Having a firm understanding of how you’ll manage your wireless network is key. And how you’ll manage the network affects how it will be designed. If, for example, your IT staff is very hands-on, then you’ll need a wireless network with central policy enforcement, whether among the many tools out there such as HPE’s Aruba ClearPass or Cisco’s Identity Services Engine (ISE).
"How you’ll manage your wireless network also affects growth." Ken Beck, Solutions Architect, VectorUSA
If you have simple needs, then you’ll require a simple management platform. Conversely, if your needs are stringent concerning security, you may require something more robust with a larger on-premise footprint. Although weaving in cloud components might entail a lighter on-premise footprint, the idea here is that there are more “nerd knobs” with a customer-owned hosted solution that’s in the cloud, versus a cloud system that's provided by the vendor. This then presents a completely different IT management paradigm. If you’re running your equipment hosted on AWS (Amazon Web Services), it’s your equipment and you own the licensing for it versus a cloud-based platform where you’re consuming the licenses and everything the vendor’s providing. However, you won’t have easy access to hidden knobs.
"The best approach for wireless networks is to thoroughly examine how you want to use such a network." Ken Beck, Solutions Architect, VectorUSA
It’s critical to gain the whole network paradigm and then ask yourself the following key questions:
Collecting all of this information is necessary because it affects how you’ll deliver the user experience from an IT management paradigm. In other words, do you have people in place who are completely hands-off wireless?
If so, that means you’ll need a cloud-based wireless network that you can self-manage and that performs firmware updates and feature delivery automatically.
On the flip side, you may have an IT staff with a great testing philosophy that likes to have their hands on the network. They'll build a development environment and roll out the changes before they push out to production. And they can ensure that during the whole process the user experience is not interrupted while fully communicating all of the new feature enhancements that users will receive.
Consider as well that if you acquire a pre-managed kind of system in a cloud-based scenario and something goes wrong, how will you troubleshoot it?" Ken Beck, Solutions Architect, VectorUSA
Do you understand how all of the parts fit together to troubleshoot it yourself or will you have to make a call to get support? All these things have to be taken into consideration. Just because you might have a problem with one wireless client doesn’t necessarily mean that the whole cloud is down. Or, if you have a few users that are complaining, but they're high profile users, how will you identify the problem’s source? Is it just the access point, or is it the Internet connection at the local site? Who do you blame and where does the fault lie?
The current trend toward central policy enforcement includes the fact that it's easier to implement IEEE 802.1X authentication for security on a wireless network. But once someone has that experience with their wireless devices, they typically want to move that security model or policy enforcement to their wired network. So, by securing all of your wireless and wired traffic with the same centralized policy, you give your users consistent treatment from any device no matter how it is connected to the network. There are specific steps to get there. You can have cloud-based switches now or you can have on-premise-based switches. Again,
"...your IT management paradigm is going to first drive the speed of that decision and secondly, what equipment can be purchased." Ken Beck, Solutions Architect, VectorUSA
How you manage and secure your wireless network also impacts design and dictates which products you’ll use. Not only do those products need to secure your wireless network, but the people on your network also need to use the correct security protocols to the best of their ability. Sometimes though, they may not realize that their computer's been compromised. Through no fault of their own, their computer could be causing several issues on your network including leaking data. Fortunately, there are products that will safeguard your network from these types of problems. To help further face internal threats, employing user behavior entity and analytics (UBEA) through AI will baseline traffic based on specific user profiles. If anything suspicious should occur, like a distributed attack, your IT security personnel is alerted to investigate the unusual activity.
As you further consider your wireless network plans, invest in thinking about your entire IT management paradigm. Do you want everything done for you, or do you prefer to be in contact with your network at all times? Or, because you like the idea of a wireless network, but don’t have the time to interact with it every day, you want hands-on flexibility at least some of the time.