The Need to Know:
• 100 PCs and a 10 server corporate LAN
• Converting/adding 30 users as a mobile workforce
• 30 new notebooks and/or PDAs from home and/or traveling
• Some existing executives have notebooks and/or PDAs
Business Requirements
• This is often the challenge that techies miss due to getting so caught up with the “cool factor” of the technology and/or the hands-on implementation itself.
• Correctly identifying customer needs and translating this into the correct technological recommendation.
• Setting and meeting customer expectations.
• Meeting budget.
• Meeting timelines.
Security Requirements (Encryption standard utilized)
• With the evolution of encryption standards, integration must ensure that the new notebooks and new handhelds support the standards used by the wireless access point (whether a router, bridge, firewall, etc.)
• If your access point is the newest piece of hardware supporting all levels of encryption standards, select one which will be compatible for all desired connecting devices (notebooks, PDAs, etc.). This is crucial if there are notebooks at various stages of their life-cycle which will require connecting.
• Network architecture is essential. A flat, bridged design giving users unrestricted access once on the WLAN compared to a design that gives users basic functionality like Internet access, but requires the user’s secondary authentication before accessing more sensitive resources like servers or corporate applications.
• Review desires of guests and policies which may require additional SSIDs for this group of users with limited access (e.g. just Internet)
• Having traffic go through security devices to manage items like URL filtering, intrusion detection
• Encrypted filing systems to ensure if the mobile device is stolen, any data could not be deciphered by an unauthorized third party.
• Desktop security to protect against threats while on other WLANs.
Configuration Requirements
• Scheduling concerns. For example, centralized vs. individualized configuration of devices poses some challenges to ensure all users and/or their devices are onsite to perform.
• User training should be done at this time
• Mobile users will connect to various networks (e.g. oneZone, home wireless network, vs while on corporate wireless LAN). Know which you are connected to, and the company policies around acceptable usage (e.g. the CFO shouldn’t be logging into sensitive financial sites such as Web banking while on a wireless LAN other than at the corporate office).
Roll-out
• Physical office layout
• Restraints on dead zones
• Power requirements or utilizing Power over Ethernet (PoE) devices
• Physical placement of the wireless access points. Keep in mind that there is a budget associated with the project. Although it would be nice to place 10 devices to cover 100 per cent of the area, using only five and covering 80 per cent of the area would likely suffice and there probably wouldn’t be any complaints by those not having a signal while in the bathroom or other zones left out of the design. (See meeting budget in Business Requirements above).
• Consider other wireless devices in the area such as other internal WLAN routers or even a neighbour’s access point which may interfere and cause cross-talk and noise affecting signal strength and reliability.
Ongoing Management
• The project introduce more risk of mobile users taking their notebooks onto untrusted networks including their home offices or Internet cafes. Control compromised computers with specific applications first to secure the individual devices in line with best practices, but also to enforce a security checklist of minimum requirements prior to accepting a WLAN connection to the corporate network. This software is more often vendor specific to be compatible with the wireless access points.
• Pro-active maintenance of mobile users causes increased scheduling requirements. Turning off users, for example after firing a mobile user, requires a pre-planned checklist of executables.
• Scalability is essential. When planning the future growth requirements of how many mobile users will be required to access the network through the wireless access points, selecting the optimal level of hardware is essential
Other points to consider
• Some companies may wish to keep intellectual property in the hands of their company, and not provide all employees with the actual data leaving the corporate network. For example, roaming salespeople may need access to the company CRM and customer information, but not necessarily require a full list of all customer information on their individual notebook which could be easily copied or transferred once outside the office. Terminal server or Citrix are good solutions to address this area of concern.
Rob Duxter is the CEO and president of Network Integrators of Canada Inc. , a Toronto-based outsourced technology services provider (TSP) focused on the small and medium-sized business market (5 to 250 seats). Contact: www.niCanada.com
Comment: cnedit@itbusiness.ca