruling by the U.S. Federal Communications Commission released the ISM band for unlicensed use. These frequency bands are the same ones used by equipment such as microwave ovens and are subject to interference.

In 1991, NCR Corporation with AT&T Corporation invented the precursor to 802.11, intended for use in cashier systems, under the name WaveLAN.

The Australian radio-astronomer Dr John O’Sullivan with his colleagues Terence Percival, Graham Daniels, Diet Ostry, and John Deane developed a key patent used in Wi-Fi as a by-product of a Commonwealth Scientific and Industrial Research Organisation (CSIRO) research project, “a failed experiment to detect exploding mini black holes the size of an atomic particle”. Dr O’Sullivan and his colleagues are credited with inventing Wi-Fi. In 1992 and 1996, CSIRO obtained patents for a method later used in Wi-Fi to “unsmear” the signal.

The first version of the 802.11 protocol was released in 1997, and provided up to 2 Mbit/s link speeds. This was updated in 1999 with 802.11b to permit 11 Mbit/s link speeds, and this proved to be popular.

In 1999, the Wi-Fi Alliance formed as a trade association to hold the Wi-Fi trademark under which most products are sold.

Wi-Fi uses a large number of patents held by many different organizations. In April 2009, 14 technology companies agreed to pay CSIRO $1 billion for infringements on CSIRO patents. This led to Australia labeling Wi-Fi as an Australian invention, though this has been the subject of some controversy. CSIRO won a further $220 million settlement for Wi-Fi patent-infringements in 2012 with global firms in the United States required to pay the CSIRO licensing rights estimated to be worth an additional $1 billion in royalties. In 2016, the wireless local area network Test Bed was chosen as Australia’s contribution to the exhibition A History of the World in 100 Objects held in the National Museum of Australia.

Etymology

The name Wi-Fi, commercially used at least as early as August 1999, was coined by the brand-consulting firm Interbrand. The Wi-Fi Alliance had hired Interbrand to create a name that was “a little catchier than ‘IEEE 802.11b Direct Sequence’.” Phil Belanger, a founding member of the Wi-Fi Alliance who presided over the selection of the name “Wi-Fi”, has stated that Interbrand invented Wi-Fi as a pun upon the word hi-fi.

Interbrand also created the Wi-Fi logo. The yin-yang Wi-Fi logo indicates the certification of a product for interoperability.

The Wi-Fi Alliance used the nonsense advertising slogan “The Standard for Wireless Fidelity” for a short time after the brand name was created. The name was however never officially “Wireless Fidelity”. Nevertheless, the Wi-Fi Alliance was also called the “Wireless Fidelity Alliance Inc” in some publications and the IEEE’s own website has stated “WiFi is a short name for Wireless Fidelity”.

Non-Wi-Fi technologies intended for fixed points, such as Motorola Canopy, are usually described as fixed wireless. Alternative wireless technologies include mobile phone standards, such as 2G, 3G, 4G, and LTE.

The name is sometimes written as WiFi, Wifi, or wifi, but these are not approved by the Wi-Fi Alliance.

Wi-Fi Ad-hoc Mode

Wi-Fi nodes operating in ad-hoc mode refers to devices talking directly to each other without the need to first talk to an access point (also known as base station). Ad-hoc mode was first invented and realized by Chai K. Toh in his 1996 invention of Wi-Fi ad-hoc routing, implemented on Lucent WaveLAN 802.11a wireless on IBM ThinkPads over a size nodes scenario spanning a region of over a mile. The success was recorded in Mobile Computing magazine (1999) and later published formally in IEEE Transactions on Wireless Communications, 2002 and ACM SIGMETRICS Performance Evaluation Review, 2001.

Wi-Fi Certification


The IEEE does not test equipment for compliance with their standards. The non-profit Wi-Fi Alliance was formed in 1999 to fill this void — to establish and enforce standards for interoperability and backward compatibility, and to promote wireless local-area-network technology. As of 2010, the Wi-Fi Alliance consisted of more than 375 companies from around the world. The Wi-Fi Alliance enforces the use of the Wi-Fi brand to technologies based on the IEEE 802.11 standards from the IEEE. This includes wireless local area network (WLAN) connections, device to device connectivity (such as Wi-Fi Peer to Peer aka Wi-Fi Direct), Personal area network (PAN), local area network (LAN) and even some limited wide area network (WAN) connections. Manufacturers with membership in the Wi-Fi Alliance, whose products pass the certification process, gain the right to mark those products with the Wi-Fi logo.

Specifically, the certification process requires conformance to the IEEE 802.11 radio standards, the WPA and WPA2 security standards, and the EAP authentication standard. Certification may optionally include tests of IEEE 802.11 draft standards, interaction with cellular-phone technology in converged devices, and features relating to security set-up, multimedia, and power-saving.

Not every Wi-Fi device is submitted for certification. The lack of Wi-Fi certification does not necessarily imply that a device is incompatible with other Wi-Fi devices. The Wi-Fi Alliance may or may not sanction derivative terms, such as Super Wi-Fi, coined by the US Federal Communications Commission (FCC) to describe proposed networking in the UHF TV band in the US.

IEEE 802.11 Standard


800px-Netgear-Nighthawk-AC1900-WiFi-Router

This Netgear Wi-Fi router contains dual bands for transmitting the 802.11 standard across the 2.4 and 5 GHz spectrums.

The IEEE 802.11 standard is a set of media access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communication in the 2.4, 3.6, 5, and 60 GHz frequency bands. They are created and maintained by the IEEE LAN/MAN Standards Committee (IEEE 802). The base version of the standard was released in 1997, and has had subsequent amendments. The standard and amendments provide the basis for wireless network products using the Wi-Fi brand. While each amendment is officially revoked when it is incorporated in the latest version of the standard, the corporate world tends to market to the revisions because they concisely denote capabilities of their products. As a result, in the market place, each revision tends to become its own standard.

Uses


247px-Au_wifi

A Japanese sticker indicating to the public that a location is within range of a Wi-Fi network. A dot with curved lines radiating from it is a common symbol for Wi-Fi, representing a point transmitting a signal.

To connect to a Wi-Fi LAN, a computer has to be equipped with a wireless network interface controller. The combination of computer and interface controller is called a station. For all stations that share a single radio frequency communication channel, transmissions on this channel are received by all stations within range. The transmission is not guaranteed to be delivered and is therefore a best-effort delivery mechanism. A carrier wave is used to transmit the data. The data is organised in packets on an Ethernet link, referred to as “Ethernet frames”.

Internet Access

Wi-Fi technology may be used to provide Internet access to devices that are within the range of a wireless network that is connected to the Internet. The coverage of one or more interconnected access points (hotspots) can extend from an area as small as a few rooms to as large as many square kilometres. Coverage in the larger area may require a group of access points with overlapping coverage. For example, public outdoor Wi-Fi technology has been used successfully in wireless mesh networks in London, UK. An international example is Fon.

Wi-Fi provides service in private homes, businesses, as well as in public spaces at Wi-Fi hotspots set up either free-of-charge or commercially, often using a captive portal webpage for access. Organizations and businesses, such as airports, hotels, and restaurants, often provide free-use hotspots to attract customers. Enthusiasts or authorities who wish to provide services or even to promote business in selected areas sometimes provide free Wi-Fi access.

Routers that incorporate a digital subscriber line modem or a cable modem and a Wi-Fi access point, often set up in homes and other buildings, provide Internet access and internetworking to all devices connected to them, wirelessly or via cable.

Similarly, battery-powered routers may include a cellular Internet radiomodem and Wi-Fi access point. When subscribed to a cellular data carrier, they allow nearby Wi-Fi stations to access the Internet over 2G, 3G, or 4G networks using the tethering technique. Many smartphones have a built-in capability of this sort, including those based on Android, BlackBerry, Bada, iOS (iPhone), Windows Phone and Symbian, though carriers often disable the feature, or charge a separate fee to enable it, especially for customers with unlimited data plans. “Internet packs” provide standalone facilities of this type as well, without use of a smartphone; examples include the MiFi- and WiBro-branded devices. Some laptops that have a cellular modem card can also act as mobile Internet Wi-Fi access points.

Wi-Fi also connects places that normally don’t have network access, such as kitchens and garden sheds.

Google is intending to use the technology to allow rural areas to enjoy connectivity by utilizing a broad mix of projection and routing services. Google also intends to bring connectivity to Africa and some Asian lands by launching blimps that will allow for internet connection with Wi-Fi technology.

City-wide Wi-Fi

800px-Metro_Wireless_Node

An outdoor Wi-Fi access point

In the early 2000s, many cities around the world announced plans to construct citywide Wi-Fi networks. There are many successful examples; in 2004, Mysore became India’s first Wi-Fi-enabled city. A company called WiFiyNet has set up hotspots in Mysore, covering the complete city and a few nearby villages.

In 2005, St. Cloud, Florida and Sunnyvale, California, became the first cities in the United States to offer citywide free Wi-Fi (from MetroFi). Minneapolis has generated $1.2 million in profit annually for its provider.

In May 2010, London mayor Boris Johnson pledged to have London-wide Wi-Fi by 2012. Several boroughs including Westminster and Islington already had extensive outdoor Wi-Fi coverage at that point.

Officials in South Korea’s capital Seoul are moving to provide free Internet access at more than 10,000 locations around the city, including outdoor public spaces, major streets and densely populated residential areas. Seoul will grant leases to KT, LG Telecom and SK Telecom. The companies will invest $44 million in the project, which was to be completed in 2015.

Campus-wide Wi-Fi

Many traditional university campuses in the developed world provide at least partial Wi-Fi coverage. Carnegie Mellon University built the first campus-wide wireless Internet network, called Wireless Andrew, at its Pittsburgh campus in 1993 before Wi-Fi branding originated. By February 1997 the CMU Wi-Fi zone was fully operational. Many universities collaborate in providing Wi-Fi access to students and staff through the Eduroam international authentication infrastructure.

Wi-Fi Ad-hoc Versus Wi-Fi Direct

Wi-Fi also allows communications directly from one computer to another without an access point intermediary. This is called ad hoc Wi-Fi transmission. This wireless ad hoc network mode has proven popular with multiplayer handheld game consoles, such as the Nintendo DS, PlayStation Portable, digital cameras, and other consumer electronics devices. Some devices can also share their Internet connection using ad hoc, becoming hotspots or “virtual routers”.

Similarly, the Wi-Fi Alliance promotes the specification Wi-Fi Direct for file transfers and media sharing through a new discovery- and security-methodology. Wi-Fi Direct launched in October 2010.

Another mode of direct communication over Wi-Fi is Tunneled Direct Link Setup (TDLS), which enables two devices on the same Wi-Fi network to communicate directly, instead of via the access point.

799px-WiFi-detector

A keychain-size Wi-Fi detector

Wi-Fi Radio Spectrum


802.11b and 802.11g use the 2.4 GHz ISM band, operating in the United States under Part 15 Rules and Regulations. Because of this choice of frequency band, 802.11b and g equipment may occasionally suffer interference from microwave ovens, cordless telephones, and Bluetooth devices.

Spectrum assignments and operational limitations are not consistent worldwide: Australia and Europe allow for an additional two channels (12, 13) beyond the 11 permitted in the United States for the 2.4 GHz band, while Japan has three more (12–14). In the US and other countries, 802.11a and 802.11g devices may be operated without a license, as allowed in Part 15 of the FCC Rules and Regulations.

A Wi-Fi signal occupies five channels in the 2.4 GHz band. Any two channel numbers that differ by five or more, such as 2 and 7, do not overlap. The oft-repeated adage that channels 1, 6, and 11 are the only non-overlapping channels is, therefore, not accurate. Channels 1, 6, and 11 are the only group of three non-overlapping channels in North America and the United Kingdom. In Europe and Japan using Channels 1, 5, 9, and 13 for 802.11g and 802.11n is recommended.

802.11a uses the 5 GHz U-NII band, which, for much of the world, offers at least 23 non-overlapping channels rather than the 2.4 GHz ISM frequency band, where adjacent channels overlap.

Interference

For more details on this topic, see Electromagnetic interference at 2.4 GHz.
Wi-Fi connections can be disrupted or the Internet speed lowered by having other devices in the same area. Many 2.4 GHz 802.11b and 802.11g access-points default to the same channel on initial startup, contributing to congestion on certain channels. Wi-Fi pollution, or an excessive number of access points in the area, especially on the neighboring channel, can prevent access and interfere with other devices’ use of other access points, caused by overlapping channels in the 802.11g/b spectrum, as well as with decreased signal-to-noise ratio (SNR) between access points. This can become a problem in high-density areas, such as large apartment complexes or office buildings with many Wi-Fi access points.

Additionally, other devices use the 2.4 GHz band: microwave ovens, ISM band devices, security cameras, ZigBee devices, Bluetooth devices, video senders, cordless phones, baby monitors, and, in some countries, amateur radio, all of which can cause significant additional interference. It is also an issue when municipalities or other large entities (such as universities) seek to provide large area coverage.

Service Set Identifier (SSID)


In addition to running on different channels, multiple Wi-Fi networks can share channels.

A service set is the set of all the devices associated with a particular Wi-Fi network. The service set can be local, independent, extended or mesh.

Each service set has an associated identifier, the 32-byte Service Set Identifier (SSID), which identifies the particular network. The SSID is configured within the devices that are considered part of the network, and it is transmitted in the packets. Receivers ignore wireless packets from networks with a different SSID.

Throughput


As the 802.11 specifications evolved to support higher throughput, the bandwidth requirements also increased to support them. 802.11n uses double the radio spectrum/bandwidth (40 MHz) compared to 802.11a or 802.11g (20 MHz).76 This means there can be only one 802.11n network on the 2.4 GHz band at a given location, without interference to/from other WLAN traffic. 802.11n can also be set to limit itself to 20 MHz bandwidth to prevent interference in dense community.

Many newer consumer devices support the latest 802.11ac standard, which uses the 5 GHz band exclusively and is capable of multi-station WLAN throughput of at least 1 gigabit per second, and a single station throughput of at least 500 Mbit/s. In the first quarter of 2016, The Wi-Fi Alliance certifies devices compliant with the 802.11ac standard as “Wi-Fi CERTIFIED ac”. This new standard uses several advanced signal processing techniques such as multi-user MIMO and 4X4 Spatial Multiplexing streams, and large channel bandwidth (160 MHz) to achieve the Gigabit throughput. 70% of all access point sales revenue came from 802.11ac devices.

Hardware


Stupid_HP

Wi-Fi whitelist triggered on an HP laptop

Wi-Fi allows cheaper deployment of local area networks (LANs). Also, spaces where cables cannot be run, such as outdoor areas and historical buildings, can host wireless LANs. However, building walls of certain materials, such as stone with high metal content, can block Wi-Fi signals.

Manufacturers are building wireless network adapters into most laptops. The price of chipsets for Wi-Fi continues to drop, making it an economical networking option included in even more devices.

Different competitive brands of access points and client network-interfaces can inter-operate at a basic level of service. Products designated as “Wi-Fi Certified” by the Wi-Fi Alliance are backward compatible. Unlike mobile phones, any standard Wi-Fi device will work anywhere in the world.

Standard Devices

1024px-RouterBoard_112_with_U.FL-RSMA_pigtail_and_R52_miniPCI_Wi-Fi_card

An embedded RouterBoard 112 with U.FL-RSMA pigtail and R52 mini PCI Wi-Fi card widely used by wireless Internet service providers (WISPs) in the Czech Republic

3GN

OSBRiDGE 3GN – 802.11n Access Point and UMTS/GSM Gateway in one device

1024px-EBWifi

An Atheros draft-N Wi-Fi adapter with built in Bluetooth on a Sony Vaio E series laptop

Wireless_adaptor_USB

USB wireless adapter

A wireless access point (WAP) connects a group of wireless devices to an adjacent wired LAN. An access point resembles a network hub, relaying data between connected wireless devices in addition to a (usually) single connected wired device, most often an Ethernet hub or switch, allowing wireless devices to communicate with other wired devices.

Wireless adapters allow devices to connect to a wireless network. These adapters connect to devices using various external or internal interconnects such as PCI, miniPCI, USB, ExpressCard, Cardbus and PC Card. As of 2010, most newer laptop computers come equipped with built in internal adapters.

Wireless routers integrate a Wireless Access Point, Ethernet switch, and internal router firmware application that provides IP routing, NAT, and DNS forwarding through an integrated WAN-interface. A wireless router allows wired and wireless Ethernet LAN devices to connect to a (usually) single WAN device such as a cable modem or a DSL modem. A wireless router allows all three devices, mainly the access point and router, to be configured through one central utility. This utility is usually an integrated web server that is accessible to wired and wireless LAN clients and often optionally to WAN clients. This utility may also be an application that is run on a computer, as is the case with as Apple’s AirPort, which is managed with the AirPort Utility on macOS and iOS.

Wireless network bridges connect a wired network to a wireless network. A bridge differs from an access point: an access point connects wireless devices to a wired network at the data-link layer. Two wireless bridges may be used to connect two wired networks over a wireless link, useful in situations where a wired connection may be unavailable, such as between two separate homes or for devices which do not have wireless networking capability (but have wired networking capability), such as consumer entertainment devices; alternatively, a wireless bridge can be used to enable a device which supports a wired connection to operate at a wireless networking standard which is faster than supported by the wireless network connectivity feature (external dongle or inbuilt) supported by the device (e.g. enabling Wireless-N speeds (up to the maximum supported speed on the wired Ethernet port on both the bridge and connected devices including the wireless access point) for a device which only supports Wireless-G). A dual-band wireless bridge can also be used to enable 5 GHz wireless network operation on a device which only supports 2.4 GHz wireless networking functionality and has a wired Ethernet port.

Wireless range-extenders or wireless repeaters can extend the range of an existing wireless network. Strategically placed range-extenders can elongate a signal area or allow for the signal area to reach around barriers such as those pertaining in L-shaped corridors. Wireless devices connected through repeaters will suffer from an increased latency for each hop, as well as from a reduction in the maximum data throughput that is available. In addition, the effect of additional users using a network employing wireless range-extenders is to consume the available bandwidth faster than would be the case where but a single user migrates around a network employing extenders. For this reason, wireless range-extenders work best in networks supporting very low traffic throughput requirements, such as for cases where but a single user with a Wi-Fi equipped tablet migrates around the combined extended and non-extended portions of the total connected network. Additionally, a wireless device connected to any of the repeaters in the chain will have a data throughput that is also limited by the “weakest link” existing in the chain between where the connection originates and where the connection ends. Networks employing wireless extenders are also more prone to degradation from interference from neighboring access points that border portions of the extended network and that happen to occupy the same channel as the extended network.

The security standard, Wi-Fi Protected Setup, allows embedded devices with limited graphical user interface to connect to the Internet with ease. Wi-Fi Protected Setup has 2 configurations: The Push Button configuration and the PIN configuration. These embedded devices are also called The Internet of Things and are low-power, battery-operated embedded systems. A number of Wi-Fi manufacturers design chips and modules for embedded Wi-Fi, such as GainSpan.

Embedded Systems

Ezurio_wism2_small

Embedded serial-to-Wi-Fi module

Increasingly in the last few years (particularly as of 2007), embedded Wi-Fi modules have become available that incorporate a real-time operating system and provide a simple means of wirelessly enabling any device which has and communicates via a serial port. This allows the design of simple monitoring devices. An example is a portable ECG device monitoring a patient at home. This Wi-Fi-enabled device can communicate via the Internet.

These Wi-Fi modules are designed by OEMs so that implementers need only minimal Wi-Fi knowledge to provide Wi-Fi connectivity for their products.

In June 2014 Texas Instruments introduced the first ARM Cortex-M4 microcontroller with an onboard dedicated Wi-Fi MCU, the SimpleLink CC3200. It makes embedded systems with Wi-Fi connectivity possible to build as single-chip devices, which reduces their cost and minimum size, making it more practical to build wireless-networked controllers into inexpensive ordinary objects.

Range


The Wi-Fi signal range depends on the frequency band, radio power output, antenna gain and antenna type as well as the modulation technique. Line-of-sight is the thumbnail guide but reflection and refraction can have a significant impact.

An access point compliant with either 802.11b or 802.11g, using the stock antenna might have a range of 100 m (0.062 mi). The same radio with an external semi parabolic antenna (15 dB gain) might have a range over 20 miles.

Higher gain rating (dBi) indicates further deviation (generally toward the horizontal) from a theoretical, perfect isotropic radiator, and therefore the further the antenna can project a usable signal, as compared to a similar output power on a more isotropic antenna. For example, an 8 dBi antenna used with a 100 mW driver will have a similar horizontal range to a 6 dBi antenna being driven at 500 mW. Note that this assumes that radiation in the vertical is lost; this may not be the case in some situations, especially in large buildings or within a waveguide. In the above example, a directional waveguide could cause the low power 6 dBi antenna to project much further in a single direction than the 8 dBi antenna which is not in a waveguide, even if they are both being driven at 100 mW.

IEEE 802.11n, however, can more than double the range. Range also varies with frequency band. Wi-Fi in the 2.4 GHz frequency block has slightly better range than Wi-Fi in the 5 GHz frequency block used by 802.11a (and optionally by 802.11n). On wireless routers with detachable antennas, it is possible to improve range by fitting upgraded antennas which have higher gain in particular directions. Outdoor ranges can be improved to many kilometers through the use of high gain directional antennas at the router and remote device(s). In general, the maximum amount of power that a Wi-Fi device can transmit is limited by local regulations, such as FCC Part 15 in the US. Equivalent isotropically radiated power (EIRP) in the European Union is limited to 20 dBm (100 mW).

To reach requirements for wireless LAN applications, Wi-Fi has fairly high power consumption compared to some other standards. Technologies such as Bluetooth (designed to support wireless personal area network (PAN) applications) provide a much shorter propagation range between 1 and 100 m and so in general have a lower power consumption. Other low-power technologies such as ZigBee have fairly long range, but much lower data rate. The high power consumption of Wi-Fi makes battery life in mobile devices a concern.

Researchers have developed a number of “no new wires” technologies to provide alternatives to Wi-Fi for applications in which Wi-Fi’s indoor range is not adequate and where installing new wires (such as CAT-6) is not possible or cost-effective. For example, the ITU-T G.hn standard for high speed local area networks uses existing home wiring (coaxial cables, phone lines and power lines). Although G.hn does not provide some of the advantages of Wi-Fi (such as mobility or outdoor use), it is designed for applications (such as IPTV distribution) where indoor range is more important than mobility.

For the best performance, a number of people only recommend using wireless networking as a supplement to wired networking.

Due to the complex nature of radio propagation at typical Wi-Fi frequencies, particularly the effects of signal reflection off trees and buildings, algorithms can only approximately predict Wi-Fi signal strength for any given area in relation to a transmitter. This effect does not apply equally to long-range Wi-Fi, since longer links typically operate from towers that transmit above the surrounding foliage.

The practical range of Wi-Fi essentially confines mobile use to such applications as inventory-taking machines in warehouses or in retail spaces, barcode-reading devices at check-out stands, or receiving/shipping stations.[dubious – discuss] Mobile use of Wi-Fi over wider ranges is limited, for instance, to uses such as in an automobile moving from one hotspot to another. Other wireless technologies are more suitable for communicating with moving vehicles.

Distance Records

Distance records (using non-standard devices) include 382 km (237 mi) in June 2007, held by Ermanno Pietrosemoli and EsLaRed of Venezuela, transferring about 3 MB of data between the mountain-tops of El Águila and Platillon. The Swedish Space Agency transferred data 420 km (260 mi), using 6 watt amplifiers to reach an overhead stratospheric balloon.

Multiple Access Points


Increasing the number of Wi-Fi access points provides network redundancy, better range, support for fast roaming and increased overall network-capacity by using more channels or by defining smaller cells. Except for the smallest implementations (such as home or small office networks), Wi-Fi implementations have moved toward “thin” access points, with more of the network intelligence housed in a centralized network appliance, relegating individual access points to the role of “dumb” transceivers. Outdoor applications may use mesh topologies.

When multiple access points are deployed they are often configured with the same SSID and security settings to form an “extended service set”. Wi-Fi client devices will typically connect to the access point that can provide the strongest signal within that service set.

Network Security


The main issue with wireless network security is its simplified access to the network compared to traditional wired networks such as Ethernet. With wired networking, one must either gain access to a building (physically connecting into the internal network), or break through an external firewall. To enable Wi-Fi, one merely needs to be within the range of the Wi-Fi network. Most business networks protect sensitive data and systems by attempting to disallow external access. Enabling wireless connectivity reduces security if the network uses inadequate or no encryption.

An attacker who has gained access to a Wi-Fi network router can initiate a DNS spoofing attack against any other user of the network by forging a response before the queried DNS server has a chance to reply.

Securing Methods

A common measure to deter unauthorized users involves hiding the access point’s name by disabling the SSID broadcast. While effective against the casual user, it is ineffective as a security method because the SSID is broadcast in the clear in response to a client SSID query. Another method is to only allow computers with known MAC addresses to join the network, but determined eavesdroppers may be able to join the network by spoofing an authorized address.

Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping but it is no longer considered secure. Tools such as AirSnort or Aircrack-ng can quickly recover WEP encryption keys. Because of WEP’s weakness the Wi-Fi Alliance approved Wi-Fi Protected Access (WPA) which uses TKIP. WPA was specifically designed to work with older equipment usually through a firmware upgrade. Though more secure than WEP, WPA has known vulnerabilities.

The more secure WPA2 using Advanced Encryption Standard was introduced in 2004 and is supported by most new Wi-Fi devices. WPA2 is fully compatible with WPA. In 2017 a flaw in the WPA2 protocol was discovered, allowing a key replay attack, known as KRACK.

A flaw in a feature added to Wi-Fi in 2007, called Wi-Fi Protected Setup (WPS), allows WPA and WPA2 security to be bypassed and effectively broken in many situations. The only remedy as of late 2011 is to turn off Wi-Fi Protected Setup, which is not always possible.

Virtual Private Networks are often used to secure Wi-Fi.

Data Security Risks

The older wireless encryption-standard, Wired Equivalent Privacy (WEP), has been shown to be easily breakable even when correctly configured. Wi-Fi Protected Access (WPA and WPA2) encryption, which became available in devices in 2003, aimed to solve this problem. Wi-Fi access points typically default to an encryption-free (open) mode. Novice users benefit from a zero-configuration device that works out-of-the-box, but this default does not enable any wireless security, providing open wireless access to a LAN. To turn security on requires the user to configure the device, usually via a software graphical user interface (GUI). On unencrypted Wi-Fi networks connecting devices can monitor and record data (including personal information). Such networks can only be secured by using other means of protection, such as a VPN or secure Hypertext Transfer Protocol over Transport Layer Security (HTTPS).

Wi-Fi Protected Access encryption (WPA2) is considered secure, provided a strong passphrase is used. A proposed modification to WPA2 is WPA-OTP or WPA3, which stores an on-chip optically generated onetime pad on all connected devices which is periodically updated via strong encryption then hashed with the data to be sent or received. This would be unbreakable using any (even quantum) computer system as the hashed data is essentially random and no pattern can be detected if it is implemented properly. Main disadvantage is that it would need multi-GB storage chips so would be expensive for the consumers.

Piggybacking

Piggybacking refers to access to a wireless Internet connection by bringing one’s own computer within the range of another’s wireless connection, and using that service without the subscriber’s explicit permission or knowledge.

During the early popular adoption of 802.11, providing open access points for anyone within range to use was encouraged[by whom?] to cultivate wireless community networks, particularly since people on average use only a fraction of their downstream bandwidth at any given time.

Recreational logging and mapping of other people’s access points has become known as wardriving. Indeed, many access points are intentionally installed without security turned on so that they can be used as a free service. Providing access to one’s Internet connection in this fashion may breach the Terms of Service or contract with the ISP. These activities do not result in sanctions in most jurisdictions; however, legislation and case law differ considerably across the world. A proposal to leave graffiti describing available services was called warchalking. A Florida court case determined that owner laziness was not to be a valid excuse.

Piggybacking often occurs unintentionally – a technically unfamiliar user might not change the default “unsecured” settings to their access point and operating systems can be configured to connect automatically to any available wireless network. A user who happens to start up a laptop in the vicinity of an access point may find the computer has joined the network without any visible indication. Moreover, a user intending to join one network may instead end up on another one if the latter has a stronger signal. In combination with automatic discovery of other network resources (see DHCP and Zeroconf) this could possibly lead wireless users to send sensitive data to the wrong middle-man when seeking a destination (see Man-in-the-middle attack). For example, a user could inadvertently use an unsecure network to log into a website, thereby making the login credentials available to anyone listening, if the website uses an unsecure protocol such as plain HTTP without TLS (HTTPS).

An unauthorized user can obtain security information (factory preset passphrase and/or Wi-Fi Protected Setup PIN) from a label on a wireless access point can use this information (or connect by the Wi-Fi Protected Setup pushbutton method) to commit unauthorized and/or unlawful activities.

Health Concerns


The World Health Organization (WHO) says “no health effects are expected from exposure to RF fields from base stations and wireless networks”, but notes that they promote research into effects from other RF sources. Although the WHO’s International Agency for Research on Cancer (IARC) later classified radiofrequency electromagnetic fields as “possibly carcinogenic to humans (Group 2B)” (a category used when “a causal association is considered credible, but when chance, bias or confounding cannot be ruled out with reasonable confidence”), this was based on risks associated with wireless phone use rather than Wi-Fi networks.

The United Kingdom’s Health Protection Agency reported in 2007 that exposure to Wi-Fi for a year results in the “same amount of radiation from a 20-minute mobile phone call”.

A review of studies involving 725 people who claimed electromagnetic hypersensitivity, “…suggests that ‘electromagnetic hypersensitivity’ is unrelated to the presence of EMF, although more research into this phenomenon is required.”