|
To make it easier for users to take their mobile devices
with them to meetings and to other locations in the office, many
organizations have wireless networks. Wireless networks can be deployed
and used in many different configurations. This section examines the
most common configurations.
Wireless Network Devices and Technologies
When you are working with wireless networks, the most common terms you’ll run across are wireless network adapter and wireless access point.
Wireless adapters include PC cards for notebooks, Peripheral Component
Interconnect (PCI) cards for desktops, and USB devices (which can be
used with notebooks or desktops). However, most of today’s mobile
devices have the wireless adapter built in. A wireless adapter uses a
built-in antenna to communicate with an access point. Typically, an
access point is directly connected to the organization’s physical
network and might also function as a network switch or hub itself,
meaning it has physical ports that allow direct cable connections as
well as wireless connections. Other names for access points include
wireless base stations and wireless gateways.
The most widely used wireless network adapters and access points are based on the IEEE 802.11 specification. Wireless devices
that are based on this specification can be Wi-Fi certified to show
that they have been thoroughly tested for performance and compatibility.
Table 1
compares the features of the most used wireless technologies based on
IEEE 802.11. As the table describes, there are four standards, and each
has its benefits and drawbacks. It should be noted that although 802.11a
wireless devices cannot interoperate with 802.11b or 802.11g devices,
fewer devices use the 5-GHz range, making it less likely that there will
be interference with other types of wireless devices (the majority of
which use the 2.4-GHz range).
Table 1. Wireless Networking Technologies
|
WIRELESS STANDARD |
802.11A |
802.11B |
802.11G |
802.11N |
|---|
|
Speed |
Up to 54 Mbps |
Up to 11 Mbps |
Up to 54 Mbps |
Up to 540 Mbps | |
Transmission frequency |
5 GHz |
2.4 GHz |
2.4 GHz |
2.4 GHz, 5 GHz, or both | |
Effective indoor range |
Approximately 25 to 75 feet |
Approximately 100 to 150 feet |
Approximately 100 to 150 feet |
Approximately 200 to 300 feet | |
Compatibility |
Incompatible with 802.11b and 802.11g devices |
Can interoperate with 802.11g devices (at 11 Mbps); 802.11g wireless
adapters can operate with 802.11b access points (at 11 Mbps) |
Can operate with 802.11b devices (at 11 Mbps) |
Can operate with 802.11b devices (at 11 Mbps) and 802.11g devices (at 54 Mbps) |
Newer 802.11 transmission specifications include 802.11n. 802.11n
offers speeds up to 540 Mbps and can interoperate with devices using
802.11b and 802.11g. To achieve high transmission speeds, 802.11n can
use multiple receivers and multiple transmitters. Each transmitter can
transmit one or more streams of data. The more streams of data that a
device can use across all transmitters and receivers, the higher the
throughput. However, many standard 802.11n devices with multiple
transmitters and receivers combine strong, weak, and reflected signals
into one data stream to maximize the range.
For added security,
IEEE has defined the 802.11i standard. Unlike the 802.11a, 802.11b,
802.11g, and 802.11n standards, the 802.11i standard isn’t about
transmission speeds and frequencies. 802.11i is a security standard that
you can add to the existing standards. More specifically, it adds
security functionality to the radio specifications of 802.11a, 802.11b,
802.11g, and 802.11n. This means that 802.11a network adapters and
access points can include the 802.11i security functionality, as can
802.11b, 802.11g, and 802.11n wireless products.
Note
Keep in mind that some computers (particularly mobile devices) contain integrated chip sets that support multiple wireless networking technologies. Wi-Fi Protected Access Version 2 (WPA2) is the approved Wi-Fi Alliance implementation of 802.11i. WPA2 implements all mandatory elements of the 802.11i standard.
Note
REAL WORLD Take a close look at
compatibility issues before you deploy wireless devices that aren’t
based on IEEE 802.11. Increasingly, you’ll see devices that achieve high
speeds. Some of these devices achieve speed boosts through compression
and other similar techniques while staying within the guidelines of the
IEEE 802.11 specification. Others might use network technologies that
are proprietary, requiring you to use that company’s wireless adapters
and access points to achieve the transmission improvements. For more
information on wireless standards and certified devices, go to www.wi-fi.org.
Securing a wireless network is very different from securing a wired
network. With a wired network, a cable is used to connect a computer to
the network. A user must use a cable to be physically connected to the
network and must have access to one of your internal switches or hubs.
If an unauthorized person connects a machine to the network, it is
fairly easy to determine this and trace the physical cable to the
intruder’s computer.
When you install wireless
networking, anyone within range of one of your wireless access points
has access to your network. Not only can they intercept the wireless
signals that are being broadcast, they can also try to crack into the
network. The bad news is that it is difficult to locate the intruder
because there’s no physical wire to trace. The really bad news is that
if intruders can gain access to a wireless access point, they are
usually inside your organization’s firewall. To protect the network, you
should configure its firewall if one is available and configure the
wireless devices to encode all wireless transmissions.
The most basic wireless encryption scheme is Wireless Equivalency Protection (WEP).
With WEP, you encrypt data using 40-bit, 128-bit, 152-bit, or higher
private key encryption. With WEP, all data is encrypted using a
symmetric key derived from the WEP key or password before it is
transmitted, and any computer that wants to read the data must be able
to decrypt it using the key. In a typical wired environment, the shared
key encryption alone is sufficient to safeguard your data. In a wireless
environment with high traffic volume, it is possible that someone could
successfully break the shared key, and because the shared key doesn’t
change automatically over time, the intruder would then have access to
your organization’s internal network.
Because WEP provides only the most basic security, its use is strongly discouraged except in cases where no alternative exists. The preferred alternatives to WEP are Wi-Fi Protected Access (WPA) and WPA2.
WPA was adopted by the Wi-Fi Alliance as an interim standard prior to
the ratification of 802.11i. WPA2 is based on the official 802.11i
standard and is fully backward compatible with WPA.
WPA and WPA2 are able to rotate keys for added security and to change
the way that keys are derived. By changing the encryption keys over
time and ensuring that they aren’t derived in one specific way, WPA and
WPA2 can improve security significantly over WEP. WPA-compatible and
WPA2-compatible devices can operate in enterprise mode or in a personal,
home/small office configuration, as explained in the following points:
-
Enterprise mode provides authentication using IEEE 802.1X and EAP. In the enterprise mode, wireless
devices have two sets of keys: session keys and group keys. Session
keys are unique to each association between an access point and a wireless
client. They are used to create a private virtual port between the
access point and the client. Group keys are shared among all clients
connected to the same access point. Both sets of keys are generated
dynamically and are rotated to help safeguard the integrity of keys over
time. -
Personal mode provides authentication via a preshared key or
password. In a personal, home/small office configuration, WPA uses a
preshared encryption key rather than a changing encryption key. Here,
the user enters a master key (the group key) into the access point and
then configures all the other wireless
devices to use this master key. A wireless device uses the master key
as a starting point to generate the session key mathematically. It then
regularly changes the session key so that the same session key is never
used twice. Because the key rotation is automatic, key management is
handled in the background. -
WPA and WPA2 are fully compatible with 802.11a, 802.11b, 802.11g, and
802.11n. Many wireless devices that shipped before WPA and WPA2 became
available can be made fully compatible with WPA and WPA2 through a
software upgrade. With WPA, no additional modifications are necessary.
The same is not necessarily true with WPA2 because some wireless devices
might require processor or other hardware upgrades to be able to
perform the computationally intensive Advanced Encryption Standard (AES)
encryption.
When working with WPA and WPA2, keep the following in mind:
-
All products that are Wi-Fi certified for WPA2 are interoperable with products that are Wi-Fi certified for WPA. -
Both WPA and WPA2 have personal and enterprise modes of operation. -
Both WPA and WPA2 use 802.1X and EAP for authentication. -
WPA provides strong data encryption via Temporal Key Integrity Protocol (TKIP). -
WPA2 provides enhanced data encryption via AES, which allows WPA2 to
meet the Federal Information Processing Standard (FIPS) 140-2
requirement of some government agencies.
Note
Both WPA and WPA2 offer a high level of security to help ensure that private data remains private and that access to wireless
networks is restricted to authorized users. Only WPA2 provides strong
encryption through AES, which is a requirement for some corporate and
government users.
Another advanced wireless security technology is Robust Security Network (RSN), which is supported by 802.11i-compatible devices. RSN enables wireless
devices to negotiate their authentication and encryption algorithms
dynamically. This means that the authentication and encryption
algorithms used by RSN-compatible devices can be changed. New
authentication techniques and algorithms can be added to address
security issues. RSN is based on EAP and AES.
Installing and Configuring a Wireless Adapter
Other than mobile devices with built-in wireless adapters,
the two main types of wireless adapters you’ll use are PC cards for
notebooks and PCI cards for desktops. These adapters are the easiest to
configure—and I’ve found them to be the most reliable. The other type of
wireless adapter that you might see is a device that connects to a
notebook or desktop computer with a USB cable. When using USB wireless
devices, keep in mind that there are several USB specifications,
including USB 2.0 and USB 3.0, the faster, newer specification. A
wireless device that complies with USB 3.0 must be connected to a USB
3.0 port to function properly and at the speeds you expect.
As part of the installation process, most installation software will
help you configure the wireless device. In the process, you may need to
specify the name of the wireless network to which you want to connect
and the mode in which the wireless device will run. Wireless adapters
can run in one of two operating modes:
-
Ad hoc In ad hoc mode, you configure the wireless adapter to connect directly to other computers with wireless adapters. -
Infrastructure In
infrastructure mode, you configure the wireless adapter for use on a
wireless network. In this configuration, the adapter expects to connect
to an access point rather than to another computer directly.
After you specify the adapter mode, you might need to specify the encryption key that will be used. If your organization uses WEP security, in most cases you will have to type the required encryption key, which is usually referred to as the network key. With WPA/WPA2 security, you most often use a certificate or a smart card to supply the required encryption key.
Working with Wireless Networks and Wireless Connections
Once you’ve completed the installation of the device, you should be
able to connect over the wireless network. Much like a wired network
card, which has an Ethernet connection, a wireless network card has a Wi-Fi
connection that is in turn connected to a specific network that is
designated as a public network, private network, or domain network. If a
computer has both a wired and a wireless connection, it might have two
active connections: one to a wired network and one to a wireless
network.
Wi-Fi connections provide the following additional details about the network and the connection:
-
The name of the wireless network in parentheses after the connection type designator -
The current signal strength (signal strength of one bar is poor; signal strength of five bars is excellent) -
A Disconnect link for disconnecting the wireless connection
To view the settings for a wireless connection, complete these steps:
-
In Control Panel, tap or click View Network Status And Tasks under the Network And Internet heading. -
In the left pane in Network And Sharing Center, tap or click Change Adapter Settings. -
Network Connections displays a list of all network connections
configured for use on the computer. Press and hold or right-click the
wireless connection you want to work with, and then tap or click
Properties. -
You’ll see a dialog box similar to the one shown in Figure 1.
You can use the Wi-Fi Status dialog box to check the status of the
connection and to maintain the connection, in much the same way as you
can for other types of connections. You’ll also see the duration and
speed of the connection.
As with Ethernet connections,
Wi-Fi connections have configurable properties. This means that every
discussion about configuring network connection properties also applies
to Wi-Fi connections. You can do the following:
-
Install and uninstall networking features for clients, services, and protocols. In the Wi-Fi Status dialog box, tap or click Wireless Properties, and then tap or click Install or Uninstall as appropriate. -
Set TCP/IPv6 and TCP/IPv4 settings for DHCP, static IP, and dynamic
IP addressing. In the Wi-Fi Status dialog box, tap or click Properties,
and then double-tap or double-click Internet Protocol Version 6
(TCP/IPv6) or Internet Protocol Version 4 (TCP/IPv4). -
Disable or diagnose wireless connections. In the Wi-Fi Status dialog box, tap or click Disable or Diagnose as appropriate.
If you have problems establishing a wireless connection and automated
diagnostics can’t resolve the problem, use these tips to help you
troubleshoot:
-
Problem: Limited or no connectivity to the wireless network.
Resolution: Check
the signal strength. If the signal strength is low (poor), you need to
move closer to the access point or redirect your antenna. For a built-in
antenna, you might need to change the position of the mobile device
relative to the access point. The problem could also be that the network
did not connect and configure network addressing properly. To check the
connection state, tap or click the connection link in Network And
Sharing Center, and then review the connection status in the Status
dialog box. If the media state is not set to Enabled, tap or click
Diagnose to try to resolve the problem by using automatic network
diagnostics. -
Problem: Not connected or unable to connect to the wireless network.
Resolution: If you
are out of the broadcast area, your computer will not be able to
connect to the wireless network. Tap or click the Network notification
icon on the taskbar. The computer will display the Networks sidebar,
where you can determine whether networks are available and in range. You
also can verify that Airplane Mode is turned off. No connections are
possible when Airplane Mode is enabled. To connect to a Wi-Fi network,
tap or click a connection and then tap or click Connect. If you are
unable to connect to the network or don’t see the network in the list,
try moving closer to the access point or changing the position of your
antenna or computer relative to the access point. The computer also
might not be configured properly for establishing a wireless connection
on this network.
Tip
You’ll have better connection speeds—up to the maximum possible with
the wireless technology you are using—when you have a stronger signal.
If the signal strength is weak, the connection speed might be reduced
considerably. To improve the signal strength, try moving the adapter’s
antenna (if one is available) or try changing the position of the
computer relative to the access point.
Connecting to Wireless Networks
Any wireless access point broadcasting within range should be
available to a computer with a wireless adapter. By default, Windows 8
automatically determines the appropriate settings. If a connection
requires a password or other credentials, you are prompted for the
credentials when you try to connect to the wireless network. You can
preconfigure wireless connections
for users as well. This enables you to configure different
authentication, encryption, and communication options as necessary.
You can preconfigure a connection for a wireless network by completing the following steps:
-
In Network And Sharing Center, tap or click Set Up A New Connection
Or Network. This starts the Set Up A Connection Or Network Wizard. -
Select Manually Connect To A Wireless Network, and then tap or click Next.
You now need to enter information about the wireless network to which
you want to connect. Your network administrator should have this
information. -
In the Network Name box, enter the network name (also referred to as the network’s secure identifier, or SSID). -
Use the Security Type list to select the type of security being used.
The encryption type is then filled in automatically for you. -
With WEP and WPA-Personal, you must enter the required security key
or password phrase in the Security Key box. For example, a WEP key
typically is one of the following:
-
5 case-sensitive characters -
13 case-sensitive characters -
10 hexadecimal, case-insensitive characters -
26 hexadecimal, case-insensitive characters
-
By default, the connection is started automatically whenever the user
logs on. If you also want the computer to connect to the network
regardless of whether the network can be reached—for example, when the
computer is out of range of the wireless base—select Connect Even If The
Network Is Not Broadcasting. If you don’t select this option, the
connection is listed on the Networks panel only when the network is
within range and broadcasting its SSID. -
Tap or click Next, and then tap or click Close.
Typically, when you are within the broadcast range of a wireless
network, you won’t need to preconfigure a connection and can instead
connect directly, letting Windows determine the correct settings. To
connect to a wireless network, complete the following steps:
-
Tap or click the Network notification icon on the taskbar; or slide
in from the right side of the screen, tap Settings, and then tap the
Network icon. -
On the Networks panel, under the Wi-Fi heading, available wireless networks are listed by name, status, and signal strength. -
You can now connect to or disconnect from a wireless network:
-
To connect to a wireless network, select the network, and then tap or click Connect. -
To disconnect from a wireless network, select the network, and then tap or click Disconnect.
Managing and Troubleshooting Wireless Networking
You can manage wireless networks by using the Network panel. If you
press and hold or right-click a wireless connection, you have additional
management options:
-
Show Estimated Data Usage Shows the estimated amount of data transferred over the connection. Tap or click Reset to reset the data usage counter. -
Set As Metered Connection Specifies that the connection is metered, so that Windows 8 applies rules and policies for metered connections. -
Set As Non-Metered Connection Specifies that the connection is not metered, so that Windows 8 no longer applies rules and policies for metered connections. -
Forget This Network
Removes a saved connection from the list of available connections. This
is useful if a manually created connection is no longer needed. -
Turn Sharing On Or Off Allows you to specify whether you want to turn on sharing between computers and connect to devices on this network. -
View Connection Properties
Opens the Properties dialog box for the connection with the Security
tab selected. This provides a quick way to view or modify the security
settings.
Windows 8 includes many tools for troubleshooting and testing network connectivity. On
wireless networks, you’ll encounter similar issues. In addition to those
troubleshooting techniques, you’ll also want to do the following:
-
Review the security configuration for the wireless network and check
that the settings are correct. Re-enter the security key or passphrase. -
Ensure that the wireless device is positioned correctly and within
range of the wireless access point. You might want to try moving the
computer closer to the access point. -
Ensure that there is no interference from other devices that use the
same transmission range or from other devices that create magnetic
fields. You might want to move or turn off devices that could be causing
interference.
|
