Best Practices for Wireless and BYOD

by | Apr 1, 2021 | Technology Strategy

Whether dealing with company-owned Wi-Fi devices or bring your own devices (BYOD), wireless networks are essential for all businesses, regardless of their size. However, it is essential for information technology departments and partners to align efforts for optimizing data transfer rates and throughput to meet the organization’s performance requirements. Challenges such as dead spots in coverage, unstable connections, inefficient bandwidth usage, cybersecurity, investment assessment, deployment efficiency, and blend-in design, must be addressed during the pre-and post-deployment phases (as well as all the phases in between).

There are a number of Wi-Fi solutions available. Brands like Ruckus Wireless, Cisco, and Ubiquiti can be used to address your wireless network needs. For small- to medium-sized businesses, you may be looking for some out-of-the-box features that simplify configuration and support quick deployments. For medium- and large-scale deployments, features such as centralized AP management and controller clustering allow for simpler firmware upgrades with no downtime.

A Wi-Fi heatmap is essential for understanding the coverage and performance issues in existing wireless networks. Heatmaps can uncover weak spots in coverage and areas where there may be overlapping coverage which could cause channel contention.

ZAG deploys Wi-Fi systems with several best practices in mind. Drawing from our years of experience we have developed a few high-level tips:

Pre-installation site survey and Wi-Fi design

Getting accurate floorplans of the facility that requires Wi-Fi is essential. The scale drawings are imported into our design software where we lay out the access point locations. Our team determines each access point location and coverage overlap based on the square footage of the facility and desired area of coverage. Other factors such as reflection, attenuation, and absorption can be used to determine optimal access point location. A walk-through of the facility is necessary so we can understand the challenges of the environment before creating the final AP layout (Topology). Factors that we would consider when determining access point location would be things like solid obstacles, wall material, Wi-Fi device traffic patterns, and device density.

Wireless controller redundancy

We recommend using multiple Wi-Fi controllers in a cluster configuration whenever possible. In a cluster configuration, there is a primary controller and one or more backup controllers. This redundant configuration allows for near 100% uptime in the event of failure or maintenance of a controller. At ZAG we typically build and test the Wi-Fi solution in our lab prior to implementing it at the client site. In this manner, we can eliminate any potential issues and minimize implementation time.

Wireless LANs (SSIDs)

It is best practice to limit the number of SSIDs in a Wi-Fi environment to a maximum of four. This helps to minimize problems and keep AP channels clear from extra overhead traffic. SSID performance tuning is another important area. Settings to encourage device roaming, including: Setting BSS Min Rate to 12 Mbps, roam-factor 2.4g 3 and roam-factor 5g 3. We also use features like Dynamic Pre-shared Keys on production wireless SSIDs, which allows for flexibility in device VLAN assignments. We also recommend setting up WPA2/AES encryption which has higher maximum speeds of up to 3.46Gbps.

Access point channelization

ZAG recommends enabling 5.0GHz and disabling 2.4GHz radios whenever possible for faster data transfers because of the higher frequencies. A caveat is that legacy devices still depend on the 2.4GHz channels for connectivity. In environments with little interference from neighboring sources, we recommend setting static channels on the Wi-Fi radios for less overhead and less interference, resulting in better performance. We perform a spectrum analysis to determine the best channels to use. For 2.4GHz radios, we recommend ONLY enabling channels 1, 6, and 11 which are the non-overlapping channels.

Wireless security

Setting up wireless security protocols includes:

  • Certificate-based RADIUS authentication on 802.1x Wireless networks
  • Automated PKI certificate deployment to all Domain joined computers
  • Wi-Fi client isolation via the separation of VLANs
  • Dynamic pre-shared keys to Wi-Fi clients for MAC authentication and VLAN assignment
  • All SSIDs are set up to use WPA2/AES encryption

Standardization across a client’s offices/regions

ZAG standardizes across a client’s environment. A consistent deployment helps reduce human error and allows for seamless connectivity when a device travels between facilities. Some of the items that should be standardized include:

  • Nomenclatures for all wireless components
  • Wi-Fi controller resources
  • Wireless LANs (SSIDs): <CUST>-Private, <CUST>-Guest, <CUST>-Production
  • AP groups: offices and trailers, outside, plant
  • Power setting groups: office/trailers, outdoor, plant
  • RADIUS server configuration
  • Dynamic pre-shared key configuration
  • Roaming encouragement settings
  • AP naming consistency (indoor and outdoor APs)
  • AP maps and documentation
  • Monitoring and alerting
  • Fine-tuning
  • SLA on technical incidents
  • License management and renewals
  • Equipment serial numbers upkeeping
  • SNMP
  • NTP

Workstation settings (wireless off when hardwired)

By default, the wired interface on Windows 10 has a lower metric and therefore has priority over whether it is using the Wi-Fi or hardwired connection. We can modify via the following setting:

1 = Higher Priority, 10 = Lower priority – Higher Priority will win

To do so, navigate to Control Panel > All Control Panel Items > Network and Sharing Center > Change adapter settings (in the left pane), right-click a network, click Properties > highlight, in turn, each of the TCP/IP settings > Properties > General Tab > Advanced (at the bottom) and click the Automatic Metric box to clear the tick, then enter the value that you want in the Interface Metric field.

There is a lot to consider when setting up a Wi-Fi network for your business. Not all features are practical or necessary in all environments. ZAG specializes in designing the right Wi-Fi network utilizing the hardware and features necessary to meet the demands of your devices satisfy your business needs. Contact us for more information.

Related Content