Simple and Smart Access Point
Simple Access Points aren’t crammed with user and network configuration data, instead they are designed to concentrate on the radio functions. These devices rely on all of the necessary controlling intelligence to be provided elsewhere on the network, e.g. by an access controller, a wired switch, or even a router. These Simple Access Points are usually described as being “thin,” “dumb,” or “lite.”
Whatever they are called, they range from devices that merely satisfy the 802.11 (a, b, or g) specification to sophisticated gear that offers RF excellence. Either way these simple devices cost less and need less management than their more complex counterparts—their basic radio functions are unlikely to need attention, and the security and other features that need regular attention are in the traditional location—some type of central control device, i.e. an intelligent box. Furthermore, since these Simple Access Points aren’t loaded with network and user configuration data, they are of little or no interest to hackers. And if one of these simple devices is stolen, it’s rendered inoperable as soon as it’s unplugged.
Some vendors offer software that, when loaded onto a computing device that is connected to a wired LAN, enables the computing device to act as a hardware access point. These software products are reminiscent of the old Winmodem software, in that they use the computing device’s CPU to process the data flow. For example, a laptop can be easily configured to function as an Access Point with commonly available software, such as the freeware tool Host AP for Linux systems, or PCTEL, Inc.’s Segue SAM, a software access point that permits Wi-Fi-enabled computing devices to function as Access Points.
The large vendors are also getting in on the act. Intel plans to integrate “software access points” for wireless access into PCs. This extra software will let home laptop users connect to the Internet by using a wired home PC as a bridge. And Microsoft is supposedly hard at work on what it calls a “Soft Wi-Fi,” which, according to Microsoft’s press relations services, is a new driver model. The Soft Wi-Fi will allow processing currently done by the 25 MHz chip used by hardware-based access points to be performed within Windows. Thus, according to Microsoft, any Windows-based PC can function as an access point. Beware, though, that when soft APs are used within a corporate networking system, it is difficult for the IT department to keep track of them because the soft AP appears as an authorized station to all wire-side network scans.
Bundling software intelligence into an access controller or switch device (instead of distributing it out to the access points) enables the IT department to make upgrades and changes to only one device—the smart one—rather than on a per-access point basis.
It is perfect for campus environments, which require a lot of access points, because it can inexpensively increase wireless coverage.
But the downside to designing a WLAN around the AP/intelligent box approach is that the APs must be able to contact the intelligent box. Oft-times that box is located somewhere within the wired network environment, thus packets of data are required to go through twice as many plug devices before they get to the end-user. As illustration, data is transferred from the LAN switch, to the WLAN intelligent box, to the LAN switch, and then to the simple access point. Whereas, in a WLAN designed around smart Access Points, the data is transferred directly from LAN switch to AP.
Symbol’s Mobius Axon Wireless switch offers Layer 2 and 3 WLAN functions (e.g. IP inspection and load balancing), and certain Layer 4 features (e.g. HTTP, instant messaging, and security solutions such as Kerberos authentication). The layers are managed by an XML or command line interface. The switch is paired with Mobius’ “thin” Access Points. The MAC software layer has been taken out of these Access Point s and put into the wireless switch, leaving only the Physical Layer for the AP. This arrangement allows the Mobius Access Points to act simply like an Ethernet port—a wireless socket through which data packets are passed. Let’s now look at what a smart AP has to offer.
Smart Access Points
A smart access point (also known as a “fat” or “thick” AP) provides radio functionality and has most of its network intelligence in the same box, thus these devices can handle most of the protocols for roaming, encryption, management, user authentication, and so forth. Such industry giants as Cisco and Enterasys back the smart AP approach. A smart AP presents the end-users it serves to the wired network switch as if they were physically connected. Furthermore, smart Access Points reduce the load on central switches within the wired LAN, albeit at the cost of needing to be managed.
One of the downside with these Access Point s is that the smarter the AP, the higher the cost. Another is that these smart devices present very tempting targets to thieves in that they require horsepower in the form of memory and processing power. Also, if the WLAN is large with many smart Access Point s, upgrading these devices with new firmware or security features means that a technician must manually connect to each device to perform the upgrade. This can result in IT personnel lugging around ladders, screwdrivers, flashlights, etc. just to get to the various Access Points.
However, integrating network services directly into the AP enables important services to be pushed out to the first point of contact with the wireless user. The thought is that by provisioning access control lists and policies directly from the radio function, end-users can move, for example, onto another subnet in another corporate location, and still retain all their access rights.