Saturday, December 11, 2010
Personal Wi-Fi Hotspot devices VS Enterprise Deployed Guest networks
Last week I was performing a passive site survey of a currently deployed WLAN in several large hospital facilities in south Texas. During the course of a week and entering countless patient rooms I validated an opinion I'd had for some time.
Out of the dozens of patient rooms I entered, at least 12 or so people understood what it was that I was doing and told me they were using the guest WLAN provided by the hospital. This, in itself is unusual. The majority of the hospital staff seemed unaware that a WLAN had been deployed or was in use.
What really struck me was the number of hospital patients and guests that were using their own personal wireless hot spots. One patient told me he wasn't using the guest network because it didn't allow him to login to his Facebook page, so he was using his MiFi device instead. Another visitor told me she was using her MiFi device because the guest network didn't let her play her favorite online Tetris game. Whatever the reason, the presence of these personal wireless devices is detrimental to the overall reliability of the 2.4 GHz (802.11b/g) wireless infrastructure within the enterprise. Seemingly, any attempts to restrict usage of the guest wireless network will only lead to more and more people choosing to use their own personal wireless hot spot devices for internet connectivity.
In short, I think we've reached the point where the timeline for abandoning the 2.4 GHz wireless network for business uses in favor of moving mission-critical wireless connectivity over to the 5 GHz spectrum (802.11a) should be ramped up considerably. There are simply too many sources of interference in the 2.4 GHz frequencies on top of the rapidly expanding number of personal Wi-Fi devices all competing for the same small segment of unlicensed 2.4 GHz spectrum.
Hi Jennifer,
ReplyDeleteI completely agree that production networks should be moving to the 5GHz spectrum to avoid contention as well as provide greater capacity. However, as more consumer devices move to 5GHz, this will only be a temporary fix. Organizations need to have well-written, clear, concise, and enforceable wireless policies governing the use of non-corporate wireless systems. Providing a well-performing guest network and proper advertising or notification of the network can go a long way to reducing the scope of these problems. By providing a sanctioned service, most users won't attempt to circumvent the policy. This also provides a modicum of control over the network and contention can be minimized through proper design.
Of course this won't work in every scenario, especially dense urban areas or multi-tenant buildings where neighboring networks cannot be avoided.
Great post,
Andrew vonNagy
I agree that it is a temporary fix to move to the 5 GHz spectrum. Hopefully since there are more non-overlapping channels available, it will take longer for the 5 GHz spectrum to become as polluted as the 2.4 GHz spectrum is today.
ReplyDeleteGiven that it was a healthcare facility I was in last week, I'm not sure how you would or could go about policing the use of personal wi-fi devices. As it was, the hospital had signage indicating the use of cell phones within the hospital was prohibited, and we all know how well a rule like that will be observed!
Thanks for taking the time to leave a comment :)
I've reviewed data from other public spaces where hundreds of MiFi devices were active. The owners of the venues were wondering how to 'fix' the problem.
ReplyDeleteYeah, right... we have no legal right to stop these 2.4GHz devices from jamming up the limited frequencies.
I do think it will be awhile before many hand-held devices join the ranks of 5GHz. iPads do. iPhones have 5GHz supported in the chip, but no antennas or support in the OS.
I do agree the move to 5GHz in coming, and for enterprise needs to move their clients over sooner rather than later.
Thanks for your post,
Keith
Great discussion guys!
ReplyDeleteWe are starting a new company and looking at MiFi as a temporary solution... and it may become our backup solution once the company has its headquarters setup... for now, our options are MiFi 802.11 b/g/n or 802.11 b/g (all in 2.4 GHz) with optional HSPA+ 21 Mbps download speeds. Or we Thether our iPhones @ 7.2 Mbps.
ReplyDeleteWe are nomads. I worked several past summer projects using my iPhone as tethering device, spent 2 Gbps per month usage, lucky, I got a 6 GB monthly plan.
Currently, all MiFi offerings in Canada are in the 2.4 GHz band. Hoping 5 GHz offerings will surface soon.
BTW, iPhone real great device to test Firewall outside VPN client policies.
/steve
I agree Jennifer, Policing MIFI in a healthcare environment is very difficult. I see them all over my hospital and there is little I can do about them. I have found them carried by Doctors as well as patient family members. We don't currently have a guest network for patients, but will have one soon as I move production to 5GHz N.
ReplyDeleteI generally go searching for the mifi's in our hospital if they cause a rogue alert in WCS. It's amazing how fast they get turned off when someone sees me walking around with my cognio station and directional antennae. Sometimes I feel like the Gestapo finding contraband radios in Hogan's Heroes.
ReplyDeleteWhat customers (especially hospitals and govt. entities) need to do, is seriously crack down on free gaming sites and social network sites. With the FB type sites, those walk on a thin line with HIPAA security compliance. I know that there is down time during work, but if their main concern is "I can't get to my Facebook page" that is seriously a lame reason for defining security architecture for a guest WLAN. Sorry for sounding like a jerk, but that's my 2 cents. Good discussion, though
ReplyDelete--xcrashdx
This comment has been removed by the author.
ReplyDeleteI do think that it's important to realize that network restrictions will always cause users to circumvent, and that it's probably better to make the existing guest network more open then allow competing personal devices to cause interference. It just stands to reason that if the resource that the user wants to access in unavailable on the guest network they're going to use something else. So the solution becomes give the users access to what they need and they won't gum up the works circumventing.
ReplyDelete