Home > Articles > Cisco Network Technology > Wireless/Optical/High Speed > Enterprise-Class Wireless LANs: Guidelines for A Successful Architecture and Design

Enterprise-Class Wireless LANs: Guidelines for A Successful Architecture and Design

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Jul 21, 2006.


  1. Architectural Considerations
  2. Design Considerations
  3. Environmental Considerations
  4. Summary

Chapter Description

This chapter adopts a "60,000-foot view" of the challenges ahead and asks you to answer some key questions on technical, financial, and program management issues. The chapter also introduces such topics as strategic preparation and planning, architectural considerations, and program management. Upon completion, you will be prepared to describe in strategic terms where you will deploy, how you will deploy, how you will fund and manage your deployment.

Part I of this book introduced WLAN technology and familiarized you with its key technical aspects. You learned about the different types of business considerations you need to make to identify, qualify, and quantify the value that WLANs can bring to your organization. You also learned about recommended strategies and practices when initiating the PPDIOO lifecycle of your WLAN. Planning and preparation focused on providing a structured approach for your deployment and highlighted areas that require preparatory work because you need to identify management and technical dependencies that are unique to your circumstances.

As you move through the various lifecycle stages, your focus shifts from strategic to tactical matters. Chapter 2, "Business Considerations," and Chapter 3, "Preparation and Planning" focus on the strategic aspects of setting up your WLAN. Part II of the book covers the next phases of the PPDIOO lifecycle. You learn about architecture, design, implementation, and operations relating to your WLAN.

The difference between architecture and design can be rather vague; however, as a rule of thumb, consider the difference as similar to that between strategic and tactical matters. In both cases, the former is concerned with where to go, whereas the latter is focused on how to actually get there. This chapter covers the strategic aspects of defining your WLAN architecture and takes a look at the tactical design considerations that are specific to WLANs.

This chapter introduces the notion of architecture and provides recommendations for developing a holistic framework that can guide the engineering effort of designing, implementing, and operating the WLAN. You learn about the key components of an effective architecture and identify the balance that must be struck between detail, complexity, and usefulness.

The WLAN design provides the necessary detail on how the solution must be built, integrated, and configured. Because many of the design considerations are identical for wired and wireless networks, this chapter focuses on those considerations that are unique to WLANs. These include the ratio of users to access points, also known as the client-to-AP ratio, the impact of roaming from cell to cell, and the physical placement of the access points.

Finally, this chapter highlights the environmental considerations that are essential for defining a WLAN architecture and design. You learn details about the impact of the physical environment, nearby radio signals, and local governmental regulations and explore the recommended practices for managing these challenges.

Architectural Considerations

Architecture is a framework of components, concepts, and practices that acts as a guide for an underlying design. A robust architecture ensures that the actual WLAN solution meets the predetermined goal for the organization while providing sufficient flexibility to manage the various engineering and operational tradeoffs that WLAN technology requires. As such, it is important that the architecture act only as a guide or baseline and not as a blueprint. This section provides recommendations for setting realistic expectations and guidelines when defining your WLAN's architecture.

WLAN Expectations

The definition of your WLAN architecture should begin with identifying and scoping your expectations and goals. A clear understanding of the business needs for WLANs will simplify alignment between technology solutions and business requirements, and will facilitate the definition of a relevant and specific WLAN architecture. The successful WLAN architecture, therefore, relies on the business considerations, as discussed in Chapter 2, and the provisioning strategy, as outlined in Chapter 3.

When you define your WLAN architecture, focus on two distinct technology alignment challenges:

  • Alignment with business requirements
  • Alignment with user requirements

To support the business, the WLAN architecture should facilitate and support the generation of a net positive value in the form of strategic, operational, or technological benefits. To effectively support the user, the architecture needs to take into account parameters such as usability, convenience, access, availability, and support. If the WLAN is not easy to use, is subject to poor coverage or uptime, or has little user support, the total WLAN experience will not be positive, resulting in little or no use of the infrastructure investment.

Key Components for an Effective WLAN Architecture

WLANs are justified by benefits such as providing mobility to the workforce, reducing the cost of infrastructure for sporadically used locations, and increasing productivity by keeping mobile users connected. As highlighted in Chapter 2, the business case for WLANs relies on your ability to identify the organizational benefits that WLANs can enable. Identifying which services and applications the WLAN must support is key to building a robust, relevant, and sustainable architecture.

Without a thorough understanding of what is demanded from the wireless communications infrastructure, there is a high probability that you will either undershoot or overshoot supply. Your WLAN architecture thus becomes the vehicle that guides and ensures proper alignment between infrastructure demand and supply. The key components for the step-by-step development of a successful WLAN architecture are

  • Determining the goal of the WLAN
  • Defining the scope of your WLAN
  • Developing your timeframe to deploy
  • Considering IT security requirements
  • Identifying the types of users and devices you want to support
  • Establishing an operational support structure and process

The following sections describe each of these considerations in more detail.

Determining the Goal of the WLAN

Because of increased adoption, more applications and services are being layered onto the WLAN. However, the number of applications utilizing wireless transport is not the only factor that is changing. The characteristics of the applications themselves are changing as well.

Traditionally, WLANs in enterprises were intended only for data traffic. The key applications were typical business productivity tools such as e-mail, web browsers, calendaring tools, and messaging. These applications produce network traffic that is irregular and noncontinuous. Periods with high network utilization are followed by periods of low network utilization, and the duration of both these periods is unpredictable. The applications are considered "bursty" as they load the network in bursts.

As WLANs became more prevalent, they started to become the preferred means of network connectivity. This resulted in bandwidth-intensive and potentially latency-sensitive applications such as video also migrating onto the wireless medium. The challenge created by these applications is that they demanded a different type of service by the network. Best-effort service became insufficient as these applications required high throughout and deterministic behavior.

A common issue with networked applications is that they are developed with little or no consideration for the resources they require from the communications infrastructure. Application developers take into consideration the notion of the network but typically fail to consider bandwidth and latency implications. The (false) assumption is that the network is always available, that bandwidth is unlimited, and that congestion and delays do not occur. As such, even though the applications and the network are tightly coupled, they are typically developed and deployed as independent components.

It is exactly this decoupling that creates the burden of carefully planning your WLAN if you want to successfully support the extension of your applications to the wireless environment. Hence, you should start with the premise that the average application is not aware of the transport medium it is using. They treat the network—wired or wireless—identically.

The challenge of applications not being aware of the network is compounded with WLANs. Indeed, most applications are developed for the wired environment. Specific characteristics of WLANs are their lower throughput and higher latency than their wired equivalents. This is typically not a problem for the bursty applications. However, WLANs can cause additional challenges for applications that demand high data rates or deterministic behavior.

The interaction between applications and the network is only one of the challenges that must be tackled when defining a WLAN architecture. Defining a wireless architecture to support voice and video also introduces specific problems that must be considered. The considerations include provisioning sufficient bandwidth for latency-sensitive voice and video streams, implementing a quality of service (QoS) solution, and ensuring fast roaming capabilities between cells. Refer to Chapter 4, "Supplementary and Complementary Services," for additional details on supporting voice and video in WLAN environments.

Defining the Scope of Your WLAN

The scope or footprint of your WLAN deployment is one characteristic that you can easily define from the start. However you define it—small, limited, partial, full-scale, or ubiquitous—there is a boundary to which you can adhere. Although the scope of your WLAN deployment has a larger impact on the planning and implementation phases, it also plays a role in the architecture.

The architecture must formalize and document the coverage your WLAN provides. The formalization of the scope serves as a guide to ensure that you neither underengineer nor overengineer your WLAN solution. Underengineering occurs when you provide insufficient resources to provide the intended degree of service. Examples include inadequate coverage due to not deploying enough access points or failing to incorporate the proper IT security standards for your organization.

Overengineering is the inverse case. This happens when more resources are supplied than are strictly needed to implement your desired solution. In this scenario, you will have squandered both time and money. An example of overengineering is deploying too many access points. In this case, you could either be overlapping coverage of access points or providing coverage in areas where there is no need for WLANs.

A key consideration when determining the scope of your WLAN is how you intend to provide operational support. Today, enterprises that extend their global reach must deal with an increased number of operational issues. Examples include selecting a scalable strategy and platform for managing the WLANs RF spectrum as well as potentially hundreds of access points and thousands of client devices.

Leverage the scope as defined in the WLAN architecture as a planning tool. This structured approach makes it easier to determine how you offer support at the different levels of the fault resolution path, and how you plan to handle onsite resources for troubleshooting. Refer to Chapter 8, "Management Strategies for Wireless LANs," for operational considerations and recommendations.

Developing Your Timeframe to Deploy

The next step is to develop a timeframe for deployment. In this case, time refers not only to the time when you begin a deployment, but also to the time it takes to complete the deployment. The proper mix of time, as it relates to the preparation, planning, design and implementation, is fundamental. Two aspects of time concern WLAN architecture and design:

  • Making timely decisions
  • Implementing the decisions before they outdate themselves

Wireless data networking is no longer a budding technology. It has built up momentum to a point where aspects of the technology are quickly superseded by more advanced features and functions. Figure 5-1 illustrates that as the time to deploy becomes extended, the probability that technology features will make a significant jump becomes greater.


Figure 5-1 Deployment Versus Technology Evolution

To manage the time it takes to deploy, adopt the following practices when defining the architecture:

  • Stay familiar with developments in WLAN technology— Set a goal of staying abreast of standards to ensure that the technology does not date itself. Establish a frequency and process that evaluates the market, and build a matrix to align the technology with the overall business direction.
  • Break up requirements into sections— By segmenting your business needs, you can align your technology solutions more easily and efficiently. Build a roadmap of the follow-on technologies that can be adopted without requiring a major change in the architecture.
  • Remind yourself that the architecture is only a framework— The architecture should not become so detailed that it impedes the growth of the network. Maintain standards but avoid defining specific engineering details in your WLAN architecture.

Considering IT Security Requirements

Many enterprises were reluctant to adopt wireless LANs because of the perceived security concerns. The main causes for worry lay in the unbound and uncontrolled nature of the RF transport medium. However, many tools and solutions have been developed that allow you to build a WLAN that is at least as secure as its wired counterpart.

The WLAN architecture plays a key role in securing your WLAN because it explicitly identifies which components must be incorporated as well as their interdependent relationships. The architecture thus effectively defines the security chain, the policies that must be adhered to, and the procedures that must be followed to secure your WLAN.

Because each WLAN component contributes in either a constructive or destructive way to the robustness of the security solution, you must first identify each of these components. Examples of the components include the following:

  • Passwords
  • Authentication and access methodology
  • Encryption and hashing standards
  • Devices and their respective operating systems

Next, the WLAN architecture must define how all the components are interrelated. This process not only ensures that there are no gaps in the security chain, but also that weaker links can be strengthened or more actively managed to provide a holistic and robust security posture. Clearly define the authentication and access methodology, the selected encryption standard, and key management policies.

The security policy and procedures that you define in your WLAN architecture must then be applied in the design, implementation, and operation stages of your WLAN's lifecycle to ensure that security considerations are not only included but also overarching. Chapter 7, "Security and Wireless LANs," details solutions and recommendations for tackling the challenge of constructing a secure WLAN.

Identifying the Types of Users and Devices You Want to Support

An important architectural consideration is the target audience. This aspect of the WLAN architecture is directly related to the people or devices and how they use the WLAN. Every usage profile has its own distinct set of considerations that needs to be included in the architecture. To simplify the challenge of incorporating user and device considerations in your WLAN architecture, start by segmenting the WLAN user-community by identifying common usage profiles.

The concept of user classes was introduced in Chapter 3. Classifying users allows you to determine the degree of relevance of WLANs for subsets of the user community. Classification is performed by grouping users who share common attributes. These profiles are based on the users' characteristic requirements that include their primary applications, degree of mobility, bandwidth and latency restrictions, level of security, and typical hours of operation.

Chapter 3 uses the segmentation in function of mobility needs to define the different user classes. The classes are named standard, mobile, roaming, hot-desk, and guest. You can opt to use the aforementioned classes, or you could, for example, simplify classification into three classes:

  • Highly mobile
  • Partially mobile
  • Nonmobile

Your WLAN architecture must not only identify the different user classes, but also specifically formalize how the WLAN will support each of the respective classes. Figure 5-2 shows an example of a breakout of users in function of mobility needs. A sample of job roles has been added for illustration. Note that this is an illustration only and by no means definitive. For example, a factory worker might need no mobility in one type of role (manufacturing) but require high mobility in another role (warehouse management).


Figure 5-2 Users by Type and Class

In addition to the WLAN user considerations, the architecture needs to identify which devices can or must be supported. When thinking about devices, focus on physical attributes. These include tethering, battery life, interoperability, computational horsepower, durability, and control on placement.

For example, clients might be intelligent and mobile such as laptop computers, or dumb and fixed as, for instance, printers and cameras. Handheld scanners can be used for a finite amount of time before their batteries run out. Finally, the placement of PDAs is hard to control, creating potential security hazards.

Different devices have capabilities and limitations that, if supported correctly, ensure performance at the desired expectations. The architecture must frame which devices will be supported by the WLAN and provide guidelines regarding their expected performance, potential pitfalls that are unique to the wireless environment, and problem mitigation strategies.

Plan for the use of devices of different manufacture. Although standards exist, each device is certain to carry its own inherent features, which can result in future compatibility challenges. In the enterprise, where enforcement of standards can be more readily managed, it might be easy to control such issues, however, there are instances where this is not the case. A prime example is a university deployment. In providing access to its student body, a university needs to support a broad assortment of end devices, operating systems, and client software.

Have your WLAN architecture provide a framework and guideline for how you will support your heterogeneous client base in a comprehensive and structured manner. Explicitly define the different user classes and their respective application characteristics and include details on how the specific devices will be supported.

Establishing an Operational Support Structure and Process

You manage the WLAN through provisioning and operational control. Provisioning is the management of systems or devices by sending configurations down to them. You can do this actively or passively. Active provisioning is a repeat process, such as a nightly download. Passive provisioning is performed only when a change is required.

Operational control is the traditional network management whereby systems and devices are monitored. Reactive operational control is performed by waiting for an event or alert and then acting upon it. Proactive operational control is performed by examining data for trends or capturing signs of trouble before an event occurs.

Given the importance of post-deployment support, your WLAN architecture should explicitly define expectations and baseline standards for the WLAN's operational support structure. This should be the case irrespective of the actual management strategy you already have or want to put in place. Strike a careful balance between customization, complexity, and value because too much customization will likely yield diminishing returns. Refer to Chapter 8 for more details on recommended operational practices.

2. Design Considerations | Next Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020