Wireless Networks Causing Headaches For Businesses

ElvaWSJ writes "Wi-Fi was supposed to reduce complications, not create new ones. But in many offices Wi-Fi has been a headache. Like all radio signals, Wi-Fi is subject to interference. Its low power — less than even a typical cellphone — means that walls and cabinets can significantly reduce signal strength. Wi-Fi also creates networks that are more open than wired ones, raising security issues. And Wi-Fi has caused problems for virtual private networks. Some VPNs require a lot of processing power. If a wireless access point — at home, at the office, or on the road — isn't robust enough, a user often gets bumped off the connection."

Um...

[cromar (1103585)]

Duh?

Re:Um...

[Aqua_boy17 (962670)]

Was that a tag, or a comment? Either way, it fits.

Re:Bullshit

[Mike Buddha (10734)]

VPN sessions are much more time sensitive than other applications. Any latency caused by, oh say, packet retransmission due to interference will cause the session to be invalidated. Try connecting a VPN through a satellite connection (HughesNet), or through an access point in an area with lots of other wireless networks overlapping. You WILL lose your connections. Heck, I've had problems using some dial-up services even.

Re:

[Baron_Yam (643147)]

If you're doing that sort of thing, I strongly suggest getting a commercial mobile connectivity solution instead of relying on what comes with your OS.

I can think of at least two Canadian-based solutions that would resolve the issue of intermittent connection loss without even letting your apps be aware of the issue.

Re:

[YouTookMyStapler (1057796)]

It really shouldn't be a surprise that a wi-fi signal gets weaker as you move away from the source. This would be the same as people saying "I had no idea that the further away from a cell tower you get the weaker the reception."

"It was almost like if you wanted to have remote access, you'd better expect to not have a good experience," says Mr. Friemann, 38 years old, who is based in Cherry Hill, N.J.

Some people are just so negative.

Re:

[The_Quinn (748261)]

This is one of the reasons I am greatly anticipating Sprint's new WIMAX wireless broadband network. [gizmodo.com]

I think it will be one of those breakthroughs where you won't even realize how cool it is until you start seeing people wandering around with wireless devices that "just work", anywhere, without much thought of how or why.

No, not duh

[Poromenos1 (830658)]

That's not the actual worst thing. I can handle all the "access from anywhere", that was what it's designed to do. The worst thing is when the access point sometimes decides to reset (I have a Linksys AP) and it reverts back to it's original, OPEN SETTINGS. I go to work one day and I notice that the AP changed its ssid back to "linksys", giving free access to everyone within the radius for the past week.

Seriously, wtf.

Re:Um...

[SenFo (761716)]

A while back, I thought this was general knowledge. What I found is that people get caught up in all the hype and think only of the positives. If you try to persuade them otherwise, you're ostracized.

A few years ago, I was tasked with setting up the network in a new building. There was already wiring in the building. Unfortunately, it was all CAT-3 (even the data lines). I was the only person on staff in the IT department so I asked if we could hire an outside consultant to help with the task of running new network lines that would be adequate for our company needs. My request was rejected and I was instructed to install WiFi for the entire company to run on (about 50 people, including sub-tenants, which shared the LAN for Internet access). I advised my company of the pitfalls involved with running a WiFi-only LAN; however, I was told I needed to "come into the 21st century". Not feeling as though it was reason enough to quit on the spot, I did as I was told and installed the wireless network. With the exception of my workstation and all of the servers, everybody connected to the LAN through a wireless access point. Within the first few hours of operation, I had already gotten a number of complaints about systems loosing connectivity to the servers. This became the norm as my days soon involved at least one reset of the access point at some point in the day. This lasted about a year and a half before my direct manager was walking over to my desk to ask me if I could reset the access point. To her surprise, I was sitting there working and still connected to the LAN. She asked me how that was possible and I explained to her that I was on a wired connection. The next thing I knew, I was installing CAT-5e throughout the entire building. In the end, it cost a lot of money in lost productivity, as well as the wireless hardware that barely gets used. Reasons like this are why I abandoned the system administrator world a few years ago in favor of becoming a software engineer. I have never looked back.

Well Then...

[AdmNaismith (937672)]

Make sure there are some bloody data ports where they are useful. The gods know how many office conference rooms I have walked into where there are two power/data/phone outlets on the far ends of the room behind heavy credenzas, instead of in the middle of the room accessible from the table top. Otherwise just blanket the place with WiFi and suck it up.

Re:Well Then...

[MightyMartian (840721)]

Having talked with a few guys in my neck of the woods that sell themselves as network architects, I have the feeling that most of these guys really don't have the vaguest idea how to properly plan and roll out a network. They're too lazy, or their bosses are too cheap, to put in, maintain and extend a decent wired network, and so buy into the idea that going out and buying some NetGear routers and access points will mean everything is hunky dorey. Then, as the months roll by, and people have an increasing number of problems both with security and with basic access, the whole pile of steaming crap starts to unravel.

To my mind anyone who comes up to me and says "Our network has problems, and I can't keep my VPN up because they put in a new partition walli n accounting" is pretty much stating that whoever it is that maintains and plans their network ought to be forceably removed from the building.

Re:

[jacksonj04 (800021)]

We've recently had a lot of thought put into upgrading our school network as part of a multi-million refit. Some smartass thought it'd be clever to say "We want everything wireless". It was gonna be as well, until all the IT techs looked at the plans and basically said "If you do that, we're resigning".

Result - every permanent terminal (ie in the ICT rooms, PCs which drive the virtual whiteboards etc) is hardwired, and each classroom has its own AP to allow for portable devices. Some rooms like the art clas

Conference rooms

[sczimme (603413)]

The gods know how many office conference rooms I have walked into where there are two power/data/phone outlets on the far ends of the room behind heavy credenzas, instead of in the middle of the room accessible from the table top.

Conference rooms are often populated by guests. I would not be surprised if your local security policy states that guests are not permitted to connect to the company network: having no easily-accessible jacks can be a decent physical security measure. Of course, this requires that guests not be left unattended, etc.

The placement of the credenza is either a calculated security move or a blunder of forehead-slapping magnitude, depending on your outlook. :-)

Re:

[mrbooze (49713)]

At my company we kept having whole networks on some office floors go down periodically. Supposedly, the problem was tracked down to the switches they had sitting in conference rooms. Apparently, if someone for some reason plugged a cable from one port directly into another port, this caused that whole vlan to become unusable. (Why would someone do that? Apparently, some people are stupid.)

The response was to remove all switches/hubs from conference rooms. When it was suggested that we just put up signs

Surprising!

[gen0c1de (977481)]

Not really, if you are a business that is deploying wifi as a solution to allow laptop users to move around fine, however if it is cheap solution to installing hard wired cables to each desk then someone needs to be re-informed about the pitfalls.

Re:

[TrippTDF (513419)]

I hear you- I was hired by my girlfriends company (5 people) to help "upgrade" their systems after a renovation. They decided to rip out the already installed Cat5 and go with an all-wireless network before they had contacted me. I told them this was going to cause more problems than it solved, but they still had me go ahead with it. Now I get at least one phone call a week because the wireless print server I had to install isn't working, one person can't get online, or some other such nonsense.

Wirel

Supplement not Replacement

[jeffy210 (214759)]

Wifi should be a supplement for larger areas with changing configurations (meeting rooms, conference rooms, etc) not as a replacement for a typical wired setup. Unless you plan on constantly rearranging your cubes, there's no reason to do that. Also you should think of the two networks as being completely separate and treat the wireless network as a public access point (i.e. force VPN access to the wired portion of your network).

I see the problem coming in where people think it's a wired replacement.

Re:

[The-Ixian (168184)]

Yep, that is exactly how I have it set up here. I cringe every time I go into a new client site and see them using OPEN wireless access points as an extension of their wired LAN. At the very least encrypt it....

Re:Supplement not Replacement

[Kadin2048 (468275)]

Yep, that is exactly how I have it set up here. I cringe every time I go into a new client site and see them using OPEN wireless access points as an extension of their wired LAN. At the very least encrypt it....

There's no good reason to use encryption in a corporate environment. Put all the wireless APs in the DMZ, so that they're outside the network, and leave the APs open. That way you don't have to make users screw around trying to get WEP/WPA/whatever to work, or use crummy MAC-based authentication schemes (that are a steaming pile anyway; whoever decided authentication based on MAC addresses was a good idea should be shot). Until you do that, wireless security is (in my experience anyway) harmful, because it makes the PHBs think they're on a "secure network" and shouldn't have to VPN. And once you require everyone to VPN when they use wireless, there's no point in using WEP/WPA on top of it (particularly considering that WEP is so broken as to be useless, and lots of devices don't support WPA).

The problem isn't lack of encryption, it's putting wireless APs in on the trusted side of the network at all. Avoid doing that, and treat someone connecting from an AP just like you'd treat someone connecting from Kalamazoo (meaning they have to connect via a VPN and authenticate), and you avoid most of the security vulnerabilities that plague wireless installs.

Clarification

[Kadin2048 (468275)]

There's no good reason to use encryption in a corporate environment.

I mean, there's no reason to use client-to-accesspoint encryption. Instead you should be encrypting directly from the client to the VPN gateway.

Re:

[julesh (229690)]

Wifi should be a supplement for larger areas with changing configurations (meeting rooms, conference rooms, etc) not as a replacement for a typical wired setup. Unless you plan on constantly rearranging your cubes, there's no reason to do that.

Except cash. Installing cabling can be quite expensive. A 5 person office could easily cost £500 to cable up, including health & safety inspections (which may or may not be mandatory depending on your locality, but are almost always a good idea when instal

low power -- less than even a typical cellphone

[niceone (992278)]

Good thing it doesn't have to work over as great a distance as a cell phone then. It's almost as it it was designed that way!

Re:

[julesh (229690)]

The real problem is that the frequency is substantially higher than mobile phone frequencies. 2.4GHz has substantially less capacity to penetrate stuff that might be in the way than 900MHz.

I've always heard...

[Overzeetop (214511)]

...that it takes more wire to set up a good wireless network than it does to set up a wired network. The number of APs required to get good, even coverage is far larger than anyone thinks, and the overall complexity tends to really tax all by the best installers.

Re:

[drinkypoo (153816)]

it takes more wire to set up a good wireless network than it does to set up a wired network.

It still might be cheaper, because in many (most?) cases you pay per drop and not per foot. If you're paying for both, it still might come out cheaper.

Of course, as you probably^Walmost certainly know already, WiFi is a better fit for edge conditions than it is for every computer in your network (even if you don't count servers.)

Re:

[Dare nMc (468959)]

I've always heard that it takes more wire to set up a good wireless network than it does to set up a wired network.

guess it really depends on a number of things. We have found that it works best for our critical deployment (and I do mean critical) that you need a seperate backbone than your network. You can setup a bunch of repeaters that are not wired (In AZ, their solar powered, battery backed) but then when you get something at high bandwith, the users at the end of the line ends up less reliable (data

Metal objects block radio

[also-rr (980579)]

News at 11.

I used to do wireless mesh network algorythm development and we had (with 802.11b) acceptable, AES encrypted, coverage of a motor factory (think *lots* of wire and EM) with nodes running on 200mhz arm systems and 64mb of ram. No problems with VOIP either. You just need to do some (ok, expensive) system design and there's no reason why it wont work. In the demo system the nodes updated their routing tables using a ropey bash script even :)

Expecting that off the shelf gear can magically set itself up is the problem, not the protocol itself (which can be worked around in many interesting ways).

Corporate Solution

[TheMadcapZ (868196)]

At some point companies may wrap the exterior of the building with Faraday mesh to prevent radio signals from exiting the building with any significant range. External radio signals could be ported and broadcast within the building similar to the project to extend radio station signals into road tunnels as test in Pittsburgh, Pa. This would allow the company to control the signals that enter and exit the building while also allowing for cellphones and radios to work.

Now the cost to benefit ratio of such a s

This caught my eye

[N3WBI3 (595976)]

"Things got so bad that Mr. Friemann sometimes had employees piggyback on a neighboring business's wireless connection that was more stable -- without the other business's consent or knowledge." -- Ok so your neighbor could set up a network which worked fine even for you whom, presumably, are further away from his source than you are from your own. Despite this its somehow the technologies fault? WiFi is fine, established, and mature this admins understanding of it is not. and then there is this -- "So

Re:This caught my eye, lets try formatting ;)

[N3WBI3 (595976)]

"Things got so bad that Mr. Friemann sometimes had employees piggyback on a neighboring business's wireless connection that was more stable -- without the other business's consent or knowledge."

--

Ok so your neighbor could set up a network which worked fine even for you whom, presumably, are further away from his source than you are from your own. Despite this its somehow the technologies fault? WiFi is fine, established, and mature this admins understanding of it is not.

and then there is this

--

"Some wireless networking companies are taking steps to try to deal with customers' problems. One major issue is the stability of the wireless signal. Ruckus Wireless Inc., a wireless networking company based in Sunnyvale, Calif., tries to address that problem by providing wireless access points that have multiple antennas. That allows a Wi-Fi signal to have more than one pathway to an access point -- which can come in handy if something is in the way."

--

Its called a cable folks, there are plenty of ways to rig antennas and get them in existing wap points. Thats not to say there is no value in what Ruckus is doing just that its not like we cant do that.

Site survey

[ch-chuck (9622)]

Before rolling out a big business wireless network, the installers should do a check of existing interference, then setup a simple access point/client and check it out in different places using a spectrum analyzer [circuitcellar.com]. Just like cable techs sometimes need a cat-5 analyser to trouble wiring plant problems, the wireless tech needs an instrument to measure the rf environment.

Heck, my wireless pda loses signal while standing near the microwave popping pop corn. Some buildings, especially in industrial areas, can g

Easy solution.

[by Anonymous Coward]

Wireless Networks Causing Headaches For Businesses

A tin-foil hat. The problem goes away.

(You want me to read the what?)

Some buildings just aren't "Wi-Fi compatible"

[pclminion (145572)]

I have issues at home with this. The roof of my house is made of aluminum (not that cheap corrugated stuff like on a barn, but interlocking strips). This wreaks absolute HAVOC on WiFi signals inside my house.

If I put an access point at one end of the house, I can't pick it up AT ALL from the other end. I'm not talking microscopic SNR, I'm talking ZERO SNR. It's like I don't even have an access point. I'm lucky to get a quarter of the rated bandwidth if I'm only one room away.

For a while I had a ridiculous setup consisting of an access point and two repeaters just to get the signal to the other end of the house. TWO REPEATERS. That's THREE HOPS to travel about 100 feet. And of course, the concommitant loss in data rate due to the repeater action. After a few weeks of that (and even that setup was flaky at best) I said "Fuck it" and dragged a CAT-5e cable across the house. The wife hates it but at least I can use the Internet.

I have no idea how exactly the metal roof is destroying the signal, whether it is causing severe multipath or simply absorbing it completely, but it does it quite effectively.

Re:Some buildings just aren't "Wi-Fi compatible"

[multipart/mixed (163409)]

Try putting your WiFi AP in your basement, on a floor joist. If it really is the roof that's giving you grief, that might be far enough away to weaken multipathed signals out of detection.

You could also try decreasing the transmit power if you suspect multipathing. And, of course, lower the basic rate.

Re:

[pclminion (145572)]

What confuses me is that OFDM was specifically designed to be resistant against multipath. I feel embarrassed now -- I've actually implemented OFDM before, and it hadn't occurred to me that if I just turn the data rate down, the guard interval gets longer, potentially long enough to completely ameliorate the multipath effects. I was under the impression that 802.11 automatically negotiated such things, but maybe not? I'm going to try that the second I get home.

Re:

[multipart/mixed (163409)]

If that doesn't work, BTW, you could also try an AP with a better radio.

Signal with the Linksys WRT54G version 1.2 in my house is basically unusable, due to (at least in part) my cordless phones, even with OpenWRT firmware. I can literally be 2 feet away from the AP (with a floor and desk in between) and have it flake out.

And yet, my Routerboard RB532A (w/Mikrotik software) with an Atheros AR5413 radio works like a charm. 100%, all the time, every time, right into my backyard.

Re:

[pclminion (145572)]

Hah. The WRT54G is precisely the AP I've been using. I guess it's time to upgrade.

Re:

[julesh (229690)]

I have no idea how exactly the metal roof is destroying the signal, whether it is causing severe multipath or simply absorbing it completely, but it does it quite effectively.

It'll be the former. It can't absorb signals that aren't sent in its direction (which typically the ones you want won't be), but what it can do is reflect back lots of slightly-out-of-phase signals from different points that confuse your receivers. Stick up a metal plate about a metre behind your TV antenna and see what happens to th

Poorly designed networks don't work well.

[tji (74570)]

This doesn't change for wired or wireless. But, with wireless there may be even more temptation to do it cheaply because everyone has it at home and thinks it's simple. Clearly it wasn't just a technological problem, because the IT guy said he sometimes told people to connect to their neighbor's WiFi. It seems that his WiFi was just unusually poorly implemented.

Step back, look at the network, assess where wired ports are needed and where wireless is the best/only option. Then buy some decent gear th

Simple solution

[steveo777 (183629)]

Just paint the outer interior walls of your building or corporation with a few layers of lead-based paint. Hopefully, you do not run a day-care.

I worked at a wifi-powered place once.

[mrjb (547783)]

...The net went down all the time. Not acceptable for pro use. Brother has wifi at home and it's the same story. It is a main reason that at home I'm still wired up- as a result, the network Just Works, all the time- parts of it run at 1 gigabit/sec. While wifi still seems to have some serious maturing to do, I'll wait a bit more and enjoy the benefits: always up, no concerns about neighbors piggybacking on the connection, and the wife is delighted that I don't take a laptop to bed.

Article begins with wrong premise.

[Vellmont (569020)]

Wi-Fi was supposed to reduce complications, not create new ones.

No. Wi-Fi was supposed to let you maintain a network connection without wires. For the most part it does that fairly well, just not as well as a wired connection.

If anyone is relying on wi-fi for an always-on, never breaks technology, they're fooling themselves. What wireless technology works like that? Cell phones have been around for at least 30 years and we all still know it's not as reliable as a land line.

WiFi isn't perfect, streaming video on .11

[maggard (5579)]

Rules of WiFi:

1. Determine needs. How many users in an area. What kind of usage?
2. Do a site plan. Where will access points be placed. How will they be networked? How will they be powered?
3. Test signal propagation. Are there competing nodes? Are there reflections/absorbers?
4. Evaluate hardware. Is the firmware stable? Are the antennas good enough? How much heat does it produce/can it take? How is it all managed?
5. Set expectationsof the IT staff, of the managers, of the users.
6. Plan for hardware failures. I anticipate a 24 month lifespan of each access point, and plan for an up to 10% failure rate in any month.
7. Monitor, both the internal networks and the general environment. Have a running watch of all access points with alerts for rogue ones, particularly dupes.

Put in dedicated services for visitors with instructions conspicuously posted in conference areas (along with sufficient power supplies.) Inform staff if they are caught using these open systems their devices will be taken away, and if they relied upon such to do their jobs they will then be unsuitable for continued employment.

Finally, consider alternatives to WiFi. There are any number of products that will carry WiFi-equivalent bandwidth over residential wiring. If youre looking to connect fixed devices without running ethernet then these are a no-hassle approach with competitive costs.

A well designed system doesn't have problems

[Newer Guy (520108)]

I have designed many 2.4 gig WiFi systems that have none of these issues. First off, you have to consider the design of the area you want to use WiFi in. Lots of steel studs or concrete walls mean more access points (though I don't use AP's because routers are cheaper and can be used as APs). Generally speaking, you need an AP for every four 10x20 rooms and for every ten computers. Trying to use less AP's or more computers will create an overloaded system. Next, the quality of the AP's is paramount. As a minimum, I generally use Linksys or Buffalo equipment. Next, channel selection is important. Channels 1,6 and 11 do not overlap at all, and my experience is that channel 1 is lightly used. Channels 1.4.8 and 11 barely overlap, and can be used in bigger networks. I like to use channels 4 and 8 when I'm in an area where 1,6, and 11 are heavily used. If you use the same SSID for each AP, there will be almost seamless roaming between APs. I never use wireless repeaters-all AP's are wired back to the router. Yes it's more work, but the results are so much better! Finally, I use third party firmware on all routers, because I find it more stable then the firmware provided by the manufacturers. It also has the capability to be used for a field survey, which is useful to find any new wireless gear that's been installed lately.

Of course, it goes without saying that encryption should always be used, the tighter the better!

Re:Transmitter power

[morgan_greywolf (835522)]

lets see poor transmitter power output, integrated 1/8th wave PCB antennas, microwave frequencies, $3 of electronics
gee i wonder why its crap ?

1) To keep the cost down. Even 'commercial-grade' access points use inexpensive components to help keep the costs down to the point that people can afford them. Compare the cost of ham radio -- and then consider if you would buy a WAP that had that amount tacked on the sale price.

2) Government regulation. Governments around the world regulate these 2.4 GHz-range frequencies and given the number of devices in the range, transmitter power is kept necessarily low by regulation.

3) To keep the equipment from interfering with other devices such as cellphones, 2.4Ghz-range walkie talkies, and countless other devices that use this frequency range. See #2.

Re:drivers

[quanticle (843097)]

Oddly enough, with D-Link cards I've noticed that the third party connection software (D-Link Connection Manager) often works better than the Windows wireless network manager.

Re:

[SatanicPuppy (611928)]

I can almost guarantee my boss read this, and he's been pushing for wireless for a while now. This is an excellent heads up, as far as I'm concerned.

My biggest problem with the wireless he wants isn't even the wireless...I can deal with that. It's the fact that he wants to do the wireless to make up for the deficiencies of the wired network. But of course, he's not paying for the fiber drops we're going to need, so we're going to have massive network bottlenecks. Oy vey. Everyone thinks they can get somethi

Re:

[sgtrock (191182)]

Oh? What about warehouse floors? Ancient buildings where you can't pull new cable for a reasonable cost? Service in open areas?

WiFi is just another technology that has its uses. The problem is that people rarely think about its limitations. However, that problem is not exactly limited to any particular technology, is it? :)

Re:

[llefler (184847)]

In warehouses, people typically use handheld devices, today. They're much, much, much more reliable than wi-fi.

Nearly all of the wireless handheld devices used in warehouses have moved to 802.11. And it made life a whole lot easier when they did, no more proprietary protocols like we had in the 900 band.

If they seem more reliable, it's because they tend to be low data rate devices. At least I've never seen a forklift driver browsing multimedia web sites on their 3"x4" screens. The lower data rate allows the

Re:

[computational super (740265)]

A wired network for desktops. No floppies. No USB. The sensitive files stay within the building.

That doesn't guarantee security. If you really want to take security seriously, post snipers on the roof and have them shoot employees before they can make it into the building.

Re:

[frdmfghtr (603968)]

That doesn't guarantee security. If you really want to take security seriously, post snipers on the roof and have them shoot employees before they can make it into the building.

No no no!

You shoot them if they try to LEAVE the building...if you shoot them before they get in, they can't do any work.