Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
General
Coverage
Capacity
Performance
QoS
Security
Hardware
Mobility
AWMS
Network Deployment Considerations
More Q&As on Network Security
Appendix - AWMS configuration Requirement
I. General
Key Advantages of Altai Solution (World's leading outdoor WiFi base station)
Larger coverage per AP (typically require 2-4 APs per square km vs. 12-24 APs for others), that means lower
total cost of ownership with Altai solution.
Improved uplink performance for low-power WiFi clients
Minimize latency for improvement of real-time applications - Unlike mesh, cellular architecture can reduce
traffic latency and it is better to support real-time applications. Mesh network induce latency due to multiple
hops problem.
Investors
Key investors include Morningside Ventures, Wong's International (Holdings), HK and US based Hi-Tech
entrepreneurs.
II. Coverage
III. Capacity
No. of users supported per A8 base station
Our base station is designed to support up to 256 associated users. Practically speaking, the number of concurrent
users supported depends on the traffic type, required data rate, access behavior, and the security setting, etc. The
maximum number concurrent users of our customers observed in the field is over 100.
Throughput
Data rate is upto 54Mbps. Throughput is upto 20Mbps for TCP and 25Mbps for UDP (Note: backhaul connection
dependent)
IV. Performance
Scalability
Yes, very scalable. Our network architecture is based on the proven cellular network architecture.
Latency
Typically less than 5ms for access link or each backhaul link. Other mesh APs use layer 3 backhaul routing and each
hop count induces 10ms latency.
Data Rate vs. Receive Sensitivity, specified at 10% PER (packet error rate)
802.11g
54Mbps
48Mbps
36Mbps
-73dBm
-76dBm
-82dBm
24Mbps
18Mbps
-85dBm
-89dBm
12Mbps
9Mbps
-90dBm
-91dBm
6Mbps
-92dBm
802.11b
11Mbps
-89dBm
5.5Mbps
2Mbps
1Mbps
-91dBm
-93dBm
-96dBm
Redundancy
The A8 incorporates Link Integrity and Self-healing Node protocols. Each access point has wireless and wired backhaul
mutually backup with each other. The Link Integrity Check feature can detect backhaul radio port health condition and
Internet access line availability for hot failure switchover.
Redundancy can also be achieved by network design, use double AP coverage for access redundancy and dual
backhaul link connection for backhaul redundancy to prevent single point of failure.
How can the number of on-line users be monitored per AP and SSID?
AWMS can view the associated client MAC address of each base station, and the web interface of A8 can also display
the associated client MAC address and IP address.
Does hidden node problem more significant due to large coverage, so more collision will occur?
In CSMA, collision occurs when both clients transmit at the same time because they can't hear each other and the
RTS/CTS mechanism is disabled. Since A8 has 4-sector architecture and each sector has dedicated radio, the hidden
node problem is limited to within a single sector. The average client distance within a sector is statistically much less
than omni antenna coverage, so the probability of hidden node is reduced. A8 also has hidden node collision avoidance
algorithm because of multiple receive capability, one of the collided packets received can be selected, whereas
standard single radio AP will neglect all the collided packets.
V. QoS
QoS support for A8 base station
A8 has WMM support which is a subset of 802.11e. It supports upto 16 VLANs/SSIDs to prioritize different traffic. Or
each VLAN/SSID can be assigned for a different service package, and it needs to integrate with 3rd-party Radius
server and bandwidth manager to offer different service package.
Bandwidth Management
The A8 doesn't have bandwidth allocation function. It needs to leverage with 3rd party product (e.g. service controller)
to do the bandwidth control per SSID or user basis.
VI. Security
A8 Encryption scheme
A8 supports encryption scheme including WEP, TKIP and AES.
A8 authentication scheme
A8 supports open key, shared key and 802.1x authentication.
A8 supports WPA, WP
VLAN Support
The AP supports VLAN tagging in the trunk port, and the SSID/VAP can be mapped to the VLAN ID.
it is important to disable inter/intra VAP traffic forwarding to maintain security among the clients.
VII. Hardware
Certifications
A8 is FCC Certified in Part 15 C & E, CE certified, SRRC and DGT certified. Type approvals in different countries (e.g.
Brazil, Malaysia, Russia) are also available
Weather-Proof Enclosures
Yes, equivalent to NEMA4X or to IP66 plus protection against corrosion.
Operating Temperature
Unit operation from 33C to 55C
Heaters will come on below approx. 0C
Backhaul
Ethernet interface and 802.11a backhaul are integrated.
Power
AC 80~264 VAC
Power consumption: Typical 20W
Max 58W (low temp, heaters turn on, and high throughput)
TX Power
TX power can be adjusted in 1 dB step from 5-23dBm.
Nominal setting is 21dBm to give EIRP of 34dBm (14dBi antenna gain, 1dB cable loss).
Mounting options
Tower, roof-top, pole or wall mounted
Lightning Protection
A8 includes lightning and surge protection in its design. It consists of various embedded lightning and surge protection
circuitries made up of gas-filled surge arrestors, thyristor surge protectors, varistors and isolation transformers,
protecting the Ethernet port, AC power, console port and internal circuitries. The protection principles are to minimize
pickup of lightning induced transients, limit transient voltages and shunt surge currents.
Moreover, the A8 has a grounding pin for connection to the building's electrical earthing facility.
In high lightning areas, an external lightning protection system is recommended.
VIII. Mobility
Client Device Dependency
The performance depends on the client device. (e.g. When the client device starts to search for a new AP, the scanning
time and the handoff time). Client devices can have different handoff mechanism: Hard Handoff (make after break) or
Soft Handoff (make before break), so handoff time are different.
By network design
In site planning phase, the cell overlapping area will be determined to enable handoff to portable clients. The APs
should be set with the same SSID and the wireless network should be designed in the same subnet to facilitate handoff.
IX. AWMS
Management Capabilities
AWMS acts as an Element Management System (EMS) used to manage Altai NEs (e.g. A8, A2, A0). The management
features basically include fault, configuration, performance, and security management. Northbound interface can be
built to integrate with the operator's NMS.
What kind of statistics can be recorded by management software over time to obtain performance
trending?
Throughput, bytes sent/received and packets sent/received statistics for all interfaces (2.4GHz, 5GHz, and Ethernet)
are available.
Hardware Configuration
Refer to AWMS Configuration Requirement in the Appendix
2. Some deployment has captive portal, could that improve the wireless security?
The captive portal is typically used only for user authentication, which prevents hackers to utilize the network resources
but does not prevent hackers from monitoring any unencrypted traffic.
5. Does Altai products provide co-exist open and more secured wireless modes?
Yes, different VAPs could have different security modes in both A8 and A2.
Common WiFi Security Attacks
The hackers sniff the user traffic through the air. If the user is not using
strong security mode, its traffic can be monitored by hackers easily. The
hackers just need a WiFi client and a downloadable software.
Problematic Security
Modes:
User Risk:
Remedy:
Attack 2: Rogue AP
Description:
The hackers setup a bad AP pretends the ISP AP, by using the same
SSID.
Problematic
Security Modes:
User Risk:
TThe type of user traffic at risk is the same as the man-in-middle attack.
However, the user exposes to the higher risk because the user login and
user session can be tracked more easily.
Remedy:
Pros:
Built-in module for accounting
Resist to man-in-middle (stronger encryption)
Resist to rogue-AP attack (using server certification)
Cons:
802.1x client compatibility
The setup procedure is too difficult for novice users
Open
WPA PSK
WPA 802.1x
XX
XX
Public Access
VV
VVV
XXX
Ease-of-use
802.1x
Pros
Cons
Enterprise-Small
Enterprise-Medium
Enterprise-Large
Carrier* (Will be
supported upon
request)
15 AP
16 - 200 AP
200 500 AP
2,000 25,000 AP
Number of
AWMS user
supported:
4-20
Number of
AWMS
Server:
1-20
Number of
Proxy per
AWMS
Server:
N/A
N/A
Number of
AP per
Proxy:
N/A
N/A
200
1000
(integrated in AWMS
Server)
System capacity
Number of
AP
supported:
Hardware Requirement
AWMS
Server
Desktop Pentium 4
2.8GHz, 2 GB RAM,
40 GB Disk space,
100M Ethernet NIC
card, Windows XP
Professional SP2
Microsoft.Net
Framework 2.0
MySQL 4.0.12 / 4.1.18
(ver. 5.0 is NOT
supported)
JDK 1.4.2
Client
(integrated in AWMS
Server)
Desktop Pentium 4
2.8GHz, 1GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP
Professional SP2,
Microsoft.Net Framework
2.0
Managed
Network
Element
Altai - A8 (ver. or
Altai - A8
above)
Altai - A0 (ver. 3.37 or
Altai - A0 (ver. 3.37 or above)
above)
Desktop Pentium 4
2.8GHz, 1 GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP Professional
SP2, Microsoft.Net
Framework 2.0
Desktop Pentium 4
2.8GHz, 1 GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP Professional
SP2, Microsoft.Net
Framework 2.0
Altai - A8
Altai - A0 (ver. 3.37 or
above)
Altai - A8
Altai - A0 (ver. 3.37 or
above)