Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

A WiFi-Only Office Network? 155

periol wonders: "I'm the sysadmin for a firm in mid-town Manhattan that is moving to a larger workspace six months from now. The new space is on one floor (100+ users to begin, 200 capacity) and is completely stripped. We've been playing around with the idea of completely wireless office, with no ethernet except to the access points (probably running over VPN for security). Email and files are all accessed locally over the network, and there is a web application hosted off site. Does anyone have experience with this kind of setup? My calculations are that we would need one access point per 15 computers, but I don't know what kind of issues we'll run into along the way. Will we run into unexpected periods of network downtime with a wireless-only setup like this?"
This discussion has been archived. No new comments can be posted.

A WiFi-Only Office Network?

Comments Filter:
  • Odd question. (Score:3, Interesting)

    by Anonymous Coward on Wednesday June 07, 2006 @09:48PM (#15491716)
    "unexpected periods of network downtime"?
    Expect them.
    200 users in a small space over wireless = problems.
    • Re:Odd question. (Score:4, Informative)

      by Lord Prox ( 521892 ) on Wednesday June 07, 2006 @09:58PM (#15491765) Homepage
      ...and remember to put your microwave oven in an RF shielded cage. Hot coffee is not worth network downtime.
      Also look into getting some anti radation / stealth wallpaper. []

      Got Debt? []
      • Re:Odd question. (Score:3, Insightful)

        by ivan256 ( 17499 ) *
        All you people complaining about interference with microwave ovens need to get microwaves that don't suck. Leakage from a good microwave should be approximately nil.
        • Leakage from a good microwave should be approximately nil.
          Operative word: should
          With things like microwave ovens being cranked out en mass in china for damn near nothing, and even "Good" brand names outsourcing to the ssme factories that make trash, there is no way of knowing the leakage rate short of buying, testing, and returning it to store on failure. It is a total crapshoot. In short, the microwave over is just an example of hundreds of common sources of interference. WiFi is damn nice, but can be u

        •     I've never had problems with microwave ovens interfering with wireless networks or phones. Then again, I've always had fairly modern ones.

              The only microwave that I know of is a friends, which is 15 years old. When he walks past it with his old cordless phone, all I hear is static.
        • Re:Odd question. (Score:4, Interesting)

          by John Miles ( 108215 ) on Wednesday June 07, 2006 @10:59PM (#15492034) Homepage Journal
          "Approximately nil" leakage, unfortunately, is still a lot of energy when you're starting with a 500- or 600-watt magnetron.

          See the example screenshot on this page: []

          The microwave that wiped out the upper reaches of the 2.4-GHz band in this spectogram is two rooms away; the WiFi antenna generating the trace on channel 6 is about eight feet away. Most microwaves seem to occupy the higher portion of the band, so if you stick with channel 1 or channel 6, you may not have a problem. Also, some routers (not mine, unfortunately) can send shorter packets that avoid the oven-interference problem altogether.
          • Lucent's Orinoco cards had a check box in the driver for "microwave oven robustness" or something similar. I don't know whether it did much of anything for me, but I suspect that things like this were what changed when it was enabled.
      • Hot coffee is not worth network downtime.

        Oh, yes it is! []

      • Re:Odd question. (Score:2, Informative)

        by Strider-BG ( 103059 )
        This is why I would recommend using 802.11a. Stay far away from 802.11b/g in a a setup like this. Not only are you further away spectrum-wise from common sources of interference, 802.11a allows you 8 non-interfering channels vs 3 for 802.11b/g. This means you can have 8 APs in close proximity without causing interference.

        Your calculation of 15-20 users per AP is a sound one. This will equal ~1Mbps/user of actual IP throughput. Plenty for most people.

        Finally, I would recommend buying an enterprise-class
    • I would second that for a b/g/n case. Even in a quiet business park in the middle of nowhere, no interference from neighbours and a controlled and monitored installation you will get some problems once in a while.

      The most common one is the cheapskate idiot with the home ad-hoc network connection configured turning on his laptop in the office. He walks in and 3 channels (the one configured and the two adjacent) are out.

      Add to that some bad bluetooth implementations, leaky microwaves, etc and you are stuffed.
  • by Avillia ( 871800 ) on Wednesday June 07, 2006 @09:51PM (#15491730)
    "I'm a corporate snoop in mid-town Manhattan that wants to get trade secrets. The target company is moving to a newer and larger office. They've been playing around with the idea of completely wireless office, with no ethernet except to the access points (probably running over VPN for security). Email and files are all accessed locally over the network, and there is a web application hosted off site. How long do you think it will take me to crack the WPA/EAP key, and how big of a thumb drive/media card do you think I'll need to store all that juicy information?"
    • MOD PARENT UP (Score:5, Insightful)

      by Crashmarik ( 635988 ) on Wednesday June 07, 2006 @10:04PM (#15491796)
      Its dead on. Plus there is the matter of other vulnerabilities. Lets say its Firm X bidding on large contract (Engineering/advertising/Media/contract manufacturing) how much do you want to bet theres going to be surprising problems with the wifi as a deadline approaches. Its just too easy if a competitor finds out for them to take a cantena and cause packet storms on the network.
    • about as long as it would take you to crack the VPN (I'm assuming IPSEC or SSL VPN) that the original question mentioned using, probably a huge thumb drive, because you'll need all that data to even attempt to crack the VPN.

      DoS attacks are another thing... but if they use VPN clients on the client computers, data safety shouldn't be a problem.

    • by Anonymous Coward
      If they are depending on the medium itself for security then they would have the same problems if they were using ethernet. Most if not all encryption protocols ASSUME that the medium can be listened to by outsiders, and for most internet traffic that is the case. That is why all your important communications should be secure end to end. Granted a wireless network can make it easier for man in the middle type attacks, but a properly setup PKI should help mitigate those issues.

      An insecure wireless netw
    • by swillden ( 191260 ) * <> on Wednesday June 07, 2006 @10:46PM (#15491983) Homepage Journal

      How long do you think it will take me to crack the WPA/EAP key,

      Which one?

      Assuming EAP-TLS, each authentication is a mutual authentication using public/private key pairs on both access point and device. You'll need to crack the client's auth key to get in. So how long will it take you to crack a 2048-bit RSA key?

      Or, assuming you want to sniff the data, rather than join the network, you need to crack the packet encryption keys. With WPA, that means you have to defeat TKIP, which changes the RC4 key on every packet transmitted, and isn't vulnerable to the related-key attacks that sunk WEP's stupid design. But if this is a new office, there's no reason for them to use the backward compatibility hack that is WPA, they should deploy WPA2, which uses AES for the packet-level encryption. Although both WEP and WPA/TKIP misuse RC4 in a way that enabled the WEP attacks (neither of them discard the first few hundred bytes of the keystream after a rekey operation), AES doesn't have the same potential weakness as RC4. Since the best known attack against AES is brute force, you're going to have to search a 128-bit keyspace. How long will that take you?

      Given WPA2 and, say, EAP-TLS, the best known attacks on the WiFi security require breaking either RSA or AES. Good luck with that.

  • by 0racle ( 667029 )
    Leave it unsecured so that everyone can enjoy the rewards of your hard work. Thats what all the cool kids do.
  • ....on the intensity of your network activity, how many people stream the NCAA playoffs at their desks, proximity to access points, the amount of time you have to setting up the network (do it fast or do it right?), and many other things. Does your firm have more laptops vs. desktops? If more portability is necessary, then a wireless network makes more sense. If you've got more desktops than laptops, then you might be better off running cables.
  • by crazyjeremy ( 857410 ) * on Wednesday June 07, 2006 @09:54PM (#15491746) Homepage Journal
    Wait... if your corporate office is anything like ours, take note: WIRELESS LAGS FOR GAMES.
  • ...STUPID (for reasons already mentioned sarcastically in other posts). WiFi is simply not that reliable, period. Connection stability can be absolute shit, and then you have to worry about encrypting the connection as well. It is simply just not a good idea at all.
    • Maybe unreliable :-) (Score:5, Informative)

      by spagetti_code ( 773137 ) on Wednesday June 07, 2006 @10:44PM (#15491973)
      We have several offices.

      We put in 100% wireless at one when we moved. Saved us a bundle of time, but there were dead spots all over the place. Lots of people had laptops and moved around with them - some offices had good connectivity, some didn't. In hindsight, we didn't have enough access points to provide good coverage. We eventually switched to wired due to user frustration.

      In the next office we learnt. Fewer people have laptops and move around. Everyone fixed is wired. Laptops have the option and using IBM's s/w on the thinkpads, they seamlessly switch when you unplug to move (in fact, some choose to stay wireless all the time). We carefully chose the locations of the APs by testing. Throughput is down but not noticeably so.

      What to learn:

      Think of access points in terms of distance between them and coverage as well as number of people connecting. And figure this out by testing, not by reading manuals. Walk the floor with a laptop and test every office, nook and cranny - there are lots of unexpected dead spots.

      Security is not a problem - WPA is a piece of cake to set up and (as yet) unbroken.

      So it can work.
    • There's a really neat solution available for most of the security, reliability, and speed issues involved in Wifi networking. It makes your network almost impossible to snoop without being in the same actual room with your equipment, eliminates most of the interference and frequency contention between nodes on the network by establishing redundant exclusive channels through your local area, and can boost intraoffice speeds to as much as 1Gbps with modern desktops and laptops. It does cost a little more th
  • by ivan256 ( 17499 ) * on Wednesday June 07, 2006 @09:57PM (#15491758)
    The article you linked to says they needed one access point per 10 VoIP calls. I'm not sure how you think that 15 computers sharing an access point will be a good idea. Wiring a completely stripped office space is not that expensive. For 200 users you are probably talking in the $30-40,000 range. In exchange for putting in wires, you're going to get overall throughput that will make any wireless configuration you can come up with seem archaic in comparison. To top it off, if you go all wireless you're going to have an administrative nightmare dealing with the interference that exists now, much less the interference that will come when somebody finds the next killer app that uses the unregulated spectrum that you decided to bet your job on.

    Nope, for workstations in the double digits, with no walls yet in your way, you'd be silly to try wireless for anything but phones. If you do decide to bet the farm on wireless, make sure it's in licensed spectrum that you have all to yourself.
    • Hell, I'll cable it for $20K... I generally work on $70 per RJ45 outlet, although that doesn't include a switch and doesn't cover very long runs (generally more than 30 meters).
      • by Optic ( 6803 )
        For that price, do you certify to cat5 spec and provide documentation on each drop to that effect?
      • Three jacks per user (phone, computer and spare) 600*$70 == $42,000

        You're at the high end of my price estimate. $70 per jack in bulk is robbery.
  • Wireless LAN (Score:5, Insightful)

    by JWSmythe ( 446288 ) * <> on Wednesday June 07, 2006 @10:05PM (#15491803) Homepage Journal

        Sure, you can do it.

        Should you do it? Probably not.

        I'm guessing your users have some sort of expectation of security. By going wireless, you should treat every user as if they are working remotely. Every connection should be treated as if it was compromised.

        If you are doing anything with security in mind, assume I'm sitting on the next floor down, packet sniffing everything. I'll eventually masquerade as one of your users, and I will get through whatever layers of security you think you have in place. As far as that goes, I may on the next floor up, or in the next building with a high gain antenna pointed at one of your AP's.

        For a secure corporate network, wired is the only way to go.

        For a home network, where it's your kids chatting with their friends about who's dating who at school, and you browsing porn sites at night, sure wireless fine. Who cares if someone breaks into your network there.

        Spend the extra bucks. Hire someone to drop lines to all the desks, and hook everything up to a good switch. Double check their work to make sure there was nothing added to your network.
    • By going wireless, you should treat every user as if they are working remotely. Every connection should be treated as if it was compromised.


      There are other reasons not to use WiFi, but security is not one of them, not any more. Security of a WiFi network using WPA2 with an authentication server (don't use PSK mode -- not that it's weak, but it's hard to manage) is significantly more secure than a wired network. With a wired network anyone that comes into your building and finds an open port can

      • Oops forgot one thing: WiFi networks are inevitably vulnerable to DoS attacks, and no crypto is going to change that. So if that's one of the concerns in your threat model, you need wires. Data security, however, is not an issue.
      • ... but ...

        You still have an external access to your network. If someone drops their smart card, or whatever they're using for security (or it's lifted off them in the garage or elevator), your hacker could have free roam of the network for the night.

        Physical access always has it's concerns. Without physical security, you have nothign. Besides finding a free port (you didn't disable all the unused ports?), someone could wander in and find a PC that was left on and logged in
        • If someone drops their smart card, or whatever they're using for security (or it's lifted off them in the garage or elevator), your hacker could have free roam of the network for the night.

          As long as they also dropped their password, yes. The card's no good without that. And the hacker would have free roam until the card was reported missing and the certificate revoked which is likely more than one night.

          Besides finding a free port (you didn't disable all the unused ports?),

          I'm a security consulta

      • With a wired network anyone that comes into your building and finds an open port can hop on your LAN and go roaming around.

        Not if you take the same measures to secure your wired network that you do your wireless network. Most enterprise switches can do 802.1x authentication via certificates to a RADIUS server, which is more than secure enough. However, even without port-based security, a switched wired network is still more secure than wireless. It's almost impossible to sniff traffic off a switched n

        • Most enterprise switches can do 802.1x authentication via certificates to a RADIUS server, which is more than secure enough.

          Yes, they can, and it's a good idea that I've never seen implemented.

          It's almost impossible to sniff traffic off a switched network beyond broadcast information.

          That depends on the switch, and it's fairly easy to put most switches in broadcast mode simply by spamming them with packets from multiple MAC addresses.

          Wifi, due to its shared nature, is a traffic sniffers dream, mu

    • "If you are doing anything with security in mind, assume I'm sitting on the next floor down, packet sniffing everything. I'll eventually masquerade as one of your users, and I will get through whatever layers of security you think you have in place. As far as that goes, I may on the next floor up, or in the next building with a high gain antenna pointed at one of your AP's."

      I agree with what you're saying in your post, but this part is wrong. Wireless communications using anything other than WEP is curre
  • Why would you think that this would be easier to implement that hanging wires? If you got some of that cable cover stuff, even in a stripped office the ethernet would be invisible, and SO much easier to maintain. Of course if you get paid per call, it makes lots of sense to setup wifi, as you'd be setting yourself for lots of complaint calls (at $80-$120/hr that adds up to a LOT of cost for wireless)
  • by Anonymous Coward
    Why would you want 54 meg SHARED, as opposed to 100 meg or gig with the wire??? Seems like a step back to the early 90's (10 meg hubs, baybee!)

    • Oh, it's worse than that.

      With wired, you can break up segments of the network and run routers, so individual work groups can have 1Gbps between their machines, shunt huge files around, but not impact the rest of the network.

      With wireless, you've got 54mbps potentially shared across the entire userbase. And as soon as anyone tries to use an 11b card, the entire network gets slower.

      Really, this is the dumbest idea I've read about since I last read comp.risks.
  • Delivery Trends (Score:4, Interesting)

    by lunk ( 80231 ) * on Wednesday June 07, 2006 @10:12PM (#15491839) Homepage Journal
    Tv's first started wireless and are now wired.

    Telephones started out wired and are now wireless.

    Wireless networking is a step backwards from a switched hardware fabric. Productivity will be much faster when a file, such as a large presentation, can be trasmitted and delivered in gigabits a second, instead of potentially single digit megabits.
    • Why the heck was the parent modded funny? Although I disagree about the "phones going wireless is a step backwards" argument, the part pertaining to networking is dead-on. For example, when I'm grabbing the latest OS update from the local server to a client machine, downloading via ethernet is sometimes TEN TIMES faster. And when you're trying to update thirty machines at once, going over the wires is definitely a Good Thing(TM).

      I think the original question needs to have a bit more specificity: what kin
      • I disagree about the "phones going wireless is a step backwards" argument,

        Wireless phones have been a step forward only in convenience. The quality of the service they provide is a huge step backward. Back in olden days, there was a huge marketing campaign credibly focused on the promise that you could even hear a pin drop at the other end of the (fiber) line. Today one of the biggest telecom campaigns is built around a guy repeatedly asking if the person on the other end of a wireless connection can h

  • Ethernet (Score:5, Insightful)

    by nukem996 ( 624036 ) on Wednesday June 07, 2006 @10:13PM (#15491848)
    As many others have mentioned the speed and security issues I think there are two things your not thinking of. First of all im not sure how your office is setup but most, if not all, of your machines already have an ethernet card in them. If you went WiFi you would have to buy an ethernet card for each machine which can get exspensive. The second thing is that if anyone in your office or any office around you is using anything on the 2.4ghz freq(such as a wireless phone) it can interfer with your WiFi network and cause disconnects. Its much more of a hassel to deal with WiFi and I would STRONGLY suggest to stay with ethernet.
  • Absolutely not. (Score:5, Informative)

    by jacobdp ( 698004 ) on Wednesday June 07, 2006 @10:18PM (#15491860)
    Wireless performance is shit. Here's the problem: Sure, 802.11g gives you a theoretical peak 54 mbps. However, not only do you never get more than 50% of it, that bandwidth is shared among every user on the network and is half-duplex. It's like having everyone on a single hubbed network - once a buch of users all start communicating at once, you get collisions, and performance drops. 1 user on wireless is fine. 5 or 10 is questionable. 50 will be like molasses.
  • Bad Idea (Score:2, Informative)

    by Anonymous Coward
    A completely wireless network is a bad idea for numerous reasons.
    1) Reliability. I have yet to find a decent AP that doesn't need to be power cycled every so often to get things working again (although I haven't ever used a business quality AP)
    2) Speed. As far as I know, pre-N technology hasn't been fully adopted and the best you can do is 802.11g (54Mbps) basically half of what you would get with wired (100Mbps). Granted you rarely ever get the full 100Mbps, but you rarely ever get the full 54Mbps eithe
    • although I haven't ever used a business quality AP

      Maybe you should []. There's quite a difference.
      • Thanks for pointing that out. A lot more pricey than your standard off the self AP, but more of what I would expect out of an enterprise solution.
        I'd love to get my hands on one.
    • "Speed. As far as I know, pre-N technology hasn't been fully adopted and the best you can do is 802.11g (54Mbps) basically half of what you would get with wired (100Mbps). Granted you rarely ever get the full 100Mbps, but you rarely ever get the full 54Mbps either."

      It's worse than that. The CSMA/CA collision management protocol used by 802.11 is inherently less efficient than CSMA/CD used by wired Ethernet. The throughput of an 802.11 system will always be a lower fraction of the signaling rate than even
  • by Slashdot Junky ( 265039 ) on Wednesday June 07, 2006 @10:24PM (#15491881)
    I'm certain that your considering an all-WiFi network or a wired one as a possible cost saver. What the cost of supporting 100-200 simutaneous VPN connections with client licensing and VPN server hardware? How does this compare with implementing a wired network?

    Your also never going to get the throughput that a wired connection can provide. Another thing to consider is the cost of going wireless will be wasted money just as soon as your company realizes that doing so was a big mistake. I'd bet that they would eventually come to this conclusion.

    Just use wireless where it makes sense like conference rooms and common areas and then secure the hell out of it.

    -Slashdot Junky
  • Best Buy did it (Score:3, Insightful)

    by Fish Heads ( 642181 ) on Wednesday June 07, 2006 @10:25PM (#15491884)
    I was told by a local Cisco engineer that when Best Buy built their new HQ in a southern suburb of Minneapolis a few years ago they went wireless in a bunch of the areas to save on future recabling. They put them in high density and low power... so talk to your Cisco rep and ask them about that. If nothing else they can chat with the Minneapolis office about it...
  • by JimZim ( 917146 ) on Wednesday June 07, 2006 @10:27PM (#15491890) Homepage
    You needn't expect any network outages above and beyond the standard switch, AP, and WLAN card failure rate.

    The main consideration in your plan is the 802.11 host density. The 802.11 spectrum is divided into 14 partially-overlapping channels. Each channel in 802.11g provides a maximum of 54Mbps (this is theoretical- actual throughput is closer to 25-40Mbps on a good day). Even by configuring channel selection for an even distribution, you'd still end up with at least 7 hosts per channel. Because 13 of those 15 channels would be surrounded by channels with statistically-equal amounts of traffic, you can't guarantee more than 3.8MBps per host (perfect theoretical world), or closer to 1-2MBps in practice.

    While 2MBps is fine for internet downloads, you'll experience a noticable delay accessing any sizeable files on network shares, or moving email attachments around.

    Additionally, because of the overlapping nature of the 802.11 channels, and the leaving-much-to-be-desired spectral filters in most 802.11 stations, when any one user is transferring a large file and maxes out their channel x, expect all the users on channel x-1, x, and x+1 to experience sluggish performance. Given at least 7 hosts per channel, and at least 2-3 channels affected per burst, any burst large traffic will impact no fewer than 21 users on the network.

    In short, yes, you could do it, but count on substantially poorer performance than a wired solution.

    And as with all professional-grade wireless networks, accept absolutely nothing less than a strong per-host-authenticated VPN tunnel.

    Good luck!
    • You needn't expect any network outages above and beyond the standard switch, AP, and WLAN card failure rate.

      Unless, of course, someone wants you to have outages. It's relatively easy to spit out enough garbage RF to disrupt a wireless network. I don't know if your company is the kind of company that might have that kind of problem, but wired solutions are a lot more difficult to disrupt.
    • You needn't expect any network outages above and beyond the standard switch, AP, and WLAN card failure rate.

      Well, that is unless you get a lot of noise inside the 2.4Ghz band, either inadvertantly or on purpose from a malicious entity. 2.4Ghz cordless phones are notorious for using way too much of the spectrum, and polluting it with all sorts of traffic that interferes with WiFi 802.11b/g signals. Plus there is always to possibility of an attacker simply injecting all sorts of high-powered noise in the

  • by Anonymous Coward on Wednesday June 07, 2006 @10:29PM (#15491900)
    These days, while WiFi is a standard feature on most laptop, wired Ethernet is a standard feature on almost every computer. At least 100 Mbps, and even Gigabit is commonly integrated into the motherboard. So if you go wireless, you'll probably end up having to buy a lot of extra NICs for all the desktops, not to mention the installation hassle of replacing all those NICs if you decide to deploy 802.11n or something later.

    In contrast, there's probably no need for more than 100 Mbps switched Ethernet in a typical office setting. It's also easier to deploy such an upgrade piecemeal if it does become necessary. Wireless solutions usually have backward compatibility modes for your legacy devices, but they tend to really drag down performance, too.

    Another thing to consider is to not only consider interference with other networks, but within your own network. Since 802.11 is a CSMA-based protocol using a single shared medium, it really only works well for communication to/from the wired LAN. Communications between wireless nodes runs into the same problems unswitched Ethernet LANs run into with access contention, even if you blanket the floor with access points.

    In particular, communications between two nodes using the same access point will usually be more than twice as fast in ad hoc mode than having the access point relay the packets. A smarter WiFi standard would be able to command stations to communicate directly, or use alternate channels for send/receive to avoid contention, but that's apparently not being considered.
  • Yup, bad idea (Score:5, Informative)

    by RebornData ( 25811 ) on Wednesday June 07, 2006 @10:30PM (#15491903)
    You can't just add access points to increase capacity... the limitation is the radio frequency space available. Remember there is only room for 3 wifi channels (1, 6, 11) in the 2.4GHz spectrum. Add a forth into the same space, and you're just stepping on the others and causing interference. Of course I'm assuming 802.11b/g here, as 802.11a has 20 distinct channels.

    The other issue that people have mentioned is outside interference. Microwave ovens can be a real bummer. So can the little cordless 2.4GHz headsets executives seem to like. And you better hope nobody sets up a 2.4Ghz video sender for their security system in the vicinity. Or a nearby cell tower, or radio station. You could be working perfectly for a year, and then suddenly have your network permanently broken by something completely outside your control or ability to change.

    There's a reason you don't hear of many people doing this.

    • Yes and no. There are ways to do incredibly high density deployment of Wi-Fi. You have to get the channels spread just right (I don't remember the exact configuration, but the channels do overlap, and if memory serves, the advice was something like no adjacent channels closer than 3 APs away, and no second-adjacent channels less than 2 APs away... or something like that.

      More than that, you have to reduce the transmitter power on the base station's radio to such an extent that each user can only see a ve

    • You know, there is a ham band that shares the 2.4 ghz spectrum. Specifically, it covers 2300-2310 and 2390-2450 Mhz. It wouldn't be out of the question for someone with an interest in ATV to slap an amplifier (and filter, and ID system, of course) on one of these off-the-shelf TV senders and be running as much as 1 to 5 watts. There would little if anything you do about it, and it could wipe out your entire office's wireless network if it were located in an adjecent building or rooftop tower.

      I can't em

  • I provide helpdesk support for an environment with laptops that offer both wired and wireless connectivity. Attempting to authenticate to the domain, or use remote desktop software, is "untimely" at best, and nearly impossible for many occasions. A script that would take less than 10 seconds often drags on for 3-4 minutes when the target system feels the session should be routed over the WLAN.

    Hey, no problem, you can connect using the IP assigned to the wired NIC, right? Good luck when the script only accep
  • Running wires (Score:5, Insightful)

    by ximenes ( 10 ) on Wednesday June 07, 2006 @10:47PM (#15491986)
    There are two reasons I see for going entirely wireless:

    1. The ooh factor
    2. Ease of installation

    Reason #1 is of course no reason to do anything in a business environment, although it is often tempting. Think about things realistically, don't get too fancy and regret it later. New wireless standards will come out, and you'll want to upgrade to them. Since there is a new wireless standard brewing right now, and there is not likely to be a new wired standard for some time (10GB is probably 3-5 years away from being affordable), it would be wiser to invest your money in a stationary target.

    Reason #2 is also not a good reason for doing this. You have a totally empty floor, so everything needs to be run to the various cubicles or offices that are you going to erect. That means at least power, maybe phone lines, and who knows what else. It is very little extra effort to do the networking at the same time, even taking into account that the lines shouldn't run in the same conduit. As long as a computer has to plug into a power source, which they always will, they may as well plug into a network interface as well. Sure you could also put wireless in here and there, but using it exclusively just to save on the effort of cabling is a bad move. I predict that you'll wind up buying wireless bridges for lots of things (printers?)
  • I'm one of the 20 laptop users in my office of 60 or so with 2 to 8 clients in our office at any one time. Our biggest issue is with the dsl going tits up at 5AM when the cranky old farts arrive in the office and stew until I arrive to reboot the dsl modem at 7AM. I put a xmas light timer on it to reboot it every night at 2AM.

    The wireless is working fine for now with only me (vpn to our network) and a few clients and two printers. I'm adding two d-link range extenders this weekend to test for awhile befo
  • No. (Score:3, Insightful)

    by idiot900 ( 166952 ) * on Wednesday June 07, 2006 @10:50PM (#15491998)
    You're in midtown Manhattan and you want to use wireless for your basic intra-office connectivity? You are nuts. The moment somebody walks by with a cordless phone or some other device sharing that spectrum (and it *will* happen) your network will have problems. Not to mention the security issues. Listen to everyone else here and do real wiring.
    • Besides just someone "walking by", Midtown Manhattan has a much higher office space density than people realize.

      Remembering the limitations on bandwaidth and users that previous posters have mentioned, realize that you may nto even have complete control of the spectrum in your vacinity. When I power up my laptop in a relatively light residential area in manhattan I see 6 to 7 networks that I can reach (I assume a fair number of my neighbors have APs set up ... FYI only 2 are "open").

      Assume that buisness de
  • Plan on spending an awful lot of money to get this network up and running and to keep it that way. You aren't going to be using Linksys or D-LINK garbage here if you want any kind of reliability. Look to the larger wireless AP builders - Lucent, Sonicwall and Cisco come to mind, but they might not be the best of breed, which is what you need. Expect to spend more time (and therefore money) maintaining this network compared to good old copper and a couple hundred ports of good old Gigabit Ethernet. It's up t
  • by TreeHead ( 553584 ) on Wednesday June 07, 2006 @11:09PM (#15492070) Homepage Journal
    I install wireless networks professionally and I can pick out a handful of factors that will make or break your decision:

    1. mid-town Manhattan
    2. The new space is on one floor...
    3. ...100+ users to begin, 200 capacity...
    4. ...(probably running over VPN for security)....
    5. ...there is a web application hosted off site.

    Issue 1: RF Interference
    Addressing item #1, how much square footage do you anticipate these 100+ people using? According to item #2, you intend to accomplish this on one floor, and given that you are in mid-town Manhattan, I imagine a small office footprint.

    At first blush, this sounds like a recipe for disaster--at least as far as I understand what you are doing. First of all, just being able to service X number of wireless users per access points is not enough. You have to consider how the RF field being put out by each AP will overlap others. In the US there are 11 channels for 802.11b/g and only 3 do not overlap (at least enough for it to matter practically); too much inter-accesspoint overlap will cause a sever drop in throughput--APs will be fighting each other's RF output. You may find yourself at the very least having to dial back each AP's power output significantly just to get clients to associate reliably. Also bear in mind that given you will be on a single floor, your RF output will extend three dimensionally to upper and lower floors if you are using directional antennas. This is not just an issue for your neighbors, but also with multipath distortion.

    Issue 2: Latency
    You mention that your network will "probably running over VPN for security" which will add to the already high latency of a wireless network. The overhead involved in setting up a connection on a wireless network and transmitting in a timely manner is exhorbitant by comparison to Ethernet. Add to that an even higher overhead for a VPN (even hardware accelerated) and you've got a recipe for disaster on all but the most tolerant user base. Item #5--your off-site web app--is likely to cause serious headache.

    Latency will be a major factor if you intend on doing any amount of VoIP or video conferencing, and this traffic will require traffic shaping too.

    Issue 3: Throughput
    The reality is that we are still in a "Pre N" world. The very maximum you can squeeze out of your 802.11g network is around 22Mbps overall. And here's another fact that a lot of admins don't know: as soon as you associate 1--just 1--802.11b client to that g network, your total maximum throughput drops immediately to 8Mbps. Compare this to Gigabit Ethernet in performance vs. cost.

    My suggestion is to design a wireless network that will properly cover the office space, but cable Ethernet drops for key locations such as stationary offices and conference areas that are likely to see a lot of consistent use. Users should be able to roam about the office, but have a drop at their disposal if their application demands it. Your users will be happier, you will be happier, and you won't run the risk of cooking your staff with all those microwaves. :D
  • by toybuilder ( 161045 ) on Wednesday June 07, 2006 @11:10PM (#15492073)
    You don't say why you don't want a copper plant -- but it seems like you're giving network wiring a bad rap. Do you intend to have laptops assigned to everyone, and intend for them to roam around the office all day? (I'm picturing a scene of dogs wandering around at a dog park as I write this!) If the users are primarily sitting at their desks and are using "desktop" machine, there doesn't seem to be much of an advantage to go wireless -- in fact, I'd say that you'd have more headaches.

    I'm assuming that you want to do this because the userbase is mostly laptop-based.

    You definitely will spend a lot of money on getting real wifi equipment to do this roll-out. At the very least, you will want to have access points that will handle WDS correctly so that people can roam around from AP to AP. You will want to have central configuration management, performance/usage monitoring, and security management. (One product off the top of my head that might be useful: WiFi WorkPlace [].)

    Note that with wifi, each access point acts essentially like a shared hub -- and the throughput is less than half ot the signaling speed -- so your 10 users on the same 54-Mbps AP will be on an effetive "20 Mbps" hub... Latency is higher, too. Yuck.

    In order to keep the footprint of each "hub" (AP) small to ensure reasonable performance, you will need a lots of low-powered access points. And hope that your client machines are running bug free drivers --- back when I used to play with linux wlan drivers, we sometimes had a client go crazy and pump up the transmitter to max power in order to associate with the AP on the other side of the building -- and stepping on a lot of traffic in the process.

    Good luck!
    • I'm assuming that you want to do this because the userbase is mostly laptop-based.

      Actually, we (the college where I do tech support) do have an environment with a lot of laptop users, and we're in the process of making them almost ubiquitous. But we still have a fully wired network and have no intention of changing that. When a student sits down in a classroom and hauls out his 'Book, he plugs it into the wall. We might have to settle for wireless in the antique granite building we're expanding into n
  • 1 AP per 15 users? (Score:3, Informative)

    by ocbwilg ( 259828 ) on Wednesday June 07, 2006 @11:24PM (#15492131)
    So if you're figuring on 1 AP per 15 users, you're going to be needing 7 APs to start with, and possibly up to 14 eventually. But if those 15 users have to share the bandwidth on that one AP, they're getting (on a really good day) about 3 Mbps of bandwidth if you go 802.11G. If you're wired for only Fast Ethernet they're going to be getting more than 20 times that.

    The second question is the physical layout of the place. If it's a big empty warehouse type of place, there will be very little physical interference in the form of walls and such. If you are setting up a cube farm there will be even less, and the people will be packed fairly tightly into that space. If the APs are that close together, you're going to have lots of coverage area overlap, and with only three non-overlapping frequency ranges you will undoubtedly have roaming and AP association issues. You may plan on 15 users per AP, but that's just an average. If 30 of your users associate with one particular AP because it has the strongest signal, you will get lots of complaints very quickly.

    Then there's the numerous security and cost issues which have been covered in other posts.
  • All your competitor needs to do is bury a jammer [] in the front lawn. Presto: complete network blackout. Thousands of dollars in lost productivity until someone finds out what the heck happened. Any IT admin knows that a catastrophic network failure is bad for job security.
  • Terrible idea! (Score:3, Interesting)

    by misleb ( 129952 ) on Wednesday June 07, 2006 @11:37PM (#15492205)
    "Wires where you need it. Wireless where you'd like it." "It" being network access, of course. Wireless should be treated as a convenience in an office environment. It is not reliable. Especially in a high density place like Manhattan. You never know when someone is going to stomp on your channel space. And with all those radios (enough for 1 per 15 people), it will happen. Another consideration is performance.
    I don't care what kind super-duper-double-data wireless standard you run, it'll never perform like a good ol' fashioned 100Mbit full duplex switched network. And you won't have the option to go 1000Mbit where you need it unless you do some ad hoc wiring, which always turns out bad.

    Just spend the cash to wire the office properly with good labeling and patch panels. You won't regret it. There really isn't any room for debate here. You'd be a fool to go all wireless.

  • I haven't used this part of their products, but I am impressed with their wireless APs and controllers...especially for client density and VoIP.

    Meru uses their radio switches and bonds multiple channels of wireless to create backbone trunks between APs. You end up with around 150Mbps full-duplex if you used 3 channels for the backbone...a bit better than 100-Base. These trunks are encrypted, and the wireless path between AP and controller are also encrypted. Keep in mind, this path is between APs and rad
  • My office was migrating to wireless when I started working there. Some people are using it, but a lot of folks, myself included, won't touch the wireless network. The issue is that we work with a lot of large files that are stored on the server, and as soon as you get more than a couple people using them at the same time everyone's workflow starts slowing down. I suppose it wouldn't be so bad if Slashdot posted more articles every day, but as it stands I have better things to do with my workday than watc
    • I suppose I can imagine a situation where your server has 5 or 10 nics, or it's got a gigabit pipe to the same switch you've got 100 mbit to...

      But with a normal setup -- one server with one 100 mbit wire to a switch -- that's ultimately only 100 mbit full duplex vs 54 mbit half duplex. The bandwidth ends up being shared anyway.

      I'm sure it's still an issue. Certainly, wireless seems to deal very poorly with interference -- the wireless I'm writing this on is practically useless in some places around the ho
      • In my experience, the bandwidth I get on a wireless network is rarely as good as advertised. There are simply too many things - from appliances generating interference to walls - that degrade signal quality. And my somewhat uninformed understanding is that one computer with a poor signal can degrade network performance for everybody, because they all have to wait longer for that computer to finish transmitting a packet.
  • To best secure your network you'll have to block unwanted RF getting in and out, aka a Faraday cage [] and then all of the users will start bitching that there mobile phones don't work.

    From my experance I've found wired network far cheaper in the longrun. The cable costs maybe high to lay but once in maintance and upgrade costs are low. Were with wireless support costs are high and ongoing. We only use wireless as a bandage till the wires are in.

    If you want really secu
  • by ejoe_mac ( 560743 ) on Thursday June 08, 2006 @05:39AM (#15493222)
    So you need to look at a VoIP PBX / phone setup with a built in switch - think a 3Com NBX plus 3000 series phones. Then you would attach the local workstation to the phone. Wifi isn't going to work for everyone, but until then, use the PBX as the reason to run Cat5 for something. Any phone location then becomes a phone + network location. PoE switches from Linksys are the best bang per buck, but keep in mind the power load on the switches isn't expandible like more expensive switches. Wifi will cover lots of people, but in the end the wired workstations will be the least troubled.
  • by PapaZit ( 33585 ) on Thursday June 08, 2006 @07:46AM (#15493459)
    A lot of people have correctly claimed that using wireless networking permanently for all employees is a bad idea, and they're right.

    Wireless does have its place, though. You can set up a wireless network very quickly. That can be important if you need to start moving people to the new location before the contractors have finished wiring. It's also good for meeting areas where people will be bringing laptops. That is, it's good for -temporary- network connectivity. So, even if you (correctly) walk away thinking that a completely wireless office is a bad idea, don't leave wireless out of the plans completely.
  • Wireless is great for convenience. I love being able to wander around somewhere with a laptop and read Slashdot. But as soon as I need to get something done, I sit down at a wired desktop. Wireless is still too slow and unreliable to be a replacement.

    So, go ahead and have wireless all over, especially in meeting rooms where people are likely to bring laptops. But make sure you secure it, and use wired for anything not likely to move. Even if people are using laptops, they already have to be plugged int
  • First off, I hate wireless in all shapes of forms (Bluetooth is turned off on my phone, my laptop's wireless is permanently disabled and the only 802.11b AP that I own is for purely educational purposes). However, with that in mind, I regularly cater for small suburban schools in the Boroughs of Greater London. To give you an idea, we talking about a 10-classroom school backing onto suburban terraced houses in some quite nice areas. Lovely big fields and play-areas, main roads etc. but also a few dozen s
  • Overall, a bad idea (Score:2, Informative)

    by notarus ( 216298 )

    An all wireless network for a 100+ person office may be buying a lot of trouble. For example, one user running a multicast app (think "ghost") means the whole network will become unavailable. One user with a 2.4Ghz phone or someone making popcorn in the corner kitchenette and you're going to have a lot of drop outs. One user with a PDA running B and your shared 22Mb/s (max) tput G network suddenly drops to 14Mb/s or less.

    I'd definitely go with wired jacks with wireless available for convinience.

    If you're de
  • We did something similar... the building we moved into in February had only old 10Mb and coax wiring. In CA, if you run new cable, you also have to pay to demo the old cable. We decided to skip the cost and go all wireless. Basically we built a server room and ran two cables to each of 20 locations. There's an access point at each location and a spare cable to add more. Additionally, each was run with power-over-ethernet to avoid the electrical needs in the ceiling (oh yeah, all our APs are mounted in ceili
  • Don't do it! I agree with a lot of other posters here, that wireless is great for those areas that need it, but don't try to do an entire office this way - you may not get the results you want.

    At my last employer, they remodeled the entire office, and decided to go with "wireless everywhere". This was about four years ago. They decided to use some nice 802.11a & b equipment, put in wireless cards in all the computers, and made sure all the laptops had wireless. This was to replace an *already set up* Ca

  • Take the opportunity you have to run Cat6 to the whole floor. Then you can easily hook everything up to a Gigbit switch either now or in the future. Your users will love that. Otherwise they will curse you everytime the network flakes out, even it it's not your fault. You have a great opportunity to get ahead of the mainstream for networks and do it very cheaply -- take it.

... though his invention worked superbly -- his theory was a crock of sewage from beginning to end. -- Vernor Vinge, "The Peace War"