Chapter 7. a field office example, Background, Chapter 7 – Symbol Technologies WS 2000 User Manual
Page 111: A field office example
A Field Office Example
Chapter 7. A Field Office Example
Background
Leo is the network administrator, system administrator, and IT professional for a field office
with 60 employees. The users include sales people, sales engineers, office administration
and customer support people. All of the sales personnel have laptops and many of them
have personal digital assistants (PDAs).
The office is connected to the Internet and to Corporate through a frame relay link. Between
the office network and the frame relay, there is a router and a virtual private network (VPN)
appliance. The VPN appliance encrypts all traffic to Corporate. Traffic to other addresses
passes straight through.
Leo installed a wireless access point about six months ago and quickly found that many
employees preferred to use it. However, the throughput of the lone unit was not enough to
service 40 or so users and coverage was weak in many areas of the building. In addition,
Leo was doing user authentication by maintaining a list of permissible user MAC addresses
on the access point. This required modifications to the list once or twice a week. Recently,
when a laptop was stolen, Leo could not determine which MAC address to remove from the
list for several hours. He concluded that he needed to use a better method of user
authentication. Also, the data encryption on the old access point was WEP and WEP
encryption can be broken with several hours of data encrypted with the same key. Leo
changes the key every week, but some users complain when last week’s key does not work
anymore.
Leo has decided to upgrade to a WS 2000 wireless switch. He will have four Access Ports,
one in the administration office area, one in the sales office area, one in the sales
engineering area, and one in the engineers’ demonstration room. Throughput and coverage
will increase significantly. Leo will convert to 802.1x/EAP-TTLS user authentication
through the corporate RADIUS server and convert to WPA encryption, improving security
considerably and reducing maintenance significantly.
The following links show the tasks that Leo will carry out to complete the wireless upgrade.
• The Plan
• Configuring the System Settings
• Configuring the LAN
• Configuring the WAN
• Setting up NAT
• Confirming the Firewall
• Adopting the Access Ports
• Configuring the WLANs
• Configuring the Access Ports
• Specify Subnet Access
• Install Access Ports and Test
Copyright © 2004 Symbol Technologies, Inc. All Rights Reserved
111
WS 2000 Wireless Switch: 1.0 Date of last Revision: March 2004