Skip to main content

Wireless Devices

Channels

  • Definition: Specific frequency segments within a band that wireless devices use to transmit data.
  • Channel width: Determines bandwidth/speed (e.g., 20 MHz, 40 MHz, 80 MHz, 160 MHz).
    • Narrower = less interference, longer range; wider = higher throughput, more susceptible to interference.
  • Non-overlapping channels: Critical to avoid co-channel interference.
    • 2.4 GHz: Only 3 non-overlapping (1, 6, 11 in most regions).
    • 5 GHz: Many more (up to ~24 non-overlapping depending on region and width).
    • 6 GHz: Even more available, fewer legacy devices, less congestion.
  • Regulatory impacts: Country-specific rules on allowed channels and power levels.
    • 802.11h: Enables Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC) to avoid radar interference (especially 5 GHz UNII-2 bands).

Frequency Options

  • 2.4 GHz:
    • Channels 1–14 (region-dependent; US uses 1–11).
    • Better range and penetration through walls.
    • More crowded (Bluetooth, microwaves, cordless phones cause interference).
    • Max practical throughput lower due to congestion and narrower channels.
  • 5 GHz:
    • Channels 36–165+ (more available, higher power allowed in some bands).
    • Higher speeds, less interference, shorter range.
    • Supports wider channels (80/160 MHz).
  • 6 GHz (introduced with Wi-Fi 6E and Wi-Fi 7):
    • Newest band, least congested.
    • Wider channels (up to 160 MHz standard), very high throughput.
    • Shorter range, requires Wi-Fi 6E/7 compatible devices.
  • Band steering: AP pushes dual/tri-band clients to less congested/higher-frequency bands (e.g., 5 GHz or 6 GHz over 2.4 GHz) for better performance.

Service Set Identifier (SSID)

  • Definition: Human-readable name of the wireless network (what users see in the list of available networks).
  • Basic Service Set Identifier (BSSID): MAC address of the specific access point (unique per AP radio).
  • Extended Service Set Identifier (ESSID): Same SSID shared across multiple APs for seamless roaming (common in enterprise/infrastructure setups).
  • Configuration tips:
    • Hide SSID (not true security—devices still broadcast probes).
    • Multiple SSIDs per AP (e.g., one for employees, one for guests).
    • SSID length: Up to 32 characters.

Network Types

  • Infrastructure mode: Most common; devices connect through an access point (AP) to a wired network.
  • Ad hoc (Independent Basic Service Set – IBSS): Peer-to-peer; devices connect directly without an AP (limited range, no central management).
  • Mesh networks: Multiple APs interconnect wirelessly to extend coverage (self-healing, no wired backhaul needed for all nodes).
  • Point-to-point: Directional links between two locations (e.g., building-to-building bridge, often uses directional antennas).

Encryption

  • Wi-Fi Protected Access 2 (WPA2):
    • Still widely used; AES-CCMP encryption.
    • Vulnerable to KRACK attack (patched in most implementations).
  • Wi-Fi Protected Access 3 (WPA3):
    • Current standard; stronger protection.
    • WPA3-Personal: Uses Simultaneous Authentication of Equals (SAE) instead of PSK (resistant to offline dictionary attacks).
    • WPA3-Enterprise: Enhanced 192-bit security suite options.
    • Opportunistic Wireless Encryption (OWE): Encrypts open networks (no password needed, but protects against eavesdropping).
  • Legacy: Avoid WEP (insecure, broken) and WPA (TKIP vulnerable).

Guest Networks

  • Purpose: Isolate untrusted users (visitors, BYOD) from internal network.
  • Features:
    • Separate SSID/VLAN/subnet.
    • Limited access (Internet only, no internal resources).
    • Bandwidth throttling or time limits common.
  • Captive portals: Redirect users to login/agreement page before granting Internet access (common in hotels, cafes, enterprises).
  • Isolation: Client isolation prevents guests from communicating with each other.

Authentication

  • Pre-shared key (PSK) / Personal:
    • Single shared passphrase for all users.
    • Easy setup, but weak if passphrase is poor or leaked.
    • Used in homes/small offices.
  • Enterprise (802.1X):
    • Uses RADIUS or similar server for per-user authentication.
    • Supports certificates, usernames/passwords, EAP methods (EAP-TLS, PEAP, EAP-TTLS).
    • Much more secure; individual revocation possible.
    • Common in businesses.

Antennas

  • Omnidirectional:
    • Radiates signal in all directions (360° horizontal).
    • Common in indoor APs for general coverage.
    • Lower gain, shorter effective range in one direction.
  • Directional:
    • Focuses signal in one direction (e.g., Yagi, patch, parabolic).
    • Higher gain, longer range, used for point-to-point or targeted coverage.
    • Reduces interference from unwanted directions.

Access Points (APs)

  • Autonomous (fat) AP:
    • Standalone; each AP configured/managed individually.
    • Suitable for small deployments.
  • Lightweight (thin) AP:
    • Managed centrally by a Wireless LAN Controller (WLC).
    • Controller handles configuration, roaming, security policies.
    • Uses protocols like CAPWAP (Control And Provisioning of Wireless Access Points).
    • Better for enterprise-scale (seamless roaming, load balancing, centralized monitoring).

Quick Exam Tips & Mnemonics

  • Frequencies: 2.4 = range/crowded; 5 = speed/less crowded; 6 = fastest/least crowded.
  • Channels: Avoid overlap → 1-6-11 (2.4 GHz); use DFS on 5 GHz radar bands.
  • Security progression: Open → WEP (avoid) → WPA → WPA2 → WPA3 (best).
  • Authentication: PSK = simple/shared; Enterprise = secure/individual.
  • Antennas: Omni = everywhere; Directional = focused/far.
  • Network types: Infrastructure = AP-based (most); Mesh = wireless backhaul; Ad hoc = no AP.

Review scenarios: "Choose best channel/frequency for high-density office" or "Configure secure guest network with isolation."