注意安全, 推出无线网络升级时的带宽和应用程序可见性
升级你的无线网络需要大量的关注. 尽管有很多方法可以配置和使用Wi-Fi, best-in-class organizations should apply these five strategies to get the most out of their networks.
1. 预测的变化
没有什么比Wi-Fi网络无人看管更危险的了. 随着时间的推移,人们被增加、移动或替换. 桌子和其他家具在环境变化. A wireless network that isn’t maintained to keep up with these changes degrades over time and provides less-than-exceptional service to users.
然而, the chipset power embedded into each 访问 point allows today’s wireless LAN (无线局域网) infrastructure to be very fault-tolerant. 一个好的无线局域网可以在失去接入点和增加新接入点的情况下存活下来. 无线电干扰将得到主动管理,使影响最小化. All complex configurations and dynamic management of radio channels would be addressed in every AP.
2. 使用智能无线产品
Gone are the days when you had to manage and configure each wireless 访问 point manually and separately. 不断调整功率水平的繁琐工作, 通道分配或启用热备ap已经像渡渡鸟一样消失了.
今天的分布式智能Wi-Fi技术可以处理移动性, keeping an IP address and connection alive while a user on a VoIP call walks between rooms, 楼层甚至建筑物. 你应该投资一个不仅能处理移动的Wi-Fi网络, 而且还能处理各种流量,包括语音和视频对话, document and screen sharing and team collaboration with a bunch of people working on the same document at the same time.
3. 理解应用程序并确定优先级
在大多数网络中, 一旦无线局域网网络打开, 大楼里的每一部智能手机都自动连接到网络上. 这些设备继续消耗带宽,即使没有人使用它们. 再加上在后台工作的应用程序(如自动备份), 软件更新, 应用程序更新, voice recognition software) and you end up with a wireless network near capacity without a single active user!
解决办法不是禁止随意使用. 它是为了确保关键任务的应用程序, (如VoIP/统一通信, 视频协作, 文档分享, 事务处理, 以及商业用途), 优先于非商业和休闲使用. 寻找提供应用程序可见性和控制的Wi-Fi解决方案,例如 阿尔卡特朗讯OmniAccess®恒星无线产品组合, so you can throttle bandwidth depending on specific rules, automatically and dynamically.
4. 制定访客访问策略
支持ing guest 访问 is generally a given in today’s enterprise wireless installations. Guests commonly have a legitimate need to connect to the Internet while visiting an organization. 尽管一些公路战士可能会使用替代技术, 例如4G或LTE,以绕过本地Wi-Fi网络, it is important to plan if and how other guests will connect to the organization’s 无线局域网.
当然,这些客人不应该要求太多 访问 to anything inside the normal enterprise network — printing, perhaps, being the occasional exception. 因此, securing connections to ensure that guest users do not gain elevated privileges is important.
共同的选择, such as requiring guests to preregister Media Access Control (MAC) addresses or obtain a temporary user name and password, 往往是麻烦的,应该避免. One bad result of a guest policy that is poorly developed or difficult to follow is that staff members might spend valuable time trying to get their visitors logged on to the wireless network. Or, 更糟糕的是, a staff member might share his 访问 with a guest to connect directly to the internal wired network to bypass issues with the guest 访问 rules and process.
Guest policies must balance requirements for accountability and prevention with the goal of making it simple and quick. 有很多自动化的系统可以做到这一点, however the best and most secure way to get this done is to have an intelligent 无线局域网 system which understands when a guest connects, throttle the bandwidth depending on the application used and tunnel the traffic up to the router for the internet connection.
5. 从一开始就有最高的安全性
安全一直是非常重要的,尤其是在处理无线网络时. 现在有各种各样的方法来建造它, however the best would be to have NAC (Network Access Control) not only for 无线局域网 but for LAN users as well. One single point of management can guarantee the highest level of 访问 security no matter the type of connection (wired or wireless) NAC meshes well with wireless deployments because the wireless authentication standard — known as Wi-Fi Protected Access 2 (WPA3 is currently under development, 考虑到最近在WPA2中发现的漏洞)使用802.1X, which is a convenient method for passing NAC information between clients and servers. T在这里 are many network management systems that streamline and minimize the complexity from a NAC deployment for the network infrastructure.
These are the five basic rules to follow for providing users with the best experience while keeping the administrator happy with short and relatively simple configurations. The network infrastructure itself will take care of the most cumbersome and boring tasks needed for the optimal operation of the network infrastructure.
For more information about an 访问 point solution that addresses these issues, read about the 阿尔卡特朗讯全接入恒星无线局域网解决方案
组织者Mauro Rizzi
阿尔卡特朗讯企业网络业务发展总监Mauro joined ALE in 2009 to support the Central Mediterranean Countries with his presales skills and abilities. He then took the challenge to move to the position of business developer for the SEMEA region and visited quite a lot of customers around the globe and especially in Africa. Mauro is currently in charge of the development of the ALE networking business through the assistance and support in the roadmap definition and evolution. He supports the development of the marketing assets for inbound and outbound campaigns and special, dedicated programs meant to enable partners to be able to sell more and get more out of the solution proposed by Alcatel-Lucent Enterprise.
Mauro graduated as an Electronic Engineer from the University of Brescia and then achieved an MBA from University of Padua. 38岁的组织者Mauro Rizzi是一名健身和科技爱好者
作者简介最新的博客
今天的教育:为什么校园网络现代化是必须的
Educational institutions worldwide must modernise their networks to meet today’s new requirements.
颠覆的好处:了解VUCA世界- Pa…
The VUCA from events in 2020 led to a worldwide disruption in supply chains and logistics that ALE successfully navigated.
