Technical Considerations for Public WLANs
May 30, 2002
It seems that every business with a public space wants to launch a hotspot for customer use. Before you jump in, be sure to take into account how hard it is to connect users and how wide open hotspot WLANs are to snooping.
As you can see by the growing list of hotspots, the public wireless LAN market is beginning to take off. Users are becoming aware of this new capability as you see more and more people strutting around airports and conventions centers with radio-equipped laptops and PDAs. They're beginning to expect public wireless LAN connectivity to stay connected in more places.The deployment of a public wireless LANs, however, raises potential issues that are somewhat different than found with private wireless LANs. Before finalizing your plans for a public wireless LAN, consider the following.
Open Connectivity is Critical
With public wireless LANs, users require broad degrees of roaming. Like private wireless LANs, public users need to roam from one access point to another as they move throughout the hotspot facility. However, public users need the ability to roam from one hotspot to another, which can span different wireless ISPs (WISPs) and IP address domains. This is much more demanding than most private wireless LAN systems and requires careful consideration.
One obstacle to providing an open system interface for roaming is that 802.11a and 802.11b don't interoperate. For example, a user equipped with an 802.11b radio network interface card (NIC) can't communicate with an 802.11a access point. Most end users currently have 802.11b-equipped devices, so installing 802.11a access points at a hotspot today is not a good idea. Most users will not be able to use the hotspot. Eventually, multimode (802.11a/b) NICs should become commonplace enough to alleviate this interoperability problem.
Another hindrance to open connectivity is the SSID (service set identifier) that an 802.11 access point uses to authenticate a user's NIC. If the access point is enabled to broadcast the SSID in the beacon packet (an option for some access points), then Microsoft Windows XP is capable of "sniffing" the SSID and automatically configuring the NIC. Some public WLAN smart client software provided by WISPs also have this capability. As a result, it's beneficial to enable the broadcasting of SSIDs in a public wireless LAN solution. In addition, most users can set their SSID in their NIC to "any" and authenticate regardless of the access point SSID.
IP addresses in public wireless LANs also raise issues. The implementation of a DHCP (dynamic host configuration protocol) server for automatically assigning addresses to users roaming into the area is certainly beneficial. In most cases, users will already have their network configurations set to use DHCP. The dilemma is that some client devices, especially when using Windows 98, often fail to renew the IP address. This requires users to manually release and renew the IP address before Internet services, such as browsing the Web and checking e-mail, will work. To overcome this problem, some smart client software and wireless NIC interfaces provide a user accessible "button" for releasing/renewing the IP address without dealing with DOS.
Make Up for Lost Security
The problem with maximizing the openness of the wireless LAN is that security suffers. Most WISPs turn WEP encryption off because of the difficulties related to assigning WEP keys to subscribers having different brands of radio NICs and roaming from one hotspot to another. The broadcasting of SSIDs and non-use of WEP keys enables just about anyone equipped with an 802.11 sniffer to monitor other user transmissions, eavesdrop on e-mails, detect passwords, etc. In addition, one public wireless LAN user can access another user's files on their computer unless personal firewall protection is in use. That becomes a really big problem around hotspots, especially where competitors may be in the same area.
Once 802.11 incorporates the work of the 802.11i committee, which includes 802.1X as the basis for effective key distribution, then the use of WEP on public wireless LANs will become the norm. In the meantime, focus on security mechanisms built into the more common operating systems and Internet browsers, such as SSL and EAP-TLS. These protocols provide an excellent means for encrypting data transmissions, but users still need to use firewalls to keep other users off their computer.
Properly Size the Network
Many hotspots, such as airports and convention centers, have lots of users in relatively small areas. The aggregate throughput requirements of these densely populated areas can be very demanding on individual access points, especially those based on the relatively low-bandwidth 802.11b. As a result, pay special attention to properly sizing the public wireless LAN.
To solve this problem with 802.11b, consider placing the access points closer together and lowering their transmit power. This provides higher capacity in a given area by segmenting users. The downside is the need for more access points, but the closer spacing will likely accommodate migration to 802.11g or 802.11a at a later date without repositioning the access points.
Be Weary of Potential RF Interference
As with any wireless LAN, RF interference can be an issue; however, pay special attention to the possibility of RF interference when deploying public wireless LANs. The most common interference in a public setting will come from other wireless LANs, mainly because of close proximity of unrelated public hotspots. For example, competing airlines could each deploy a public wireless LAN on the same concourse of an airport, which could lead to RF interference between the two systems.
As a result, perform a thorough RF site survey, and investigate to determine whether another wireless LAN is operating nearby. If you find RF interference may be an issue, you may be able to install directive antennas to steer your wireless LAN away from others. It's also possible to coordinate channel usage if you can make friends with your neighbor.
Focus on ease of use
A pubic wireless LAN needs to serve a diverse population, and the connection experience for users should be as easy as using a mobile phone. The quandary is that public wireless LAN users don't use a commonly configured device. As a result, incompatible user device configurations are the basis for the most problems, such as trouble connecting to the network.
Not all users are engineers and technicians familiar with wireless LANs; therefore, the majority of users are lost when problems arise. As a result, WISPs must deliver effective help, generally a real person available via a hotline. A combination of open connectivity and fast, effective help is a must in order for public wireless LAN usage to proliferate.
Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs (SAMs, 2001), and regularly instructs workshops on wireless LANs. He will be a speaker at the 802.11 Planet Conference & Expo in Philadelpha, June 10 - 12, 2002.