Various access mints will be necessary to cover all the areas necessary. I will put a dedicated access point for the Conference Room, one access point for one side of the user stations, one access point for that same side of the stations and offices, and in the other side of the concrete wall one access point for the stations and break room and the other access point for the stations and offices. There will be a wired network running through the offices as well for a wired connection and a wired connection for the conference room as well. The only ones that will be wireless only will be the call center stations.
Deployment Scenario Rationale The reason to choose an infrastructure mode is because of the structure of the floor design. The infrastructure mode will allow the access points to communicate with each other through a wired network. While the wired network connects all the access points, it connects the switch to an access points for that access point to pass on communication to the next and then to each other. Because there is a wired network in place, devices that are not wireless can connect to the jack in the wall where there is a wired network. This also will low a higher level of security when necessary where the offices are located.
The location of the wired network will be in the offices, the data center, and the conference room. Those areas will also have access to the wireless network. The computer stations, and the break room will only be wireless. Hardware Components Component Name: Switch – Cisco Small Business 200 Series SLIMMEST-AN Gigabit Switch Rationale for using component: A business Smart SAGAS-50 switch is used to connect to the access points and to the wired network at a reasonable speed. It will be receiving the signal from routers and switches from there floors.
Rough cost estimate: The cost for the Cisco switch is $535. 00 (See references) Component Name: Access Point – (5) Cisco Small Business WAPATO Wireless-N Gigabit Ethernet Rationale for using component: 5 access points will be used to cover all the areas necessary. Rough cost estimate: The cost of each access point is $164. 00 (See references) Component Name: Ethernet Cable (Cat 6) Rationale for using component: Network cables will be used to connect a wired network to the access points and the switch, and create a wireless network. Rough cost estimate: The cost is $110. For 1 000 feet (See references) IEEE Wireless Network Type Apex Designs has identified that an 802. 1 In LANA will be implemented. Access Point Management Apex Designs has decided that thin access points will be used to simplify the management of the wireless LANA. These access points allow the wireless network to be managed from one central location rather than to be configured separately for each access point. Location of Wireless Devices Network Performance Impediment Report (overview of floor plan and possible impediments) The floor plan of the Customer Service Call Center is divided into overall areas.
The central call center stations area which is divided into two by a metal wall which causes interference in the wireless signal from one area to the other and a data center and five offices with walls of low level interference and glass windows. Another area is the Conference room which has a concrete wall between the call center stations and the conference room, and a break room with furniture, metal appliances and microwaves which can affect the wireless signal also. Because the appliances in the break room are confined by a wall, the bevel of interference to the wireless signal to the call center decreases.
There will also be one person in every station, people at the conference center and people in the offices; the number of people moving around can become an impediment as well. Another factor to consider that can affect the signal performance is the electrical equipment and wires in the area; this is not a high level of interference but the possibility of interference remains. Summary list of possible impediments to wireless performance Glass windows (Low) Metal wall dividing the call center stations (High)
Concrete wall by the conference center (High) People moving (Low) Microwave and metal appliances in the break room (Low) Walls between offices (Low) Locations of wireless devices are depicted in Appendix I Wireless Security Policy List of Security Protections MAC Address Filtering Open System Authentication (SAID Beaconing) Shared Key Authentication (WEEP) WAP or WPAD Summary of Protections MAC Address Filtering will prevent unauthorized devices from connecting to the wireless network. Only pre-approved MAC address will be allowed to connect to the wireless network.
It applies restrictions to allow specific clients o pass through based on their MAC addresses. Monitoring MAC address in the network can minimize the chance of unauthorized access but it will not prevent it effectively. This security feature is not completely safe by itself but can be combined with other security features to increase the level of security. Open System Authentication provides authentication without performing client verification. It only verifies that the client is an 802. 11 device compatible with the AP.
Implementation of WEEP security to the Open System Authentication can prevent unauthorized access to the network. Although this authentication does not provide protection from unauthorized access, it prevents devices that are not 802. 11 compatible in the network. WEEP is a layer 2 encryption method that uses RCA streaming cipher. Provides confidentiality by data encryption, controls client access to the network, and provides data integrity by preventing data from being modified by unauthorized access.
Supports 64 and 128 bit encryption process. Upgrading to WAP or WPAD security if clients and APS are compatible with it. WAP OR WPAD by itself is secure enough because it uses a 128 bit per packet eye encryption method which prevents maximizes the security and makes the breaking of the code more difficult. It also authenticates using a pre shared key (ASK) system and performs a message integrity check. So it not only makes the key difficult to break but it also ensures that the information key entered is legitimate.
Possible Network Vulnerabilities MAC Address Filtering – It can be spoofed or impersonated and amateur hackers can bypass MAC filter by spoofing an allowed client station’s MAC address. It can also be difficult to manage if there is a lot of client station. Open System Authentication – It allows access to anyone with an 802. 11 compatible device and does not provide any type of security. WEEP – The IV (Initialization Vector) value is forced to be reused because it is limited to the number of times it can be changed in the frames sent.
