Wireless Infrastructure

04:22 PM
Lee Badman
Lee Badman
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%
Repost This

WLAN Success During Back-to-School Deluge

My team onboarded 10,000 wireless devices as students arrived for the start of the fall semester. Here's how we made it a (mostly) painless experience.

I oversee a large wireless network at Syracuse University, and the start of the fall semester is one of our busiest times. This year my colleagues and I onboarded about 10,000 wireless devices in just a few days, with only a few hiccups. We created a recipe for success out of preparation, a great team and some useful tools, but we also hit a couple of snags.

The campus network consists of almost 4,000 access points. We’re a mostly Cisco wireless environment, with a dash of Meraki thrown in at a few remote locations. At the start of the semester, the majority of the wireless activity happens in the areas where students are moving into campus.

We have 13 dorms, 125 apartments, and somewhere shy of 8,000 beds. We run a number of secure WLANs, a guest SSID and a “helper” WLAN. The helper WLAN dead-ends into CloudPath’s XpressConnect tool for configuring devices and transitioning them to our general-purpose secure network.

Students (and their parents) have differing levels of savvy and patience with accessing a business-grade secure network as they move in, so our network team spends a few frantic days bringing it all together.

I attribute the relative ease of the process to two factors. First, we placed tech support teams in the lobbies of the student residences. We also set up multiple temporary help desks for students who needed assistance. (We typically have one central held desk.)

Second, we tried to steer everyone through the XpressConnect tool for proper supplicant configuration This puts all client devices that use it into a known, good configuration state and offers a common support model.

[802.11ac is an opportunity for WLAN vendors to dislodge competitors. If you’re thinking of brining in new blood, check out “802.11ac: Time To Change Vendors?.”]

On the problem front, we discovered a Windows 8 issue where XpressConnect would seemingly configure the device, but couldn’t get it onto the secure WLAN. A WLAN driver update or WLAN and chipset driver refresh usually did the trick, but it required more work than either the student or the support team would have preferred.

We also discovered a Java-related obstacle on a small percentage of MacBook’s that required manual configuration of supplicant settings. One of our Apple-savvy staffers solved this problem with some command line wizardry.

The team also had to be patient when addressing student complaints about our “slow” WLAN, even though it’s a well-designed 11n environment. The culprit here was that a number of students were using the rate-limited, Bluesocket-based guest WLAN rather than our full-speed secure network.

We do flood incoming students with how-to literature for campus technology services to avoid this kind of problem, but we realize this is also a period of information-overload for most students, so it’s not an appropriate time to tell them to RTFM.

One change I made this year was to add language to the guest portal to direct students from the rate-limited guest network to the fast, secure WLAN.

We Know BYOD

If you work in higher education you’ve been in a BYOD environment long before the term became trendy. Any and every device type, OS, version and health posture rolls into dorms and student apartments, including smartphones, laptops, video game consoles and printers.

Given this plethora of devices, we sometimes ran into problems. As with many schools, we don’t have a great WLAN answer for hundreds of personally owned, low-end wireless printers, so we provided students with USB cables and guidance on proper non-wireless use.

AppleTV and its ilk posed similar challenges. Apple ignores problems with its Bonjour protocol, and while Cisco (to its credit) tries to provide capabilities that allow for Apple’s toys to play well on the network, this is another area where, along with gaming consoles, we steered users to our under-used wired dorm networks. Some students bring their own wireless routers, which are prohibited by campus policy because of security and interference concerns. Cisco’s Prime Infrastructure 1.3 is not the best rogue-finding tool (past version of Cisco WNMS have been better), but we were able to slog our way through the system to eliminate a handful of offending devices.

We also take a low-tech approach to keeping forbidden devices off the network in the first place; we added “please don’t” wording on rogues to our XpressConnect utility page to get the message across as users self-configured their devices. We also periodically remind users of allowable dos and don’ts through our IT twitter account. Looking forward, we’re hoping for better experiences for wireless management (a long-running beef with Cisco) and the ability to attach more of the non-computing wireless devices to the WLAN, but at the moment we’re mostly at the mercy of the industry.

All in all, I’m generally pleased with the process. Our WLAN is rapidly growing as measured by infrastructure device counts and the number of gadgets each student uses (easily three-plus on average), yet our reported problems are very low despite wireless being the preferred access method. As any IT pro can relate, users still complain about the network being slow. The fact is, most of our problems are single-client issues, not a network fault. Other conditions also arise that “feel” like systemic wireless problems, such as a misbehaving DNS environment.

At Interop New York in October, I’ll be talking about the many things that can make good wireless seem bad and what you can do about it. You can get more information about that session here. In the meantime, here’s wishing all network admins in K-12 and higher education a good school year.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
JJx
50%
50%
JJx,
User Rank: Apprentice
9/18/2013 | 12:35:43 PM
re: WLAN Success During Back-to-School Deluge
Lee, this is great stuff! Congratulations on a smooth onboarding and registration. These issues are pretty pervasive across the industry in large (high density + large coverage area) deployments. We've been successful in solving a few of the expected issues that come with 802.11 via other technology solutions.
It's also worth mentioning that the personally-owned wireless routers can cause interference in the area and degrade the performance of the "real" WiFi networks.
Thanks for sharing!
-jj
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Apprentice
9/3/2013 | 2:25:04 PM
re: WLAN Success During Back-to-School Deluge
One of her roommates brought a wireless printer and couldn't understand why she couldn't connect to her PC. Perfect example of not enough information.
nielsen.kyle
50%
50%
nielsen.kyle,
User Rank: Apprentice
9/1/2013 | 5:07:25 AM
re: WLAN Success During Back-to-School Deluge
I have ran into several of these same issues, XpressConnect with Win8 and Java issues on the Macs. Also ran into and issue with ISE 1.1.3, with that release the EAP limit per PSN is now 4,500 (didn't find that out until speaking with the BU) which was causing authentication issues. I like the idea of having staff in the lobbies as well, I'm going to push for that next year.
LeeBadman
50%
50%
LeeBadman,
User Rank: Apprentice
8/30/2013 | 9:58:46 PM
re: WLAN Success During Back-to-School Deluge
It does go a long way. Many students have questions about TV, policy, or where things are on campus. Many of our logged tickets in the dorms are simple courtesy interactions, but the value is huge to students and families.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Apprentice
8/30/2013 | 8:54:35 PM
re: WLAN Success During Back-to-School Deluge
Getting set to move ours in at UMass Amherst in a few days. IT reps in lobbies is a great idea - they didn't have that last year, which was OK for us because we're reasonably tech literate, but some parents had frayed nerves. Maybe this year!
More Blogs from Commentary
Infrastructure Challenge: Build Your Community
Network Computing provides the platform; help us make it your community.
Edge Devices Are The Brains Of The Network
In any type of network, the edge is where all the action takes place. Think of the edge as the brains of the network, while the core is just the dumb muscle.
Fight Software Piracy With SaaS
SaaS makes application deployment easy and effective. It could eliminate software piracy once and for all.
SDN: Waiting For The Trickle-Down Effect
Like server virtualization and 10 Gigabit Ethernet, SDN will eventually become a technology that small and midsized enterprises can use. But it's going to require some new packaging.
IT Certification Exam Success In 4 Steps
There are no shortcuts to obtaining passing scores, but focusing on key fundamentals of proper study and preparation will help you master the art of certification.
Hot Topics
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
Video
Slideshows
Twitter Feed