Building an Enterprise Wi-Fi Network: Solution by ELTEX

5 August 2022

Wired networks dominated the business segment for decades, as they met high security and reliability requirements. Wireless networks were secondary: critical services were not tied to them due to low bandwidth, insecurity and instability of operation.
With the arrival of Wi-Fi 5 (IEEE 802.11ac), this approach began to change. But questions about the reliability and performance of the wireless network still remain. Finally, the trend of migration from wired business networks to wireless consolidated the new Wi-Fi 6 standard (IEEE 802.11ax).
It has become more convenient and profitable for businesses to use enterprise wireless networks based on Wi-Fi 6 in many scenarios, including critical ones. Connecting work computers, technological equipment, IoT devices and much more – all this has become available through the air. An office without wires is a new reality that ensures employee mobility and simplifies business processes.

Advantages of Wi-Fi 6 implementation

WPA3 is a new Wi–Fi network security protocol optionally supported by Wi-Fi 5 standard and natively by Wi-Fi 6. Most Wi-Fi 5 devices support the WPA2 protocol, but manufacturers can use WPA3 in their equipment if necessary. Wi-Fi 6 equipment requires WPA3 support.
WPA3 offers improved encryption (128-bit for Personal and 192-bit for Enterprise), a new SAE authentication method and enhanced protection against various types of threats, including key reset attacks (KRACK).
In Wi-Fi 6 networks, MU-MIMO spatial stream segregation technology is used to transfer data both from the access point to the device (downstream) and vice versa (upstream). This compares favorably with the MU-MIMO operation on the Wi-Fi 5 network: it functions only as a downstream there.
Due to the use of improved MU-MIMO technology, as well as efficient OFDMA delivery and 1024QAM modulation technologies, the bandwidth of the Wi-Fi 6 network exceeds 1 Gbps, which is several times higher than in the Wi-Fi 5 network. At the same time, more devices can be connected to work with heavy content without reducing performance.
One Wi-Fi 6 access point is capable of providing comfortable operation of up to 100 devices (depending on the equipment). With proper placement, network can be easily scaled with minimal installation and infrastructure costs.
All this makes previously unavailable services for the enterprise wireless network available.

ELTEX Solution

ELTEX offers customers an implementation scheme of a wireless network based on Wi-Fi 6 into the current infrastructure or a comprehensive solution for building a wireless network from scratch:

• Access. WEP-3ax and WEP-3ax-Z Wi-Fi 6 access points, MES2300P/2400P series access switches.
• Aggregation, firewall. MES3300 series switches and ESR routers with any combination of port capacity. ESR routers will help to secure the enterprise network from external threats.
• Data center, the network core. High performance MES5400/5500 switches with EVPN/VXLAN and MES7048 support.

Depending on the scale of implementation and customer requests, the set of ELTEX equipment may vary. The ELTEX SoftWLC software controller is used to manage the wireless business network infrastructure.

Advantages of the solution

1. Centralized management and monitoring of all components of the wireless network. The ELTEX SoftWLC controller provides control of both devices and individual groups of devices. Access to a controller or a separate network segment is provided via role-based model. With the help of the ELTEX SoftWLC wireless network software controller, it is possible to manage a large number of access points (up to 100,000 simultaneous connections are supported), easily scale the network, collect user statistics and much more.
2. Safety. The solution provides comprehensive protection of the business network at all levels. Due to Wi-Fi 6 support, WPA3 authorization and 192-bit encryption are available. The WIDS service of the SoftWLC controller detects threats and warns about attempts of unauthorized connection to the network, attempts of hacking and password selection.
3. Authorization. The solution provides various ways of authorization in the business network:

• by login and password (EAP-PEAP)
• by electronic certificates (EAP-TLS)

4. Guest access to the wireless network. During meetings, presentations and other events, secure access to the network is necessary for guests so that they do not get into the enterprise network. The SoftWLC software controller will help to create and configure wireless networks with different access levels.
5. Using highly loaded services. The high bandwidth of the access points of the proposed solution and use of the Wi-Fi 6 technologies ensure the operation of services that are critical to the quality and speed of the wireless network. For example, these can be video conferences with a broadcast in 4/8K, audio broadcasts with a large number of participants, management of IoT devices using a wireless network.
6. Internet of Things. In addition to the ability to control IoT devices via Wi-Fi, ELTEX offers to create a smart office infrastructure based on the Z-Wave protocol. For this purpose, WEP-3ax-Z access points are used that support work with sensors and Z-Wave devices.
7. Organization of a high-density wireless network. Wi-Fi 6 access points provide stable connection of a large number of devices at the same time.
8. Wireless network integration with existing corporate infrastructure. Each user has their own credentials to access corporate services. The solution allows software interfaces to use the same credentials, comparing them with the customer's database.
9. Radio parameter management and user balancing. The Airtune service built into the SoftWLC controller performs autoconfiguration of radio parameters (frequency channels, power) to ensure optimal use of the radio environment resource.
10. Seamless roaming. The solution allows creating a single network space throughout the enterprise. At the same time, additional authorization will not be required when moving from the coverage area of one access point to another. Corporate services are available anywhere in the office space. Seamless roaming technology allows using delay-sensitive services. For example, audio and video calls via messengers or business utilities will not be interrupted when the user moves. Fast Roaming (802.11R) technology will provide fast switching between access points with minimal delays.