Centrally managed Cisco Aironet hardware allows multiple virtual wireless LANs on the same access point (WAP). This enables us to broadcast the campus wide AirBears signal as well as EECS specific WLANs. Access to the EECS WLANs is restricted to people with IRIS accounts.
The wireless access points in EECS carry the following SSIDs:
EECS-Secure: This high-performance WLAN offers the best security; WPA2 security with AES encryption and 802.1X authentication using individual credentials for registered devices.
EECS-PSK: Offering weaker shared-key encryption, this WLAN is meant for devices that are incapable of using EECS-Secure. Devices need to be registered to use this SSID and only the helpdesk is allowed to configure the passphrase on a device.
The first version of the EECS production wireless network infrastructure was officially deployed September 18, 2000. This network initially covered only Cory and Soda Halls. The network used the IEEE 802.11b protocol at 2.4GHz.
Our second generation wireless network adopted centrally managed Airespace access points which added support for 54Mbps 802.11a at 5GHz.
The current EECS wireless network is built upon Cisco Aironet access points and controllers and supports the 802.11ac standard in both the 2.4GHz and 5GHz bands.
Our emphasis is on connectivity over the widest area within EECS rather than data throughput.
802.11B (DISCONTINUED ON EECS NETWORKS AS OF 2012-01-31)
The 802.11b standard is an 11Mbps system. However, you’re is unlikely to see performance in that range. Using 802.11b, transfer rates in the 3.2-5Mbps are possible in optimal conditions. In real world scenarios, 802.11a and 802.11n perform at similar percentages of their peak theoretical throughput.
In the past, for 2.4GHz clients, EECS supported only 802.11b and not 802.11g (54Mbps). On our third generation network, we now support 802.11g in addition to 802.11n at 2.4GHz.
However, while 802.11g may appear faster on paper, it’s usefulness in a large scale environment is limited.
One of the real weakness of 802.11b in the enterprise is the 3 channel limit of the 2.4GHz spectrum. 802.11g suffers from this same co-channel interference.
Additionally, unless you run an 802.11g network as a pure 802.11g net (with no b nodes) there is no throughput advantage of g over b. All g nodes throttle down to b speeds. Given the installed base of b nodes in our environment, it is not likely that we would see any performance gain with g.
802.11n is an emerging standard that uses several schemes to increase data throughput 4-6 times over what is possible with 802.11a or 802.11g. To get the full benefit of 802.11n technology, you will need a recent wireless adapter. However, even legacy 802.11a/b/g clients experience better performance because the 802.11n Access Points are better at “hearing” client devices. As a consequence, the uplink data rate is higher.
Also, some WLANs are dual band enabled and work with either 2.4GHz or 5GHz clients. The 5GHz band is strongly preferred. Despite having less effective propagation at 5GHz, our dense WAP deployment mitigates this shortcoming.
5GHz is a much less crowded band with far less noise at this band and six channels instead of only three offered at 2.4GHz. Co-channel interference with other WiFi radios is greatly minimized. Additionally, 5GHz offers the capability of running 40Mhz wide channels instead of the usual 20MHz, further increasing throughput.
Dual band clients do not always make the best choice of band and we have disabled both the 1Mbps and 2Mbps data rates at 2.4GHz in an effort to mitigate this. Clients will more often choose 5GHz if they support it. This scheme is used successfully at many enterprises (especially in education) without adverse effects.
All the wireless networks are configured such that all systems must be configured as DHCP clients.
On all the EECS specific WLANs, devices need to be registered. Some of the WLANs require additional encryption configuration.
Since 802.11 technology transmits directly into open air, traffic is vulnerable to attack without good encryption.
The EECS-PSK WLAN requires use of WPA2-PSK encryption. A password must be entered into the user’s system by the helpdesk before the card can become associated with any EECS WAPs. Unfortunately due to the weaker encryptioon and shared passphrase, EECS-PSK should not be considered secure.
The EECS-Secure WLAN uses the WPA2-Enterprise protocol which provides a much stronger layer of security and integrated authentication.
These settings should be used to connect to EECS-Secure:
- Wireless Security: WPA2 Enterprise, with AES encryption
- EAP Method: PEAP
- Key Type: Automatic
- Phase2 Type: MSCHAPV2
- Identity: <Your EECS Login>
- Password: <Your EECS Active Directory (Windows) Password>
Other 2.4GHz & 5Ghz devices
Since there is a real possibility of other radio devices interfering with the wireless network, IRIS regulates the deployment of any other wireless equipment within the EECS service area. This includes both access points and non-802.11 devices.
IRIS networking staff will need to authorize the installation of any new devices using the 2.4GHz or 5GHz frequencies. While this may seem strict, with wireless the scope of research and production networks propagate through the same airspace. Unexpected problems are extremely difficult to detect and pinpoint.