If you were considering a wireless solution – what would you consider?
If you were considering a wireless solution – what would you consider?
— Chris McDonald (@chrismcd53) December 19, 2013
I can’t possibly answer that question in tweets, so I thought I’d scribble my response here. Â Hopefully Chris will find it useful, and others may stumble across it too.
Firstly why do you need a wireless network? What is it’s aim? How will it enhance the learning experience?
If you are looking at class sets of laptops or a 1:1 tablet scheme you need to consider the density of your devices. Â 30 laptops logging in at the same time will cause any access point to struggle. Â If you’re looking at BYOD (and who wouldn’t these days?) you need to look at 100% site coverage. Â Lower density to start with perhaps, with expansion in mind. Some of my previous BYOD thoughts here.
Think about getting survey done by a decent company. Â It may cost you, but gives you a clear understanding of what is needed. Â Talk to them about your plans, so they understand the deployment. Â If you don’t survey the school correctly, your scheme (and budget) need to be more flexible.
Think about your wired network. Â Potentially, you are going to be adding a great deal of traffic. Can your back bone cope? Â Have you got spare wires where they are needed? Do you need to look at access points that can also connect to a wired pc? Â Have you got PoE, or will you need power installing in the cabinet or near the access point?
Is your network going to be safe? Â Can you separate the wireless traffic & more importantly the BYOD traffic. Â Are you able to set up access lists, vlans and different dhcp scopes to cope with this? How will you route the traffic once your network is segmented. Â Could you firewall networks from each other? Â How many networks (& VLANs) do you think you’ll need?
Will data be safe? How do you ensure devices which can leave site don’t carry sensitive information? Â What services and information will be accessible to wireless users?
How do your current devices connect to the internet? Proxy servers cause real issues when adding unmanaged devices to a network. Â How will you help your users to get connected?
Is your technical team onsite all week? Â Have they time for the project? Do they have time to help users long term? Do they have access to a range of devices to test their network?
Will the wireless network authenticate users? Will it get the user ID’s from a system the school already run?
How will you log who owns each device, their use of internal services and the internet? Â How will you ensure devices don’t get passed around once authenticated.
Can you track rogue devices, networks and access points. Â What if a user logs onto a malicious copy network?
Do you need a/b/g/n? 2.4Ghz & 5Ghz? 802.11ac? Will any of your devices use those frequencies /standards? Will they in the future?  What authentication methods can your devices handle – WEP, WPA, WPA2?
These are exactly the questions I asked myself and my school in 2010 when we fitted our campus wireless system. Â At the same time we replaced our wired switches throughout the high school to cope with the increased traffic. Â We currently run a 25 access point Ruckus system and have opened our network to sixth form BYOD. Â We regularly have 150 staff and sixth form devices connected to our network in addition to the ~60 school owned devices.
Pupils authenticate using their active directory account, and get a unique password to their BYOD network (using the ruckus dynamic-PSK feature). Â That password is locked to one device and expires after a month currently. Â We monitor how many devices each student is authenticating.
Each BYOD SSID is in it’s own VLAN, with access lists applied. Â The internet is filtered accordingly based on which SSID/VLAN/IP range the device is connected to. Â All wireless controller and DHCP logs are kept in a syslog server so they can be cross referenced with our internet filtering/monitoring logs if required. Â We launched the scheme orginally using our LEA’s proxy server – it wasn’t a great success. Â Since moving to our own provision, without a proxy server take up has been much higher.
I have also lead projects on wireless networks in a number of primary schools. Â Some using Ruckus, and others Ubiquiti Unifi. Â Some using BYOD, and others school owned devices only. Â Unifi doesn’t have all the features of Ruckus, but in conjunction with a radius server can prove to be a very cost effective solution.
I’ll come back and update this post when I remember things I almost definitely will have forgotten.
.@chrismcd53 “If you were considering a wireless solution – what would you consider?” My thoughts: http://t.co/Y6deNOG3Z8
This from @IrritableTech – very helpful to my thoughts and any body else considering wireless http://t.co/aOpmDrpL6s #ukedchat thanks!