SonicWall Wireless Access Point Deployment
There are many factors that affect performance through any wireless access point, and the SonicWall SonicPoint is no exception. Understanding your environment and preparation is key to getting the best out of your equipment. Any compromises along the way will make a difference in the end.
There a a number of resources from SonicWall that you should be aware of first and these are:
- SonicWall SonicPoint Series Datasheet (ACe/ACi & N2)
- SonicWall SonicWave2 Series Datasheet (432e/432o & 432o)
- Getting Started Guide - SonicWall SonicPoint ACe
- Getting Started Guide - SonicWall SonicPoint ACi
- Getting Started Guide - SonicWall SonicPoint N2
- Getting Started Guide - SonicWall SonicWave 432e & 432i
- Getting Started Guide - SonicWall SonicWave 432o
- SonicWall Top 7 Wireless Best Practices for Better Wi-Fi Coverage & User Experience
Being familier with these will give a great start.
The following is our own personal addition to SonicWall advice, and covers hardware only.
- The start of a deployment should always include a floorplan of the building and individual rooms, and should incclude the material that are used on each wall/window/partition etc. Electrical and high magnetic areas i.e. flourescent lights should also be considered. Even if you don't get a professional wireless survey done, the floor plan will prove invaluable and should be used to document where the access points are eventually placed.
- No matter which wireless network product you install, you should always consider a professional wireless survey. Without professional tools it will be impossible to get a full understanding of the environment as specialist tools are designed to interact with all network types, frequencies, channels, equipment (i.e. microwaves, door bells, dect phones etc.) A standard client i.e. laptop, tablet may only see a fraction. A wireless survey will require your existing wireless to be turned off during the testing. Depending on the level of survey this could take some time as to do it properly the survey should include file transfer speeds and access point orientations.
- The other major consideration is which radio to use - currently 2.4Ghz or 5.0Ghz. 2.4Ghz is used by many other devices like keyboards, DECT phones, microwave ovens, door bells, basically most products that use wireless. This makes deploying 2.4Ghz very susceptible to background interference, not least due to the limited channels available (on a 20 Mhz radio band channel you only have 3 unique channels - 1, 6 & 11 because of the spread and to avoid overlapping). 5.0Ghz would therefore seem the better option, but compatibility with older clients will be an issues, as is the shorter range. You should therefore consider a product that can offer 2.4Ghz and 5.0Ghz at the same time in the same access point. With SonicWall this is the SonicPoint-N Dual Radio (NDR).
- Be aware that there is a new standard for wireless - 802.11ac which should give some improvement to wireless deployment but this works on 5.0 Ghz only so you need to ensure all clients support this first. SonicWall will be offering 802.1ac access points at the end of 2014.
- The number of access points you deploy depends on the areas needing to be covered, as well as the number of connections expected. The latter is important as each additional connection through an access point takes bandwidth from the existing connections. All clients will share the same physical connection back to the switch. Obviously, limiting the number of connections is important which can be done on the SonicWall and would therefore force the client to connect to another, less conjested access point. If you have a saturation of clients connecting you may want to add more access points in that area and reduce the power output to limit their range. The default number of client connections is 32, but you may want to reduce this.
To cover seldom used, but needed areas you may be able to use a smaller number of access points spread out with full power.
- Placing the access points is important, they need to be away from obstructions and placed a the right height or orientation. The ideal location is upside down attached to the ceiling in the middle of the area you need to cover. The SonicPoints come with some mounting hardware and works great with the false ceiling construction using the clips to hang from the supports. You therefore need to ensure you run the networking cable to this area where you can also power the access point through a PoE switch or injector - you do not need full power sockets next to the access points. In some cases we have seen that a customer knows where they should place the acces point but don't want to the hassle or expense in running cables to the required location so they compromised by placing in a less suitable location (i.e. vertical wall next to an existing socket).
If you have no access to ceiling mounting, then sitting the access point on top of a cupboard etc. may be okay but still try to locate in a central location.
- Location of aerials: The default position of the external aerial models should be vertical, although tweeking this can help but isn't really something you can easily get 100% without the correct tools. The SonicPoint-Ni model has its aerials within the access point and will therefore be some compromise on the performance. We suggest the SonicPoint-N DR due to the dual radio capability and the advanced chipset within it. Each radio uses 3 aerials which is why the NDR has 6. In some cased the peformance may also be improved by rotating the access point around its centre axis.
You can also replace the aerial with a directional or higher gain version but this is outside of our advice.
- PoE: You must ensure that your cabling and equipment is sufficient to provide the correct power (wattage) to the access points. The SonicPoint-N DR requires more power than the Ni or Ne. Ensure your PoE Injector or switch can provide this, and that your cabling can cope woth PoE.
- Multiple SSID's: When having more than 1 SSID you will need to use VLAN's so make sure all the switches between the SonicPoint and the firewall can support this and configured to match the VLAN ids being used on each SSID. You should also have an extra VLAN to assign to the SonicPoints themselves for their management by the firewall. This is usually done on the switches by forcing the SonciPoints and firewall as Untagged. All the SSID VLANs are then set as Tagged.
- Layer 2 or Layer 3 deployment: Historically SonicPoints have been deployed using layer 2 broadcast, but the latest 5.9 or 6.2 firmware gives the option now to deploy SonicPoints over different networks using layer 3. You should refer to the relevany firmware admin guide for full details. The benefit of layer 3 deployment is that you now do not need to have a local SonicWall firewall to manage SonicPoints but can be done from a different location over a VPN or provate routed network.
Once you have the hardware installed, infrastructure configured and tested, the wireless access point profiles can then all take place on the SonicWall firewall and will also include making changes to power settings, channels, bands, frequency, interference settings, rogue access points etc.
Useful tools (all 3rd party so check before downloading and installing).