By: Richard Watson, Product Marketing Manager
Would you like to make your network provisioning and management simpler? How do you feel about going against common convention? Like yoga for healthy living, a flexible strategy for the WLAN can be healthy for the enterprise.
When WLANs made the transition from fat access points to a controller-based architecture, there was a lot good to say about them but a fundamental flaw soon surfaced. All the traffic from the APs passed through the controller (“tunneling”). Yes, this provided for the expansion of features and capabilities, but it ensured that there was an unacceptable built-in latency imposed on all applications running on the WLAN.
“Tunneling” became a technology tainted by its legacy. But there was a conundrum: for certain applications, aggregating like traffic made sense, but how could one do so without overloading IT and slowing down the network? Standard virtual LAN (VLAN) infrastructures could meet these needs by tagging the client on a single VLAN so that traffic would be routed to a specific processing destination. This approach worked but it was a configuration nightmare, requiring VLAN management whenever devices came and went, or new switches were added. What a headache!
What about implementing a flexible, secure, VLAN-based tunneled architecture that accomplishes the goals of a traditional VLAN approach but is much simpler, more secure and scalable, and minimizes the impact on IT? What if the WLAN itself can provide this? Such a concept complements existing configuration options, but now provides a means to flexibly add a new, in-line “smart” tunneling service. With this approach, SSIDs are selected to act as “aggregation” points to securely tunnel traffic across to the network distribution point.
Perhaps the simplest example of an application that can take advantage of this approach is a generic commercial “hotspot.” Using a secure tunnel for all the traffic from a location can simplify management of the link and minimize the problem of data hacking as it traverses a network. You can have it all – plus secure tunneled traffic with a “set-and-forget” simplicity. If you’re interested in learning more about this flexible approach, check out virtual SmartZone-D (vSZ-D).