Complications that the influx of Apple iPads and iPhones bring to enterprise Wi-Fi networks and wireless LAN administrators are illustrated vividly at The Ottawa Hospital in Ontario.
The hospital decided in 2010 to deploy 3,000 iPad tablets to doctors, internists, and pharmacists in support of strategic patient care applications. All data was going to be streamed to the iPads, and the Apple tablets only communicated over Wi-Fi. "Therefore, the [wireless] network became quite important," says CIO Dale Potter. "We invested a mound of money in the network [in summer 2011]."
QUIZ: Do you know the new iPad
BREAKDOWN: iFixit dismantles the new iPad
The hospital picked Aruba Networks to design and deploy a Wi-Fi network that currently numbers nearly 1,600 802.11n access points. "No one could answer me when I asked 'what will happen when we scale to 3,000 iPads by year-end, and eventually to about the same number of other iOS devices?'" Potter recalls.
Aruba CEO Dominic Orr called in the Aruba Customer Engineering (ACE) team, a small, elite consulting group that among other things handles the toughest, most baffling challenges that the vendor encounters in enterprise deployments.
Based on their experience over the past couple of years with enterprise WLANS, ACE has identified a range of issues that these networks face with the surge in iOS and Android mobile devices, according to Chuck Lukaszewski, senior director of Aruba's professional services group, and the ACE team. Currently, iPhones and iPads overall remain the most popular brands of new smartphones and tablets in the enterprise.
"We're seeing extremely rapid increases in the aggregate number of mobile devices on customer networks, across all sizes of organizations," says Lukaszewski. Especially in higher education, numbers are doubling or tripling from year to year.
The issues confronting IT groups include changes in RF design and the appropriate level of access point density; poor device roaming; and new and different loads on the WLAN's control path - the demand for authentication services, for IP addresses, license management, multicast and broadcast traffic spikes.
RF design, density
For years, an industry rule of thumb was to deploy one access point for every 3,600 to 5,000 square feet for data networks, and every 2,500 square feet for VoIP. ACE routinely now goes with the higher density for mobile device deployments.
There are two key benefits, Lukaszewski says. One is better Wi-Fi signal levels. Virtually all smartphones and tablets with 802.11n radios support only one data stream, and use one antenna. As a result they cannot make use of techniques like Maximal Ratio Combining (MRC), which can exploit multiple streams and antennas to boost the signal to noise ratio on the radio link.
Many mobile Wi-Fi radios are actually quite powerful in terms of transmit power. The iPhone 4S and iPad, and many other devcies, use Broadcom's BCM4329 chipset, which "easily rivals or exceeds the power of many laptop chipsets," Lukaszewski says. The "weakness" lies in the receiver's more limited capacity to process inbound frames and the inability to fall back on MRC to compensate if the signal is impaired. "They're more vulnerable to frame loss than a multi-antenna device," he says. "So keeping the signal levels high compensates for this."
Second, the greater number of access points can handle the growing client population. Enterprise users increasingly have two or more mobile devices per person. "If we have more devices in the same space [than planned], I need additional APs to support them," Lukaszewski says. Aruba and most other WLAN vendors have various techniques to distribute devices across other access points.
The real limiting factor is "how much data you can actually put on a wireless channel," Lukaszewski says. "If you slice this 'pie' too thin, they won't get the throughput they need...Customers are used to seeing '300Mbps' on access point product literature. But these mobile devices don't run close to that."
Mobile devices today typically will have an 802.11n radio that supports one data stream and has one antenna, and can only use the conventional 20-MHz wide channel (802.11n gains a lot of throughput by bonding two of these into a "fatter" 40 MHz channel, and using two or more antennas). "That means the highest data rate they can achieve is 65Mbps, the maximum single-stream rate without bonding two channels together," Lukaszewski says. And actual throughput will be even less: in the area of 40Mbps.
"If I can get 40Mbps of throughput on the access point, and I want an average of 1Mbps per device, I can only have 40 devices" on one access point, Lukaszewski says.
Just when enterprises have finally begun aggressively embracing the open 5-GHz band, first netbooks, and then smartphones and other portable devices, arrived with radios that run only in the 2.4 GHz band. Besides being crowded with devices, the 2.4 GHz band has only three non-overlapping Wi-Fi channels (tablets, like the iPad, run also on the 5 GHz band, which can have up to 21). With lots of access points in a small area, avoiding channel overlap can be tricky.
"These devices are technologically taking us back about two years from a spectrum management perspective while at the same time we're adding many, many more devices into the environment," Lukaszewski says.
Aruba now routinely recommends that in high-use areas like lecture halls, stadiums and the like that bonded 40-MHz channels simply be disabled, and more access points be packed in.
Roaming between access points for mobile devices is still a problem, though not as bad as it was just a few years ago. "In the past, early mobile devices had very poor roaming algorithms," Lukaszewski says. Once connected to an access point, many devices simply clung to it, even when the user had moved to another location with a nearby access point that had had a much better signal.
"Apple devices used to be very challenged in this regard though they've made some improvements," Lukaszewski says. "Their driver behavior is better but it's still nowhere near what we see in, for example, voice-over-IP Wi-Fi devices."
Universities and colleges in 2008 were already seeing scaling challenges with high-density WLANs, which strained such backend enterprise services as DHCP servers and IP address allocation [see "Wireless LANs face huge scaling challenges"]. The new generation of mobile devices is creating new strains all over again.
Impact on network services
"The impact of smart devices on AAA [authentication, authorization, and accounting] is massive, as these devices don't roam so much as they come online randomly as users take them out and put them away frequently," Lukaszewski says. "You will need a minimum of two times the number of AAA servers that you would need in a laptop-only environment."
Another burden is the use by mobile devices of chatty discovery protocols, especially Apple's Bonjour protocol, based on multicast DNS (MDNS). Bonjour in particular works perfectly fine in a home Wi-Fi network, to find and connect with Apple TV, or an Apple AirPrint printer. But these devices are constantly broadcasting, generating heavy loads across enterprise networks, and doing so at lower data rates than standard data traffic.
The result, says Lukaszewski, is multicast traffic can swell and bog down the WLAN. Aruba this week unveiled software that will filter MDNS traffic, and rival Aerohive announced a solution earlier this month.
At Ottawa Hospital, CIO Potter is still astonished to find doctors sitting at their desks next to a wired-in PC but using their iPads. When he asks them why, they say "Because [the iPad's] faster," a function of the tablet's instant-on capability and the WLAN's consistent reliability and throughput.
John Cox covers wireless networking and mobile computing for Network World.
Blog RSS feed: http://www.networkworld.com/community/blog/2989/feed
Read more about anti-malware in Network World's Anti-malware section.