13 Things Your WLAN Should be Doing (or NOT) – How Do You Measure Up?

Regardless of what WLAN vendor you have, there are 13 things you should be doing with your WLAN.

  1. Disable 1,2,5.5,11 data rates – just make sure you’re REALLY done with 802.11b (hey, 1992 called, they want their barcode scanner back)
  2. No more than 4 SSIDs active per radio – Any more and you’re creating interference for yourself.
  3. Turn on the multicast functions for all cases – Make sure it’s configured! If you don’t your multicasts will go out as broadcasts and everyone suffers.
  4. Mobility group (same name) should be 15 controllers or less – It should cover only the RF roaming space. No need for messages from one campus to flow to another.
  5. Have a low radius timeout depending on usage scenario (not a general change) – Tends to speed up authentications.
  6. Internal DHCP servers (on controllers/AP’s) shouldn’t be used – They just don’t scale well. (Great for a lab, however.)
  7. Don’t use local EAP – Does not scale well on larger networks.
  8. Recommend to change EAP retries to 4, timeout to 400ms – This speeds up the failure if someone types the wrong password.
  9. Minimum RSSI to –80 for rogue AP’s – Who cares if I can hear someone across the street. It’s not a “rogue”.
  10. Disable all rogue auto contain settings – unless absolutely needed for security reasons
  11. Enable Application Visibility – Even if you’re not building a policy for QoS or restrictions, at least it’s there for troubleshooting.
  12. Enable Fast SSID – Especially for Apple Clients
  13. Enable CleanAir if you have AP’s that are capable – Take advantage of this feature.

How did you stack up?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s