Wireless IP, The Killer Application !?

My website and thesis captures the essential elements in the convergence path of wireless networks and Internet protocols resulting in the new paradigm of "Wireless IP." It covers all the important 1G/2G cellular technologies that I have seen in the past decade, along with 3G and 4G, Wireless Local Area Network (WLAN) technologies,including modifications required in protocols, architectures, and framework in virtually every area such as QoS, security, mobility, and so on.

The thesis can be useful for anyone who is interested in the convergence of the wireless and IP networks and for them who need to understand how packet data services and IP work in the wireless world. Furthermore, the thesis represents my views and opinions , based on my technical understanding and experience in these areas

Because the increase of higher system capacities and data rates provided by latest and proposed wireless network technologies, and their closer integration with the Internet enabled by the IP technologies used in these wireless networks are enabling many new ways for people to communicate.
Also people on moving vehicles (e.g. cars, trains, boats and airplanes) may access the Internet or their enterprise networks the same way as when they are at their offices or homes. They may be able to surf the Internet, access their corporate networks, download games from the network, play games with remote users, obtain tour guidance information, obtain real-time traffic and route conditions information.

Wireless networks are evolving into wireless IP networks to overcome the limitations of traditional circuit-switched wireless networks. Wireless IP networks are more suitable for supporting the rapidly growing mobile data and multimedia applications.
IP technologies (such as Mobile IP) are the most promising solutions available today for supporting data and multimedia applications over wireless networks. IP-based wireless networks will bring the globally successful Internet service into wireless networks. The mobile or wireless Internet will be an extension to the current Internet.

Advanced mobile data and multimedia applications such as; MMS, play games in real time with remote users, Voice over wireless (VoIP calls) and broadcasting of audio and video advertisements to mobile phone users such as: advertiser supported phone calls, Wireless IP-enabled radio and watch TV, will grow very fast. New IP broadcasting techniques such as DVB-H (Digital Video Broadcasting for Handhelds), will make it possible to bring video broadcasting services to handheld receivers.

In particular, the growth of advanced mobile data and multimedia applications such as Voice-over-IP (VoIP) help increase multimedia traffic over the wireless networks significantly. Thus, Wireless IP can also be a killer sometimes. Therefore future Wireless IP networks can only be able to service those mobile data and multimedia applications without congestions in the Wireless network, if those Wireless IP networks are ready for it. In other words, "those networks need to be controlled (e.g. by QoS parameters or other specific protocols) end must have enough bandwidth to support all this types of services. Wireless networks and the IP technologies within those networks have to be reviewed and evolved constantly.

Remark these words:
The traffic on broadband wireless networks will be increasingly IP

Archive for Home LAB


Aruba WLAN Home LAB setup (follow up)

Posted by: | Comments Comments Off on Aruba WLAN Home LAB setup (follow up)

Phase I: IAP (Instant AP) – a controllerless WLAN solution:

To get an Aruba Instant WLAN up and running you need to configure one Aruba Instant AP over the air using a simple wizard-driven process.

To configure additional Aruba Instant APs, simply connect and power them up. The first configured AP automatically becomes a primary Aruba Instant Virtual Controller and configures all the other APs.

Offering over-the-air provisioning, there’s no need to modify an IP address to configure Aruba Instant. Just power up and connect an Aruba Instant AP to the LAN, and open a PC browser to automatically access the Aruba Instant user interface login page.

* Fully distributed architecture:

In the event of a primary Virtual Controller failure, another Aruba Instant AP automatically takes on the role with no disruption. The primary Virtual Controller operates like any other Aruba Instant AP with full WLAN functionality

The Aruba Instant product family consists in this case IAP-135.
The IAP-135 maximize mobile device performance in the most extreme high-density Wi-Fi client environments.

Aruba Instant is the only wireless networking solution to combine high-end enterprise WLAN capabilities with affordability and unmatched configuration simplicity. It requires no ongoing service fees, no additional license fees, no management appliances and no external controller.

** Adaptive Radio Management:

Aruba’s signature Adaptive Radio Management (ARM) technology automatically manages the WLAN’s 2.4-GHz and 5-GHz radio bands to optimize Wi-Fi client performance and mitigate RF interference. It also ensures that each Aruba Instant AP uses the optimal channel- and transmit-power for its RF environment.

ARM™ additionally offers priority traffic handling, channel load-balancing, band steering, airtime fairness and other quality-of-service (QoS) controls to ensure that the available Wi-Fi bandwidth is fairly distributed to all mobile devices on the WLAN.

*** Virtual Controller Technology

The Aruba Instant Virtual Controller technology provides security, consistently high performance, scalability, and other enterprise-class network access services without requiring a dedicated controller.

Utilizing an adaptive, self-organizing wireless grouping, the Virtual Controller technology supports multiple Aruba Instant APs across wired LANs and over the air through the mesh, enabling the WLAN to scale effortlessly.

Aruba Virtual Controller technology centralizes the functionality needed to configure and manage the Aruba Instant network. Aruba Virtual Controller technology delivers a wide range of enterprise-class WLAN capabilities required by enterprises that have multiple remote locations:

a. Reliability
b. Mobility
c. Guest Access
d. Scalibility
e. Cloud-based firmware server
f. Built-in migration path

**** Instant Security:

1.Authentication & Encryption:

Aruba Instant supports over-the-air authentication using pre-shared keys or 802.1X, which uses WPA2 for strong security and an internal or external RADIUS server.

Each Aruba Instant AP has an instance of a free RADIUS server that maintains a distributed database of up to 256 users. When using internal RADIUS for 802.1X authentication, customers can load certificates and terminate EAP-PEAP, EAP-TTLS and LEAP.

2.Integrated Firewall:

The Aruba Instant integrated firewall inspects traffic from each user session and allows or denies that traffic before it traverses the wired and wireless network. The firewall monitors all data entering or leaving the network, blocks data that does not satisfy specified security policies, and prevents unauthorized users from accessing the enterprise network.

3.Traffic Separation:

Aruba Instant supports up to six SSIDs per Virtual Controller, which gives enterprise organizations the flexibility to separate WLAN traffic based on user role and traffic type. For example, school district employees can be assigned to one SSID, students to another, and guests to a third.

4.WIPS (Wireless Intrusion Prevention):

Aruba Instant includes a wireless intrusion protection system that safeguards the network from unauthorized or rogue APs and clients, and other devices that can potentially harm network operations.

The wireless intrusion protection capability also logs information about unauthorized APs and clients, and generates reports, making Aruba Instant fully PCI compliant. To prevent malicious APs from associating with network, administrators can turn on rogue AP prevention and disable the auto-join function, which ensures that only authorized Aruba Instant APs are allowed to connect.

5.Content filtering:

With an OpenDNS service subscription, Aruba Instant delivers integrated web filtering, malware and botnet protection to every device connected to the WLAN.

With content filtering, administrators can create Internet access policies that allow or deny user access to web sites based on categories and security ratings. Content filtering also prevents known malware hosts from accessing the WLAN, reduces bandwidth consumption and improves employee productivity by limiting access to certain web sites.
6.Operation System Fringerprinting:

The OS fingerprinting feature gathers information about each client connected to an Aruba Instant WLAN to determine what OS the client is running. This information enables IT to identify rogue clients, including clients running an OS not allowed on the company network, as well as clients with an outdated OS.
Phase II:  – a controller managed WLAN solution:

Details will follow.


My Special Thanks for providing the Aruba WLAN kit go to:

Keerti Melkote
Chief Technology Officer of Aruba Networks

Paul van der Wilk
Country Manager Belgium Netherlands and Luxemburg at Aruba Networks

Herman Robers
‎Systems Engineer Benelux at Aruba Networks

Gert de Wever
Senior Systems Engineer at Aruba Networks

Comments Comments Off on Aruba WLAN Home LAB setup (follow up)